terraform-proxmox-sdn

Registry-published Terraform module for Proxmox SDN: VLAN-backed zones, VNets, subnets, optional host L3 routing, SNAT, and dnsmasq DHCP. Emits a NetBox-ready IPAM export payload.

Requirements: Terraform >= 1.5.0 · bpg/proxmox >= 0.50.0 · Proxmox VE 8.x

Source: github.com/hybridops-tech/terraform-proxmox-sdn Registry: hybridops-tech/sdn/proxmox

module "sdn" {
  source  = "hybridops-tech/sdn/proxmox"
  version = "~> 0.1.5"
  # ...
}

Deployment modes

Host-routed: Proxmox node owns L3, NAT, and DHCP. Suitable for labs, bootstrap, and single-node setups. Enable with host_l3 = true.

Edge-routed: SDN provides VLAN segmentation only; routing is delegated to a VyOS edge appliance. Used in production deployments. Enable with host_l3 = false (default).

Key capabilities

• VLAN-backed SDN zone and VNet creation
• Optional SNAT/masquerade per subnet
• Optional dnsmasq DHCP pools per subnet (requires host L3)
• ipam_prefixes output: NetBox-ready IPAM payload with prefix metadata per subnet

Recovery

Use host_reconcile_nonce to force re-application of host-side configuration (routing, SNAT, DHCP) without changing the SDN topology. Increment the nonce value to trigger idempotent re-convergence.

Brownfield adoption

Do not apply this module to manually-created SDN objects without importing them first. Run terraform import for each existing zone, VNet, and subnet before the first terraform apply.

---

Related

• GitMods: VM & LXC
• Proxmox SDN HOWTO
• Blueprint Index