Module: networking
Creates the internal Linux bridge network segments on a Proxmox node. These bridges are purely virtual — no physical NIC is attached. All inter-segment traffic is routed through a firewall VM (OPNsense).
Segments
| Bridge | CIDR | Purpose |
|---|---|---|
| management | 10.10.10.0/24 | Proxmox API access and admin tools. Proxmox host holds 10.10.10.1. |
| services | 10.10.20.0/24 | General workload VMs and containers. |
| dmz | 10.10.30.0/24 | Externally exposed workloads (e.g. web servers). |
| isolated | 10.10.40.0/24 | Lab and test workloads. No outbound access by default. |
The Proxmox host has no IP on services, dmz, or isolated — VMs on those segments have no direct path to the hypervisor.
Usage
module "networking" {
source = "../../modules/networking"
proxmox_node_name = "pve"
}
Inputs
| Name | Type | Description |
|---|---|---|
| proxmox_node_name | string | Name of the Proxmox node to create bridges on. |
Notes
- After apply, Proxmox automatically reloads the network configuration — no manual intervention required.
Sys.Modifymust be granted to the Terraform API token role to manage node network interfaces.