## sudo terraform destroy --auto-approve && sudo terraform apply --auto-approve
locals {
  container  = "OpenLDAP"
  image      = "debian/10/amd64"
  lxc_exec   = "lxc exec ${local.container} --"
  lxc_device = "lxc config device add ${local.container}"
  local_exec = [
    "${local.lxc_device} http proxy listen=tcp:0.0.0.0:80 connect=tcp:127.0.0.1:80",
    "${local.lxc_device} httpS proxy listen=tcp:0.0.0.0:81 connect=tcp:127.0.0.1:443",
    "${local.lxc_device} SSH proxy listen=tcp:0.0.0.0:82 connect=tcp:127.0.0.1:22",
    "${local.lxc_exec} bash /01-Setup.bash",
  ]
}
resource "lxd_container" "c1" {
  name      = local.container
  image     = lxd_cached_image.image.fingerprint
  ephemeral = false
  profiles  = ["${lxd_profile.p1.name}"]
  provisioner "local-exec" {
    command = join(" && ", local.local_exec)
  }
  file {
    source      = "../scripts/01-Setup.bash"
    target_file = "/01-Setup.bash"
  }
  file {
    content            = file("../scripts/id_rsa.pub")
    target_file        = "/root/.ssh/authorized_keys"
    create_directories = true
  }
}
resource "lxd_profile" "p1" {
  name = "${local.container}-profile"
  device {
    name       = "eth0"
    type       = "nic"
    properties = {
      nictype = "macvlan"
      //nictype = "bridged"
      parent  = "enp4s0"
    }
  }
  device {
    type       = "disk"
    name       = "root"
    properties = {
      pool = "default"
      path = "/"
    }
  }
  //device {
  //  type = "disk"
  //  name = "shared"
  //  properties = {
  //    source = "/mnt/containerShared"
  //    path   = "/mnt/containerShared"
  //  }
  //}
  config = {
    "limits.cpu" = 3
  }
}
resource "lxd_cached_image" "image" {
  source_remote = "images"
  source_image  = local.image
}
output "container_name" {
  value = lxd_container.c1.name
}
terraform {
  required_providers {
    lxd = {
      source = "terraform-lxd/lxd"
    }
  }
}
provider "lxd" {
  generate_client_certificates = true
  accept_remote_certificate    = true
}