# Wazuh on Proxmox - Plan

## Goal
Provision one VM on local Proxmox using Terraform and install Wazuh all-in-one
automatically.

## Current Assets
- Ready single-VM Proxmox Terraform baseline in `sources/iac-test/main.tf`.
- Ready multi-VM reference in `sources/multi-vm-iac/main.tf`.
- Known working Proxmox params from existing code:
  - endpoint `https://10.0.50.110:8006/`
  - node `rbmk2`
  - template VM ID `169`
  - bridge `vmbr0`
  - cloud-init user `devops`

## Selected Base
Use `iac-test` as base because target is one VM for Wazuh.

## Work Plan
1. Create clean Terraform project structure from single-VM base:
   - `main.tf`, `variables.tf`, `outputs.tf`, `versions.tf`
   - `terraform.tfvars.example`
2. Parameterize all environment-specific values:
   - Proxmox endpoint/token file path/node/template/datastore/bridge
   - VM name, CPU, RAM, disk, IP, gateway, SSH key, SSH port
3. Add cloud-init/user-data provisioning for Wazuh:
   - OS packages and prerequisites
   - run `wazuh-install.sh -a`
   - ensure services are enabled and started
4. Add post-deploy validation outputs:
   - VM IP
   - dashboard URL
   - quick health commands
5. Add runbook (`README.md`) with exact operator commands:
   - `terraform init`
   - `terraform plan -var-file=...`
   - `terraform apply -var-file=...`
   - access + agent enrollment steps
6. Optional hardening pass:
   - split Wazuh install from VM creation (null_resource/ansible)
   - add destroy safeguards and tags

## Open Inputs Needed Before Apply
- Final static IP for Wazuh VM in LAN.
- Whether to keep default Wazuh ports (443, 1514, 1515) exposed as-is.
- Template `169` confirmation (cloud-init enabled and qemu-guest-agent present).