This repository contains [terraform](https://www.terraform.io/) for imfreedom

resources.

All machines are configured to be logged into via the `admin` user account.

There are a number of reasons for this, but the most important one is that

`sudo` uses get logged for normal users which the `admin` user is.

TLDR: install mkisofs, libvirt, [terraform](https://www.terraform.io/),

[terraform-libvirt-provider](https://github.com/dmacvicar/terraform-provider-libvirt),

and make sure the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment

variables are properly set to the imfreedom [minio](https://data.imfreedom.org)

instance.

`Terraform` can be run from anywhere that this repository is cloned to with a

few caveats. First you need to install [terraform](https://www.terraform.io/).

I typically install it to `~/.local/bin/`. Verify `Terraform` is installed and

on your path by running `terraform version`.

~~Once you have a working `Terraform` install you need to install the

[terraform-libvirt-provider](https://github.com/dmacvicar/terraform-provider-libvirt).

This should be installed into `~/.terraform.d/plugins`.~~

This might be done by `terraform init` now.

Next we need to make sure that `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`

environment variables are set to your credentials to the imfreedom

[minio](https://data.imfreedom.org/) instance. If you need credentials, talk

to grim. To make sure these environment variables are set, I recommend using

[direnv](https://direnv.net/) and saving them to your `.envrc` in your clone.

This file is already ignored in `.hgignore`

On Debian based hosts there is an apparmor policy that is missing that will

cause permission errors. To fix it you need to add the following to

`/etc/apparmor.d/abstractions/libvirt-qemu`. I've been putting it at the end

of the file and everything is fine.

To actually `Terraform` a node, we first need to create a `<node>.tfvars` in

the `nodes/` directory. A bare minimal example is below.

`libvirt_uri` is the connect string for libvirt.

You can also use the `volume_pool` variable to use a different volume pool.

There is an optional `node_prefix` setting you can use to prefix all of the

host names for the machines. This prefix will not change the names of the

machines in libvirt, it's meant to disambiguate the machines in tailscale. It's

obvious what node they belong to when you're looking at the nodes but in

tailscale we don't have that luxury.

Once that file is created you can provision the node via:

Based on the number of vms, this can take quite a bit of time so make sure to

run it in screen/tmux and maintain a stable internet connection.

Additional configuration for the `<node>.tfvars` file is below in the section

for each machine type.

The FreeBSD AMD64 machines have a number of options which are explained below.

These should be set in your `<node>.tfvars` file.

**freebsd_amd64_count**: How many FreeBSD AMD64 machines to create. The default

is `0`.

**freebsd_amd64_volume_pool**: The name of which `libvirt` volume pool to use.

This is seldomly changed, but defaults to `default`.

**freebsd_amd64_ssh_pubkeys**: A list of SSH public keys that are allowed to

connect to this machine. The default is an empty list which means you will not

be able to get into the machine.

**freebsd_amd64_base_image**: A dictionary containing information about the

base image.

This has keys for the name, source URI, and format of the image.

The name is the name to use in the libvirt storage pool. This defaults to

`freebsd-amd64-base`.

The `source` key is the URI to the file itself. We are currently uses images

from [bsd-cloud-image.org](https://bsd-cloud-image.org/). Getting the URIs from

there is kind of annoying as you have to start a download to get it.

Finally the `format` key the format of the image pointed to by the `source`

key. Currently this is `qcow2`.

**freebsd_amd64_volume_size**: The size of the HDD for the machine. This

defaults to `10GB`.

**freebsd_amd64_memory_size**: The amount of memory to give to the machine.

Defaults to `1GB`.

**freebsd_amd64_cpu_count**: The number of CPUs to give the machine. Defaults

to `1`.

**freebsd_amd64_network_name**: The name of the libvirt network to use. This is

seldomly changed, but defaults to `default`.