variable "azure_private_key_path" { default = "/home/student/.ssh/azure" } data "local_file" "azure_private_key" { filename = var.azure_private_key_path } # Azure resource "azurerm_virtual_network" "main" { name = "${var.prefix}-network" address_space = ["10.0.0.0/16"] location = var.azure_location resource_group_name = var.azure_resourcegroup } resource "azurerm_subnet" "main" { name = "internal" resource_group_name = var.azure_resourcegroup virtual_network_name = azurerm_virtual_network.main.name address_prefixes = ["10.0.2.0/24"] } resource "azurerm_network_security_group" "main" { name = "${var.prefix}-nsg" location = var.azure_location resource_group_name = var.azure_resourcegroup security_rule { access = "Allow" direction = "Inbound" name = "tls" priority = 100 protocol = "Tcp" source_port_range = "*" source_address_prefix = "*" destination_port_range = "22" destination_address_prefix = "*" } } resource "azurerm_subnet_network_security_group_association" "databaseserver-1" { subnet_id = azurerm_subnet.main.id network_security_group_id = azurerm_network_security_group.main.id } #webserver 1 resource "azurerm_public_ip" "webserver-1" { name = "${var.prefix}-webserver-1-pip" resource_group_name = var.azure_resourcegroup location = var.azure_location allocation_method = "Static" } resource "azurerm_network_interface" "webserver-1" { name = "${var.prefix}-webserver-1-nic" location = var.azure_location resource_group_name = var.azure_resourcegroup ip_configuration { name = "internal" subnet_id = azurerm_subnet.main.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.webserver-1.id } } resource "azurerm_linux_virtual_machine" "webserver-1" { name = "${var.prefix}-webserver-1-vm" location = var.azure_location resource_group_name = var.azure_resourcegroup network_interface_ids = [ azurerm_network_interface.webserver-1.id, ] size = "Standard_B2ats_v2" admin_username = "adminuser" admin_ssh_key { username = "adminuser" public_key = data.azurerm_ssh_public_key.azure.public_key } os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "Canonical" offer = "ubuntu-24_04-lts" sku = "server" version = "latest" } } #webserver 2 resource "azurerm_public_ip" "webserver-2" { name = "${var.prefix}-webserver-2-pip" resource_group_name = var.azure_resourcegroup location = var.azure_location allocation_method = "Static" } resource "azurerm_network_interface" "webserver-2" { name = "${var.prefix}-webserver-2-nic" location = var.azure_location resource_group_name = var.azure_resourcegroup ip_configuration { name = "internal" subnet_id = azurerm_subnet.main.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.webserver-2.id } } resource "azurerm_linux_virtual_machine" "webserver-2" { name = "${var.prefix}-webserver-2-vm" location = var.azure_location resource_group_name = var.azure_resourcegroup network_interface_ids = [ azurerm_network_interface.webserver-2.id, ] size = "Standard_B2ats_v2" admin_username = "adminuser" admin_ssh_key { username = "adminuser" public_key = data.azurerm_ssh_public_key.azure.public_key } os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "Canonical" offer = "ubuntu-24_04-lts" sku = "server" version = "latest" } } #databaseserver 1 resource "azurerm_public_ip" "databaseserver-1" { name = "${var.prefix}-databaseserver-1-pip" resource_group_name = var.azure_resourcegroup location = var.azure_location allocation_method = "Static" } resource "azurerm_network_interface" "databaseserver-1" { name = "${var.prefix}-databaseserver-1-nic" location = var.azure_location resource_group_name = var.azure_resourcegroup ip_configuration { name = "internal" subnet_id = azurerm_subnet.main.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.databaseserver-1.id } } resource "azurerm_linux_virtual_machine" "databaseserver-1" { name = "${var.prefix}-databaseserver-1-vm" location = var.azure_location resource_group_name = var.azure_resourcegroup network_interface_ids = [ azurerm_network_interface.databaseserver-1.id, ] size = "Standard_B2ats_v2" admin_username = "adminuser" admin_ssh_key { username = "adminuser" public_key = data.azurerm_ssh_public_key.azure.public_key } os_disk { caching = "ReadWrite" storage_account_type = "Standard_LRS" } source_image_reference { publisher = "Canonical" offer = "ubuntu-24_04-lts" sku = "server" version = "latest" } } locals { webservers = [ { name = azurerm_linux_virtual_machine.webserver-1.name ip = azurerm_linux_virtual_machine.webserver-1.public_ip_address private_key_file = var.azure_private_key_path }, { name = azurerm_linux_virtual_machine.webserver-2.name ip = azurerm_linux_virtual_machine.webserver-2.public_ip_address private_key_file = var.azure_private_key_path } ] } locals { databaseservers = [ { name = azurerm_linux_virtual_machine.databaseserver-1.name ip = azurerm_linux_virtual_machine.databaseserver-1.public_ip_address private_key_file = var.azure_private_key_path } ] } locals { inventory = templatefile("${path.module}/ansible-inventory.tmpl", { webservers = local.webservers databaseservers = local.databaseservers }) } resource "local_file" "ansible_inventory" { content = local.inventory filename = "${path.module}/../opdracht-4/inventory.ini" } output "ip_addresses" { value = local_file.ansible_inventory.content }