commit 53a1e1586659d68c4233496925da7b67add939fa
Author: JulienAldon <julien.aldon@wanadoo.fr>
Date:   Sat Jan 10 14:37:03 2026 +0100

    first commit

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..381ea9a
--- /dev/null
+++ b/README.md
@@ -0,0 +1,49 @@
+# Terraform
+
+## Basic Proxmox setup
+Add `TerraformProv` role
+```sh
+pveum role add TerraformProv -privs "Datastore.Allocate Datastore.AllocateSpace Datastore.Audit Pool.Allocate Sys.Audit Sys.Console Sys.Modify VM.Allocate VM.Audit VM.Clone VM.Config.CDROM VM.Config.Cloudinit VM.Config.CPU VM.Config.Disk VM.Config.HWType VM.Config.Memory VM.Config.Network VM.Config.Options VM.Console VM.Migrate VM.Monitor VM.PowerMgmt SDN.Use"
+```
+
+Add `terraform-prov` user
+```sh
+pveum user add terraform-prov@pve --password <password>
+```
+
+Set `terraform-prov` user `TerraformProv` role
+```sh
+pveum aclmod / -user terraform-prov@pve -role TerraformProv
+```
+
+Create proxmox token for terraform API
+```sh
+pveum user token add terraform-prov@pve terraform -expire 0 -privsep 0 -comment "Terraform token"
+```
+
+## Client Setup
+Add environment variable
+```sh
+cp terraform.tfvars.example
+```
+fill with your secrets (do no push this file)
+
+
+## usefull commandes
+```sh
+opentofu.tofu init
+opentofu.tofu plan
+opentofu.tofu apply
+opentofu.tofu destroy
+```
+### on WSL
+ssh agent could be off
+if `ssh-add -L` gives
+```sh
+Could not open a connection to your authentication agent.
+```
+start and configure ssh agent
+```sh
+eval $(ssh-agent)
+ssh-add ~/.ssh/id_ed25519
+```
\ No newline at end of file