mirrors/terraform-provider-proxmox
0
0
Fork 0
mirror of https://github.com/bpg/terraform-provider-proxmox.git synced 2025-07-02 03:22:59 +00:00
Code

fix(docs): improve "SSH User" section describing sudo privileges (#1522)

Browse Source 
Signed-off-by: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
This commit is contained in:
Pavel Boldyrev 2024-09-08 17:29:53 -04:00 committed by GitHub
parent a0bce8d699
commit 84d55cf569
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 15 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/index.md
View File

@ -178,31 +178,39 @@ When using a non-root user for the SSH connection, the user **must** have the `s
-> If you run clustered Proxmox VE, you will need to configure the `sudo` privilege for the user on all nodes in the cluster. -> If you run clustered Proxmox VE, you will need to configure the `sudo` privilege for the user on all nodes in the cluster.
-> `sudo` may not be installed by default on Proxmox VE nodes. You can install it via the command line on the Proxmox host: `apt install sudo`
~> The `root` user on the Proxmox node must be configured with `bash` as the default shell. ~> The `root` user on the Proxmox node must be configured with `bash` as the default shell.
You can configure the `sudo` privilege for the user via the command line on the Proxmox host. In the example below, we create a user `terraform` and assign the `sudo` privilege to it: You can configure the `sudo` privilege for the user via the command line on the Proxmox host.
In the example below, we create a user `terraform` and assign the `sudo` privilege to it. Run the following commands on the Proxmox node in the root shell:
- Create a new system user: - Create a new system user:
```sh ```sh
sudo useradd -m terraform useradd -m terraform
``` ```
- Configure the `sudo` privilege for the user: - Configure the `sudo` privilege for the user, by adding a new sudoers file to the `/etc/sudoers.d` directory:
```sh ```sh
sudo visudo visudo -f /etc/sudoers.d/terraform
``` ```
Add the following lines to the end of the file, but **before** the `@includedir /etc/sudoers.d` line: Add the following lines to the file:
```sh ```text
terraform ALL=(root) NOPASSWD: /sbin/pvesm terraform ALL=(root) NOPASSWD: /sbin/pvesm
terraform ALL=(root) NOPASSWD: /sbin/qm terraform ALL=(root) NOPASSWD: /sbin/qm
terraform ALL=(root) NOPASSWD: /usr/bin/tee /var/lib/vz/* terraform ALL=(root) NOPASSWD: /usr/bin/tee /var/lib/vz/*
``` ```
Save the file and exit. If you're using a different datastore for snippets, not the default `local`, you should add the datastore's mount point to the sudoers file as well, for example:
```text
terraform ALL=(root) NOPASSWD: /usr/bin/tee /mnt/pve/cephfs/*
```
You can find the mount point of the datastore by running `pvesh get /storage/<name>` on the Proxmox node.
- Copy your SSH public key to the `~/.ssh/authorized_keys` file of the `terraform` user on the target node. - Copy your SSH public key to the `~/.ssh/authorized_keys` file of the `terraform` user on the target node.