apiVersion: v1
kind: Secret
metadata:
  name: proxmox-credentials
  namespace: crossplane-system
type: Opaque
stringData:
  username: "root@pam"
  # WARNING: Replace with your actual credentials!
  # Do not commit real passwords to version control.
  password: "YOUR_PROXMOX_PASSWORD_HERE"
---
apiVersion: proxmox.sankofa.nexus/v1alpha1
kind: ProviderConfig
metadata:
  name: proxmox-provider-config
spec:
  credentials:
    source: Secret
    secretRef:
      name: proxmox-credentials
      namespace: crossplane-system
      # Note: The 'key' field is optional and ignored by the controller.
      # The controller reads 'username' and 'password' keys from the secret.
      # For token-based auth, use 'token' and 'tokenid' keys instead.
  sites:
    # Site names must match the 'site' field in VM specifications
    # VM specs use 'site-1' and 'site-2', so these names must match exactly
    - name: site-1
      endpoint: "https://192.168.11.10:8006"
      node: "ml110-01"
      insecureSkipTLSVerify: true
    - name: site-2
      endpoint: "https://192.168.11.11:8006"
      node: "r630-01"
      insecureSkipTLSVerify: true