Dagger
Search

vm

and configuration using Terraform and Ansible, integrated with secure secret
management via Vault and SOPS.

This generated module was created with dagger init as a starting point for VM-related
operations. It demonstrates key DevOps tasks such as decrypting secrets, applying
Terraform infrastructure changes, generating dynamic Ansible inventories, and
executing Ansible playbooks to configure VMs. The module is designed to be flexible
and extensible to support your infrastructure automation needs.

The primary function Bake orchestrates this workflow, accepting Terraform directories,
encrypted files, Vault credentials, and Ansible parameters as inputs. It optionally
decrypts SOPS-encrypted configuration files before applying Terraform operations,
then parses Terraform outputs to generate inventory files for Ansible. It supports
multiple inventory types and allows you to specify Ansible playbooks and credentials.

This module can be invoked from the Dagger CLI or programmatically via the SDK,
making it suitable for integrating into CI/CD pipelines, GitOps workflows, or
custom operator/controller logic.

Future enhancements planned include:
- Rendering manifests or configs to branches/PRs for GitOps-style deployments
- Seamless integration with SOPS for secret management and decryption
- Advanced Terraform execution and output parsing features
- Enhanced Ansible inventory generation and execution customization
- VM testing and validation steps post-provisioning
- Automated merge requests/PR handling post-deployment

This documentation serves both as a high-level overview and a detailed guide
to the module’s capabilities and intended use cases.

Installation

dagger install github.com/stuttgart-things/blueprints/vm@v1.11.1

Entrypoint

Return Type 
Vm
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \

func (m *MyModule) Example() *dagger.Vm  {
	return dag.
			Vm()
}
@function
def example() -> dagger.Vm:
	return (
		dag.vm()
	)
@func()
example(): Vm {
	return dag
		.vm()
}

Types

Vm 🔗

baseImage() 🔗

Return Type 
String !
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 base-image
func (m *MyModule) Example(ctx context.Context) string  {
	return dag.
			Vm().
			BaseImage(ctx)
}
@function
async def example() -> str:
	return await (
		dag.vm()
		.base_image()
	)
@func()
async example(): Promise<string> {
	return dag
		.vm()
		.baseImage()
}

decryptSops() 🔗

Return Type 
String !
Arguments
NameTypeDefault ValueDescription
sopsKeySecret !-No description provided
encryptedFileFile !-No description provided
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 decrypt-sops --sops-key env:MYSECRET --encrypted-file file:path
func (m *MyModule) Example(ctx context.Context, sopsKey *dagger.Secret, encryptedFile *dagger.File) string  {
	return dag.
			Vm().
			DecryptSops(ctx, sopsKey, encryptedFile)
}
@function
async def example(sops_key: dagger.Secret, encrypted_file: dagger.File) -> str:
	return await (
		dag.vm()
		.decrypt_sops(sops_key, encrypted_file)
	)
@func()
async example(sopsKey: Secret, encryptedFile: File): Promise<string> {
	return dag
		.vm()
		.decryptSops(sopsKey, encryptedFile)
}

executeAnsible() 🔗

Return Type 
Boolean !
Arguments
NameTypeDefault ValueDescription
srcDirectory -No description provided
playbooksString !-No description provided
requirementsFile -No description provided
inventoryFile -No description provided
parametersString -No description provided
vaultAppRoleIdSecret -No description provided
vaultSecretIdSecret -No description provided
vaultUrlSecret -No description provided
sshUserSecret -No description provided
sshPasswordSecret -No description provided
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 execute-ansible --playbooks string
func (m *MyModule) Example(ctx context.Context, playbooks string) bool  {
	return dag.
			Vm().
			ExecuteAnsible(ctxplaybooks)
}
@function
async def example(playbooks: str) -> bool:
	return await (
		dag.vm()
		.execute_ansible(playbooks)
	)
@func()
async example(playbooks: string): Promise<boolean> {
	return dag
		.vm()
		.executeAnsible(playbooks)
}

bakeFromGit() 🔗

Return Type 
Directory !
Arguments
NameTypeDefault ValueDescription
gitRepositoryString !-Repository to clone from GitHub
gitRefString "main"Ref/Branch to checkout - If not specified, defaults to "main"
gitTokenSecret -Github token for authentication (private repositories)
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 bake-from-git --git-repository string
func (m *MyModule) Example(gitRepository string) *dagger.Directory  {
	return dag.
			Vm().
			BakeFromGit(gitRepository)
}
@function
def example(git_repository: str) -> dagger.Directory:
	return (
		dag.vm()
		.bake_from_git(git_repository)
	)
@func()
example(gitRepository: string): Directory {
	return dag
		.vm()
		.bakeFromGit(gitRepository)
}

executeTerraform() 🔗

Return Type 
Directory !
Arguments
NameTypeDefault ValueDescription
terraformDirDirectory !-No description provided
operationString "apply"No description provided
variablesString -e.g., "cpu=4,ram=4096,storage=100"
vaultRoleIdSecret -vaultRoleID
vaultSecretIdSecret -vaultSecretID
vaultTokenSecret -vaultToken
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 execute-terraform --terraform-dir DIR_PATH
func (m *MyModule) Example(terraformDir *dagger.Directory) *dagger.Directory  {
	return dag.
			Vm().
			ExecuteTerraform(terraformDir)
}
@function
def example(terraform_dir: dagger.Directory) -> dagger.Directory:
	return (
		dag.vm()
		.execute_terraform(terraform_dir)
	)
@func()
example(terraformDir: Directory): Directory {
	return dag
		.vm()
		.executeTerraform(terraformDir)
}

outputTerraformRun() 🔗

Return Type 
String !
Arguments
NameTypeDefault ValueDescription
terraformDirDirectory !-No description provided
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 output-terraform-run --terraform-dir DIR_PATH
func (m *MyModule) Example(ctx context.Context, terraformDir *dagger.Directory) string  {
	return dag.
			Vm().
			OutputTerraformRun(ctx, terraformDir)
}
@function
async def example(terraform_dir: dagger.Directory) -> str:
	return await (
		dag.vm()
		.output_terraform_run(terraform_dir)
	)
@func()
async example(terraformDir: Directory): Promise<string> {
	return dag
		.vm()
		.outputTerraformRun(terraformDir)
}

bakeLocal() 🔗

Return Type 
Directory !
Arguments
NameTypeDefault ValueDescription
terraformDirDirectory !-No description provided
operationString "apply"No description provided
variablesString -e.g., "cpu=4,ram=4096,storage=100"
encryptedFileFile -No description provided
sopsKeySecret -No description provided
vaultRoleIdSecret -No description provided
vaultSecretIdSecret -No description provided
vaultTokenSecret -vaultToken
vaultUrlSecret -No description provided
ansibleInventoryTemplateFile -No description provided
ansiblePlaybooksString -No description provided
ansibleRequirementsFileFile -No description provided
ansibleUserSecret -No description provided
ansiblePasswordSecret -No description provided
ansibleParametersString -No description provided
ansibleInventoryTypeString "default"No description provided
Example
dagger -m github.com/stuttgart-things/blueprints/vm@770e87908743dbf186663bf48721d650b5632e7f call \
 bake-local --terraform-dir DIR_PATH
func (m *MyModule) Example(terraformDir *dagger.Directory) *dagger.Directory  {
	return dag.
			Vm().
			BakeLocal(terraformDir)
}
@function
def example(terraform_dir: dagger.Directory) -> dagger.Directory:
	return (
		dag.vm()
		.bake_local(terraform_dir)
	)
@func()
example(terraformDir: Directory): Directory {
	return dag
		.vm()
		.bakeLocal(terraformDir)
}