Misc improvements

main.tf

@@ -76,11 +76,14 @@ resource "libvirt_domain" "virt-machine" {
       "date"
     ]
     connection {
-      type        = "ssh"
-      user        = var.ssh_admin
-      host        = self.network_interface[0].addresses[0]
-      private_key = var.ssh_private_key != null ? file(var.ssh_private_key) : null
-      timeout     = "2m"
+      type                = "ssh"
+      user                = var.ssh_admin
+      host                = self.network_interface[0].addresses[0]
+      private_key         = try(file(var.ssh_private_key), var.ssh_private_key, null)
+      timeout             = "2m"
+      bastion_host        = var.bastion_host
+      bastion_user        = var.bastion_user
+      bastion_private_key = try(file(var.bastion_ssh_private_key), var.bastion_ssh_private_key, null)
     }
   }
 }

variables.tf

@@ -70,6 +70,16 @@ variable "xml_override" {
       vendor  = string
       product = string
     }))
+    pci_devices_passthrough = list(object({
+      src_domain = string
+      src_bus    = string
+      src_slot   = string
+      src_func   = string
+      dst_domain = string
+      dst_bus    = string
+      dst_slot   = string
+      dst_func   = string
+    }))
   })
   default = {
 
@@ -86,6 +96,18 @@ variable "xml_override" {
       #   vendor = "0x0123",
       #   product = "0xabcd"
       # }
+    ],
+    pci_devices_passthrough = [
+      #{
+      #  src_domain = "0x0000",
+      #  src_bus = "0xc1",
+      #  src_slot = "0x00",
+      #  src_func = "0x0",
+      #  dst_domain = "0x0000",
+      #  dst_bus = "0x00",
+      #  dst_slot = "0x08"
+      #  dst_func = "0x0"
+      #}
     ]
   }
 
@@ -185,7 +207,7 @@ variable "time_zone" {
 }
 
 variable "ssh_private_key" {
-  description = "Private key for SSH connection test"
+  description = "Private key for SSH connection test (either path to file or key content)"
   type        = string
   default     = null
 }
@@ -211,3 +233,21 @@ variable "graphics" {
     error_message = "Graphics type not supported. Only 'spice' or 'vnc' are valid options."
   }
 }
+
+variable "bastion_host" {
+  description = "Bastion host"
+  type        = string
+  default     = null
+}
+
+variable "bastion_user" {
+  description = "Bastion ssh user"
+  type        = string
+  default     = null
+}
+
+variable "bastion_ssh_private_key" {
+  description = "Bastion private key for SSH connection test (either path to file or key content)"
+  type        = string
+  default     = null
+}

xslt/template.tftpl

@@ -44,6 +44,29 @@
             <xsl:attribute name="model">${usb_controller.model}</xsl:attribute>
         </xsl:element>
 %{ endfor ~}
+%{if pci_devices_passthrough != [] ~}
+%{ for pci_devices in pci_devices_passthrough ~}
+        <xsl:element name="hostdev">
+            <xsl:attribute name="type">pci</xsl:attribute>
+            <xsl:attribute name="managed">yes</xsl:attribute>
+            <xsl:element name="source">
+              <xsl:element name="address">
+                <xsl:attribute name="domain">${pci_devices.src_domain}</xsl:attribute>
+                <xsl:attribute name="bus">${pci_devices.src_bus}</xsl:attribute>
+                <xsl:attribute name="slot">${pci_devices.src_slot}</xsl:attribute>
+                <xsl:attribute name="function">${pci_devices.src_func}</xsl:attribute>
+              </xsl:element>
+            </xsl:element>
+            <xsl:element name="address">
+              <xsl:attribute name="type">pci</xsl:attribute>
+              <xsl:attribute name="domain">${pci_devices.dst_domain}</xsl:attribute>
+              <xsl:attribute name="bus">${pci_devices.dst_bus}</xsl:attribute>
+              <xsl:attribute name="slot">${pci_devices.dst_slot}</xsl:attribute>
+              <xsl:attribute name="function">${pci_devices.dst_func}</xsl:attribute>
+            </xsl:element>
+        </xsl:element>
+%{ endfor ~}
+%{ endif ~}
     </xsl:copy>
   </xsl:template>
 </xsl:stylesheet>