# K3s Master Infrastructure-as-Code

This repository tracks the Terraform + Ansible automation for provisioning and configuring K3s control-plane nodes on vSphere. Initial commit supplies scaffolding only; functional resources, modules, and tasks follow in upcoming iterations.

## Current Status
- Gitea repository `iac/k3s-master` initialized with protected `main` branch and PR review requirement.
- Terraform directory contains provider baseline, version pinning, and documented variables.
- Ansible inventory/playbook skeleton captures control-plane bootstrap flow.
- Gitea Actions workflow stub (`.gitea/workflows/plan.yml`) reserved for Terraform plan execution.

## Next Steps
1. Author Terraform data sources and VM definitions aligned with K3s sizing doc (ID 588).
2. Implement dynamic inventory output bridging Terraform state and Ansible.
3. Build hardened Ansible roles for OS baseline and K3s installation, leveraging security guidelines.
4. Replace workflow placeholders with real Terraform fmt/init/plan stages and artifact upload.

## Dependencies
- vSphere endpoint with service account credentials and API access.
- Terraform CLI >= 1.8 and HashiCorp vsphere provider >= 2.5 (managed by CI image).
- Secrets storage for vSphere credentials (Gitea Actions secrets or Vault).
- Ansible control node with access to provisioned masters for configuration.