fix(ci): Use environment variables instead of tfvars file

Remove terraform.tfvars.example copy that was overriding secret values. Now using TF_VAR_* environment variables exclusively to properly inject secrets from Forgejo.

.forgejo/workflows/ci.yml

@@ -42,17 +42,29 @@ jobs:
               echo "--- Planning $dir ---"
               (
                 cd "$dir" && \
-                cp ../terraform.tfvars.example terraform.tfvars && \
                 tofu init && \
                 tofu plan -out="tfplan-$(basename $dir)" || echo "WARNING: Plan failed for $(basename $dir) - node may be unavailable"
               )
             fi
           done
         env:
+          TF_VAR_proxmox_api_url: "https://192.168.100.10:8006/api2/json"
           TF_VAR_proxmox_token_id: ${{ secrets.PROXMOX_TOKEN_ID }}
           TF_VAR_proxmox_token_secret: ${{ secrets.PROXMOX_TOKEN_SECRET }}
+          TF_VAR_proxmox_tls_insecure: "true"
           TF_VAR_ssh_public_key: ${{ secrets.SSH_PUBLIC_KEY }}
           TF_VAR_forgejo_token: ${{ secrets.GIT_TOKEN }}
+          TF_VAR_forgejo_repo_url: ${{ secrets.GIT_REPO_URL }}
+          TF_VAR_k3s_version: "v1.28.5+k3s1"
+          TF_VAR_ubuntu_template: "ubuntu-2404-cloudinit"
+          TF_VAR_storage_pool: "linstor_storage"
+          TF_VAR_snippets_storage: "local"
+          TF_VAR_k3s_network_bridge: "k3s"
+          TF_VAR_k3s_gateway: "10.100.20.1"
+          TF_VAR_k3s_dns: '["10.100.20.1", "1.1.1.1"]'
+          TF_VAR_k3s_server_1_config: '{ ip = "10.100.20.10/24", cores = 6, memory = 12288, disk_size = "100G" }'
+          TF_VAR_k3s_server_2_config: '{ ip = "10.100.20.20/24", cores = 6, memory = 12288, disk_size = "100G" }'
+          TF_VAR_etcd_witness_config: '{ ip = "10.100.20.30/24", cores = 2, memory = 2048, disk_size = "20G" }'
 
       - name: Upload Terraform Plan
         if: github.event_name == 'push' && github.ref == 'refs/heads/main'