36 lines
1.2 KiB
Markdown
36 lines
1.2 KiB
Markdown
# Module: networking
|
|
|
|
Creates the internal Linux bridge network segments on a Proxmox node. These bridges are purely virtual — no physical NIC is attached. All inter-segment traffic is routed through a firewall VM (OPNsense).
|
|
|
|
## Segments
|
|
|
|
| Bridge | CIDR | Purpose |
|
|
|--------|------|---------|
|
|
| management | 10.10.10.0/24 | Proxmox API access and admin tools. Proxmox host holds 10.10.10.1. |
|
|
| services | 10.10.20.0/24 | General workload VMs and containers. |
|
|
| dmz | 10.10.30.0/24 | Externally exposed workloads (e.g. web servers). |
|
|
| isolated | 10.10.40.0/24 | Lab and test workloads. No outbound access by default. |
|
|
|
|
The Proxmox host has no IP on services, dmz, or isolated — VMs on those segments have no direct path to the hypervisor.
|
|
|
|
## Usage
|
|
|
|
```hcl
|
|
module "networking" {
|
|
source = "../../modules/networking"
|
|
|
|
proxmox_node_name = "pve"
|
|
}
|
|
```
|
|
|
|
## Inputs
|
|
|
|
| Name | Type | Description |
|
|
|------|------|-------------|
|
|
| proxmox_node_name | string | Name of the Proxmox node to create bridges on. |
|
|
|
|
## Notes
|
|
|
|
- After apply, Proxmox automatically reloads the network configuration — no manual intervention required.
|
|
- `Sys.Modify` must be granted to the Terraform API token role to manage node network interfaces.
|