Files
les-03/opdracht-3/main.tf
2025-05-30 20:21:58 +00:00

238 lines
6.6 KiB
HCL

variable "azure_private_key_path" {
default = "/home/student/.ssh/azure"
}
data "local_file" "azure_private_key" {
filename = var.azure_private_key_path
}
# Azure
resource "azurerm_virtual_network" "main" {
name = "${var.prefix}-network"
address_space = ["10.0.0.0/16"]
location = var.azure_location
resource_group_name = var.azure_resourcegroup
}
resource "azurerm_subnet" "main" {
name = "internal"
resource_group_name = var.azure_resourcegroup
virtual_network_name = azurerm_virtual_network.main.name
address_prefixes = ["10.0.2.0/24"]
}
resource "azurerm_network_security_group" "main" {
name = "${var.prefix}-nsg"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
security_rule {
access = "Allow"
direction = "Inbound"
name = "tls"
priority = 100
protocol = "Tcp"
source_port_range = "*"
source_address_prefix = "*"
destination_port_range = "22"
destination_address_prefix = "*"
}
}
resource "azurerm_network_interface_security_group_association" "databaseserver-1" {
network_interface_id = azurerm_network_interface.databaseserver-1.id
network_security_group_id = azurerm_network_security_group.main.id
}
#webserver 1
resource "azurerm_public_ip" "webserver-1" {
name = "${var.prefix}-webserver-1-pip"
resource_group_name = var.azure_resourcegroup
location = var.azure_location
allocation_method = "Static"
}
resource "azurerm_network_interface" "webserver-1" {
name = "${var.prefix}-webserver-1-nic"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
ip_configuration {
name = "internal"
subnet_id = azurerm_subnet.main.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.webserver-1.id
}
}
resource "azurerm_linux_virtual_machine" "webserver-1" {
name = "${var.prefix}-webserver-1-vm"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
network_interface_ids = [
azurerm_network_interface.webserver-1.id,
]
size = "Standard_B2ats_v2"
admin_username = "adminuser"
admin_ssh_key {
username = "adminuser"
public_key = data.azurerm_ssh_public_key.azure.public_key
}
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "Canonical"
offer = "ubuntu-24_04-lts"
sku = "server"
version = "latest"
}
}
#webserver 2
resource "azurerm_public_ip" "webserver-2" {
name = "${var.prefix}-webserver-2-pip"
resource_group_name = var.azure_resourcegroup
location = var.azure_location
allocation_method = "Static"
}
resource "azurerm_network_interface" "webserver-2" {
name = "${var.prefix}-webserver-2-nic"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
ip_configuration {
name = "internal"
subnet_id = azurerm_subnet.main.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.webserver-2.id
}
}
resource "azurerm_linux_virtual_machine" "webserver-2" {
name = "${var.prefix}-webserver-2-vm"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
network_interface_ids = [
azurerm_network_interface.webserver-2.id,
]
size = "Standard_B2ats_v2"
admin_username = "adminuser"
admin_ssh_key {
username = "adminuser"
public_key = data.azurerm_ssh_public_key.azure.public_key
}
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "Canonical"
offer = "ubuntu-24_04-lts"
sku = "server"
version = "latest"
}
}
#databaseserver 1
resource "azurerm_public_ip" "databaseserver-1" {
name = "${var.prefix}-databaseserver-1-pip"
resource_group_name = var.azure_resourcegroup
location = var.azure_location
allocation_method = "Static"
}
resource "azurerm_network_interface" "databaseserver-1" {
name = "${var.prefix}-databaseserver-1-nic"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
ip_configuration {
name = "internal"
subnet_id = azurerm_subnet.main.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.databaseserver-1.id
}
}
resource "azurerm_linux_virtual_machine" "databaseserver-1" {
name = "${var.prefix}-databaseserver-1-vm"
location = var.azure_location
resource_group_name = var.azure_resourcegroup
network_interface_ids = [
azurerm_network_interface.databaseserver-1.id,
]
size = "Standard_B2ats_v2"
admin_username = "adminuser"
admin_ssh_key {
username = "adminuser"
public_key = data.azurerm_ssh_public_key.azure.public_key
}
os_disk {
caching = "ReadWrite"
storage_account_type = "Standard_LRS"
}
source_image_reference {
publisher = "Canonical"
offer = "ubuntu-24_04-lts"
sku = "server"
version = "latest"
}
}
locals {
webservers = [
{
name = azurerm_linux_virtual_machine.webserver-1.name
ip = azurerm_linux_virtual_machine.webserver-1.public_ip_address
private_key_file = var.azure_private_key_path
},
{
name = azurerm_linux_virtual_machine.webserver-2.name
ip = azurerm_linux_virtual_machine.webserver-2.public_ip_address
private_key_file = var.azure_private_key_path
}
]
}
locals {
databaseservers = [
{
name = azurerm_linux_virtual_machine.databaseserver-1.name
ip = azurerm_linux_virtual_machine.databaseserver-1.public_ip_address
private_key_file = var.azure_private_key_path
}
]
}
locals {
inventory = templatefile("${path.module}/ansible-inventory.tmpl", {
webservers = local.webservers
databaseservers = local.databaseservers
})
}
resource "local_file" "ansible_inventory" {
content = local.inventory
filename = "${path.module}/../opdracht-4/inventory.ini"
}
output "ip_addresses" {
value = local_file.ansible_inventory.content
}