wazuh-proxmox-iac/docs/PLAN.md

Wazuh on Proxmox - Plan

Goal

Provision one VM on local Proxmox using Terraform and install Wazuh all-in-one automatically.

Current Assets

• Ready single-VM Proxmox Terraform baseline in sources/iac-test/main.tf.
• Ready multi-VM reference in sources/multi-vm-iac/main.tf.
• Known working Proxmox params from existing code:
  • endpoint https://10.0.50.110:8006/
  • node rbmk2
  • template VM ID 169
  • bridge vmbr0
  • cloud-init user devops

Selected Base

Use iac-test as base because target is one VM for Wazuh.

Work Plan

1. Create clean Terraform project structure from single-VM base:
   • main.tf, variables.tf, outputs.tf, versions.tf
   • terraform.tfvars.example
2. Parameterize all environment-specific values:
   • Proxmox endpoint/token file path/node/template/datastore/bridge
   • VM name, CPU, RAM, disk, IP, gateway, SSH key, SSH port
3. Add cloud-init/user-data provisioning for Wazuh:
   • OS packages and prerequisites
   • run wazuh-install.sh -a
   • ensure services are enabled and started
4. Add post-deploy validation outputs:
   • VM IP
   • dashboard URL
   • quick health commands
5. Add runbook (README.md) with exact operator commands:
   • terraform init
   • terraform plan -var-file=...
   • terraform apply -var-file=...
   • access + agent enrollment steps
6. Optional hardening pass:
   • split Wazuh install from VM creation (null_resource/ansible)
   • add destroy safeguards and tags

Open Inputs Needed Before Apply

• Final static IP for Wazuh VM in LAN.
• Whether to keep default Wazuh ports (443, 1514, 1515) exposed as-is.
• Template 169 confirmation (cloud-init enabled and qemu-guest-agent present).