diff --git a/README.md b/README.md index 2774ab0..8a92fb2 100644 --- a/README.md +++ b/README.md @@ -31,6 +31,7 @@ terraform apply main.tf: ``` provider "proxmox" { + pm_tls_insecure = true } resource "proxmox_vm_qemu" "test" { diff --git a/proxmox/provider.go b/proxmox/provider.go index cce6b12..960777f 100644 --- a/proxmox/provider.go +++ b/proxmox/provider.go @@ -1,6 +1,7 @@ package proxmox import ( + "crypto/tls" "fmt" "regexp" "strconv" @@ -47,6 +48,11 @@ func Provider() *schema.Provider { Optional: true, Default: 4, }, + "pm_tls_insecure": { + Type: schema.TypeBool, + Optional: true, + Default: false, + }, }, ResourcesMap: map[string]*schema.Resource{ @@ -61,7 +67,7 @@ func Provider() *schema.Provider { } func providerConfigure(d *schema.ResourceData) (interface{}, error) { - client, err := getClient(d.Get("pm_api_url").(string), d.Get("pm_user").(string), d.Get("pm_password").(string)) + client, err := getClient(d.Get("pm_api_url").(string), d.Get("pm_user").(string), d.Get("pm_password").(string), d.Get("pm_tls_insecure").(bool)) if err != nil { return nil, err } @@ -76,8 +82,12 @@ func providerConfigure(d *schema.ResourceData) (interface{}, error) { }, nil } -func getClient(pm_api_url string, pm_user string, pm_password string) (*pxapi.Client, error) { - client, _ := pxapi.NewClient(pm_api_url, nil, nil) +func getClient(pm_api_url string, pm_user string, pm_password string, pm_tls_insecure bool) (*pxapi.Client, error) { + tlsconf := &tls.Config{InsecureSkipVerify: true} + if !pm_tls_insecure { + tlsconf = nil + } + client, _ := pxapi.NewClient(pm_api_url, nil, tlsconf) err := client.Login(pm_user, pm_password) if err != nil { return nil, err diff --git a/proxmox/provisioner.go b/proxmox/provisioner.go index b295831..462a7d5 100644 --- a/proxmox/provisioner.go +++ b/proxmox/provisioner.go @@ -44,7 +44,7 @@ func applyFn(ctx context.Context) error { vmr.SetNode(targetNode) client := currentClient if client == nil { - client, err = getClient(connInfo["pm_api_url"], connInfo["pm_user"], connInfo["pm_password"]) + client, err = getClient(connInfo["pm_api_url"], connInfo["pm_user"], connInfo["pm_password"], connInfo["pm_tls_insecure"] == "true") if err != nil { return err } diff --git a/proxmox/resource_vm_qemu.go b/proxmox/resource_vm_qemu.go index f3b0432..d14d968 100644 --- a/proxmox/resource_vm_qemu.go +++ b/proxmox/resource_vm_qemu.go @@ -111,9 +111,6 @@ func resourceVmQemu() *schema.Resource { Optional: true, Sensitive: true, DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool { - if old == "" { - return true - } return strings.TrimSpace(old) == strings.TrimSpace(new) }, }, @@ -244,14 +241,15 @@ func resourceVmQemuCreate(d *schema.ResourceData, meta interface{}) error { pmParallelEnd(pconf) d.SetConnInfo(map[string]string{ - "type": "ssh", - "host": d.Get("ssh_forward_ip").(string), - "port": sshPort, - "user": d.Get("ssh_user").(string), - "private_key": d.Get("ssh_private_key").(string), - "pm_api_url": client.ApiUrl, - "pm_user": client.Username, - "pm_password": client.Password, + "type": "ssh", + "host": d.Get("ssh_forward_ip").(string), + "port": sshPort, + "user": d.Get("ssh_user").(string), + "private_key": d.Get("ssh_private_key").(string), + "pm_api_url": client.ApiUrl, + "pm_user": client.Username, + "pm_password": client.Password, + "pm_tls_insecure": "true", // TODO - pass pm_tls_insecure state around, but if we made it this far, default insecure }) switch d.Get("os_type").(string) {