fix: indentation

README.md

@@ -25,7 +25,9 @@
 
 Now you can access the ESXi dashboard on `192.168.1.5` (or whatever the ip of the hypervisor is).
 
-5. Add a new datastore: ![ESXi Data store](images/esxi_data_store.png)
+5. Add a new datastore: 
+
+![ESXi Data store](images/esxi_data_store.png)
 
 ### Setup Linux Development Environment
 
@@ -45,7 +47,7 @@ Now you can access the ESXi dashboard on `192.168.1.5` (or whatever the ip of th
             - 192.168.1.6/24
         routes:
             - to: default
-            via: 192.168.1.1
+              via: 192.168.1.1
         nameservers:
             addresses:
             - 192.168.1.1
@@ -65,7 +67,9 @@ Now you can access the ESXi dashboard on `192.168.1.5` (or whatever the ip of th
    2. Set the permissions of that file with Powershell as admin:
       1. `icacls "D:\School\devhost" /inheritance:r`
       2. `icacls "D:\School\devhost" /grant:r "$($env:USERNAME):(R)"`
-   3. Upload the `azure` public key to Azure: ![Upload Azure Public Key](images\azure_upload_ssh_key.png)
+   3. Upload the `azure` public key to Azure: 
+   
+   ![Upload Azure Public Key](images/azure_upload_ssh_key.png)
 
 5. Now you can access the VM via VSCode:
    1. Install the Remote Explorer extension.
@@ -76,7 +80,9 @@ Now you can access the ESXi dashboard on `192.168.1.5` (or whatever the ip of th
      User student
      IdentityFile D:/School/devhost
    ```
-   3. Connect to the machine in VSCode: ![Connecting to ssh](images\vscode_connect_ssh.png)
+   3. Connect to the machine in VSCode: 
+   
+   ![Connecting to ssh](images/vscode_connect_ssh.png)
 
 6. Install deps: `sudo apt install git unzip curl sshpass`
 
@@ -100,6 +106,11 @@ Now you can access the ESXi dashboard on `192.168.1.5` (or whatever the ip of th
    2. `echo "deb [signed-by=/usr/share/keyrings/hashicorp-archive-keyring.gpg] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list`
    3. `sudo apt-get update && sudo apt-get install terraform`
 
+10. Install Azure CLI
+   1. `curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash`
+   2. Login with `az login`
+   3. Choose the `2 - HBO ICT` subscription
+
 ### Test Connection
 
 Run the following command and enter the password of the `root` user on the ESXi Hypervisor: `ansible -i '192.168.1.5,' -m ping all -u root -k`

week-2/opdracht-1/.terraform.lock.hcl

@@ -0,0 +1,43 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "4.27.0"
+  constraints = "~> 4.27.0"
+  hashes = [
+    "h1:2fs47aLDaEm93ANXXVRdTjlbUBmFBZRsFjyshKoPE3o=",
+    "zh:0c69edea1995bd3bd9e61980757169c35bf22281b660b5c755b6cb13d08d29d2",
+    "zh:25b86bf7b9678371d8573983954c571696f3e64a3967133be3b835da36307106",
+    "zh:49921cff4f26a49bafada60cd07dabb52c5eb35231059ed928a4f4722e269c82",
+    "zh:4b986166531f9fd1289f01d8220519443e74888a21da512c1b841b006dad6215",
+    "zh:53fb65b2ca4df637f03e4748a100a7d7fc77249e307c03e294d6259cec0310f6",
+    "zh:5c0d021a387ca4e2a5a01da009746a08c45f08e971c10d9bda54539d7264d671",
+    "zh:600043f2b20dc5a45275e43f175c19fe8b6e8e9557a0c884aef018f1f63de90e",
+    "zh:a0284f6f38912f67bb4cb7829fda3fa75be81fea6a9b21119965c2a839430092",
+    "zh:a7ac0576e2069ef77557042c6b5157ded364fbd355b2f9bf7f5441622424086e",
+    "zh:c5db0bcafe986868e28cc6225b68b2d1cf4bf631939d260ca845f17a9aa1677d",
+    "zh:ce620c0eb71b1fdd925828b30cf232a869abccf1c459180f2f991c4166315251",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
+
+provider "registry.terraform.io/josenk/esxi" {
+  version = "1.10.3"
+  hashes = [
+    "h1:o78ERC8riDT2nHWCbXECt+S/RKwM98/G5ZojJHRm8fA=",
+    "zh:208a6a8092fa50d63fe1780447f2c4c3115b1987902a0c986452172c2c35677e",
+    "zh:3a0755aec960e32dbfbb31be61bba6ee2d11aff0513707e93f4eaebe3d557d93",
+    "zh:3daef19f36c9438771833dc15ae0eddc95faf9df00f9de9ab143bd031314ce50",
+    "zh:4cb4ba24aa3975f3928f5f16bc535ce0b18159ede16abaee39f93b3e13c36334",
+    "zh:56f30098aca0874210c4546530a5bfa5dd49bfad63950f3d9f3623cc6767280b",
+    "zh:716c62ae2d0cb7c64b5b3328792d7e135c4c0905e399e4b7335b7808508a7027",
+    "zh:81b0e8fab21088785e51f2d6af518ac31959b104facb2a25b0481d586a6fc692",
+    "zh:8b415ab7e39ca8e16f923bc73a8af418859faa594d97ed73e3a4aff7a736b08f",
+    "zh:9072bdd960ef85dc735b82423560b027ebb44790af1e84b122f1014f96acfc91",
+    "zh:9e6e1c2a7bf93c4705d280cea5b3d6bfb84c4540b92563e64fbc3a20155ef775",
+    "zh:af14c0e96273470dfb398b1701f575e5ea4963c208a32a4436db5ea0e2f2f385",
+    "zh:c79e772730ab4ac75c58d368f452c7a76abc738bb3666df0cfb567ac01e32c59",
+    "zh:d0068e7ca381d4b18df8b0219540733c996dfc69a89673b6bf52e4d69350c09a",
+    "zh:e188b20664bdcda50c45d071a8d0ba9870368941dac9138cd655f50db4ea15d2",
+  ]
+}

week-2/opdracht-1/main.tf

@@ -0,0 +1,71 @@
+# ESXi
+
+resource "esxi_guest" "main" {
+  guest_name = "${var.prefix}-vm"
+  disk_store = "datastore1"
+
+  memsize  = "1024"
+  numvcpus = "1"
+  power    = "on"
+
+  ovf_source = "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.ova"
+  network_interfaces {
+    virtual_network = "VM Network"
+  }
+}
+
+# Azure
+
+resource "azurerm_virtual_network" "main" {
+  name                = "${var.prefix}-network"
+  address_space       = ["10.0.0.0/16"]
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+}
+
+resource "azurerm_subnet" "main" {
+  name                 = "internal"
+  resource_group_name  = var.azure_resourcegroup
+  virtual_network_name = azurerm_virtual_network.main.name
+  address_prefixes     = ["10.0.2.0/24"]
+}
+
+resource "azurerm_network_interface" "main" {
+  name                = "${var.prefix}-nic"
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+
+  ip_configuration {
+    name                          = "internal"
+    subnet_id                     = azurerm_subnet.main.id
+    private_ip_address_allocation = "Dynamic"
+  }
+}
+
+resource "azurerm_linux_virtual_machine" "main" {
+  name                = "${var.prefix}-vm"
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+  network_interface_ids = [
+    azurerm_network_interface.main.id,
+  ]
+  size = "Standard_B2ats_v2"
+
+  admin_username = "adminuser"
+  admin_ssh_key {
+    username   = "adminuser"
+    public_key = data.azurerm_ssh_public_key.azure.public_key
+  }
+
+  os_disk {
+    caching              = "ReadWrite"
+    storage_account_type = "Standard_LRS"
+  }
+
+  source_image_reference {
+    publisher = "Canonical"
+    offer     = "ubuntu-24_04-lts"
+    sku       = "server"
+    version   = "latest"
+  }
+}

week-2/opdracht-1/providers.tf

@@ -0,0 +1,26 @@
+terraform {
+  required_providers {
+    esxi = {
+      source = "registry.terraform.io/josenk/esxi"
+    }
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 4.27.0"
+    }
+  }
+}
+
+provider "esxi" {
+  esxi_hostname = var.esxi_hostname
+  esxi_hostport = var.esxi_hostport
+  esxi_hostssl  = var.esxi_hostssl
+  esxi_username = var.esxi_username
+  esxi_password = var.esxi_password
+}
+
+
+provider "azurerm" {
+  resource_provider_registrations = "none"
+  subscription_id = var.azure_subscriptionid
+  features{}
+}

week-2/opdracht-1/secrets.auto.tfvars.example

@@ -0,0 +1,5 @@
+esxi_hostname = ""
+esxi_username = ""
+esxi_password = ""
+azure_subscriptionid = ""
+azure_resourcegroup = ""

week-2/opdracht-1/variables.tf

@@ -0,0 +1,47 @@
+variable "esxi_hostname" {
+  description = "IP address of the ESXi host"
+}
+
+variable "esxi_hostport" {
+  description = "SSH port of the ESXi host"
+  default     = "22"
+}
+
+variable "esxi_hostssl" {
+  description = "SSL port of the ESXi host"
+  default     = "443"
+}
+
+variable "esxi_username" {
+  description = "Username to connect to the ESXi host"
+}
+
+variable "esxi_password" {
+  description = "Password to connect to the ESXi host"
+  sensitive   = true
+}
+
+variable "azure_subscriptionid" {
+  description = "ID of the Azure Subscription."
+  sensitive   = true
+}
+
+variable "azure_resourcegroup" {
+  description = "Name of the Azure Resource Group."
+}
+
+variable "azure_location" {
+  description = "Location of the Azure resources"
+  default     = "westeurope"
+}
+
+variable "prefix" {
+  description = "The Prefix used for all resources"
+  default = "week-2-opdracht-1"
+}
+
+# Pull the SSH public key from Azure Key Vault
+data "azurerm_ssh_public_key" "azure" {
+  name                = "azure"
+  resource_group_name = var.azure_resourcegroup
+}

week-2/opdracht-2/.gitignore

@@ -0,0 +1 @@
+vm_info.txt

week-2/opdracht-2/.terraform.lock.hcl

@@ -0,0 +1,79 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/azurerm" {
+  version     = "4.27.0"
+  constraints = "~> 4.27.0"
+  hashes = [
+    "h1:2fs47aLDaEm93ANXXVRdTjlbUBmFBZRsFjyshKoPE3o=",
+    "zh:0c69edea1995bd3bd9e61980757169c35bf22281b660b5c755b6cb13d08d29d2",
+    "zh:25b86bf7b9678371d8573983954c571696f3e64a3967133be3b835da36307106",
+    "zh:49921cff4f26a49bafada60cd07dabb52c5eb35231059ed928a4f4722e269c82",
+    "zh:4b986166531f9fd1289f01d8220519443e74888a21da512c1b841b006dad6215",
+    "zh:53fb65b2ca4df637f03e4748a100a7d7fc77249e307c03e294d6259cec0310f6",
+    "zh:5c0d021a387ca4e2a5a01da009746a08c45f08e971c10d9bda54539d7264d671",
+    "zh:600043f2b20dc5a45275e43f175c19fe8b6e8e9557a0c884aef018f1f63de90e",
+    "zh:a0284f6f38912f67bb4cb7829fda3fa75be81fea6a9b21119965c2a839430092",
+    "zh:a7ac0576e2069ef77557042c6b5157ded364fbd355b2f9bf7f5441622424086e",
+    "zh:c5db0bcafe986868e28cc6225b68b2d1cf4bf631939d260ca845f17a9aa1677d",
+    "zh:ce620c0eb71b1fdd925828b30cf232a869abccf1c459180f2f991c4166315251",
+    "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/local" {
+  version = "2.5.2"
+  hashes = [
+    "h1:JlMZD6nYqJ8sSrFfEAH0Vk/SL8WLZRmFaMUF9PJK5wM=",
+    "zh:136299545178ce281c56f36965bf91c35407c11897f7082b3b983d86cb79b511",
+    "zh:3b4486858aa9cb8163378722b642c57c529b6c64bfbfc9461d940a84cd66ebea",
+    "zh:4855ee628ead847741aa4f4fc9bed50cfdbf197f2912775dd9fe7bc43fa077c0",
+    "zh:4b8cd2583d1edcac4011caafe8afb7a95e8110a607a1d5fb87d921178074a69b",
+    "zh:52084ddaff8c8cd3f9e7bcb7ce4dc1eab00602912c96da43c29b4762dc376038",
+    "zh:71562d330d3f92d79b2952ffdda0dad167e952e46200c767dd30c6af8d7c0ed3",
+    "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+    "zh:805f81ade06ff68fa8b908d31892eaed5c180ae031c77ad35f82cb7a74b97cf4",
+    "zh:8b6b3ebeaaa8e38dd04e56996abe80db9be6f4c1df75ac3cccc77642899bd464",
+    "zh:ad07750576b99248037b897de71113cc19b1a8d0bc235eb99173cc83d0de3b1b",
+    "zh:b9f1c3bfadb74068f5c205292badb0661e17ac05eb23bfe8bd809691e4583d0e",
+    "zh:cc4cbcd67414fefb111c1bf7ab0bc4beb8c0b553d01719ad17de9a047adff4d1",
+  ]
+}
+
+provider "registry.terraform.io/hashicorp/template" {
+  version = "2.2.0"
+  hashes = [
+    "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=",
+    "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386",
+    "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53",
+    "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603",
+    "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16",
+    "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776",
+    "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451",
+    "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae",
+    "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde",
+    "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d",
+    "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2",
+  ]
+}
+
+provider "registry.terraform.io/josenk/esxi" {
+  version = "1.10.3"
+  hashes = [
+    "h1:o78ERC8riDT2nHWCbXECt+S/RKwM98/G5ZojJHRm8fA=",
+    "zh:208a6a8092fa50d63fe1780447f2c4c3115b1987902a0c986452172c2c35677e",
+    "zh:3a0755aec960e32dbfbb31be61bba6ee2d11aff0513707e93f4eaebe3d557d93",
+    "zh:3daef19f36c9438771833dc15ae0eddc95faf9df00f9de9ab143bd031314ce50",
+    "zh:4cb4ba24aa3975f3928f5f16bc535ce0b18159ede16abaee39f93b3e13c36334",
+    "zh:56f30098aca0874210c4546530a5bfa5dd49bfad63950f3d9f3623cc6767280b",
+    "zh:716c62ae2d0cb7c64b5b3328792d7e135c4c0905e399e4b7335b7808508a7027",
+    "zh:81b0e8fab21088785e51f2d6af518ac31959b104facb2a25b0481d586a6fc692",
+    "zh:8b415ab7e39ca8e16f923bc73a8af418859faa594d97ed73e3a4aff7a736b08f",
+    "zh:9072bdd960ef85dc735b82423560b027ebb44790af1e84b122f1014f96acfc91",
+    "zh:9e6e1c2a7bf93c4705d280cea5b3d6bfb84c4540b92563e64fbc3a20155ef775",
+    "zh:af14c0e96273470dfb398b1701f575e5ea4963c208a32a4436db5ea0e2f2f385",
+    "zh:c79e772730ab4ac75c58d368f452c7a76abc738bb3666df0cfb567ac01e32c59",
+    "zh:d0068e7ca381d4b18df8b0219540733c996dfc69a89673b6bf52e4d69350c09a",
+    "zh:e188b20664bdcda50c45d071a8d0ba9870368941dac9138cd655f50db4ea15d2",
+  ]
+}

week-2/opdracht-2/README.md

@@ -0,0 +1,111 @@
+# Terraform Deployment – Week 2 Assignment
+
+This repository contains Terraform configurations for provisioning infrastructure on ESXi and Azure.
+
+All sensitive information (e.g. SSH key files, passwords) and custom values are handled using Terraform variables stored in a separate file.
+
+```mermaid
+graph TD
+  subgraph ESXi omgeving
+    ESXiNIC[NIC]:::existing
+    ESXivSwitch[vSwitch]
+    Portgroup[Portgroup]
+    ESXivSwitch --> ESXiNIC
+    ESXiNIC --> Portgroup
+
+    Web1[Webserver 1]
+    Web2[Webserver 2]
+    DB[Databaseserver]
+
+
+
+    Portgroup --> Web1
+    Portgroup --> Web2
+    Portgroup --> DB
+  end
+
+  subgraph Azure
+    VNet[Virtual Network]
+    Subnet[Subnet]
+    NIC[NIC]
+    NSG["NSG (SSH open)"]
+    VM[Linux VM]
+    PIP[Public IP]
+
+    VNet --> Subnet
+    Subnet --> NIC
+    NIC --> VM
+    NSG --> NIC
+    VM --> PIP
+  end
+
+  subgraph Data
+    AzurePublicKey["SSH Public Key (azure.pub)"]
+    AzurePrivateKey["SSH Private Key (azure)"]
+    SkylabPublicKey["SSH Public Key (skylab.pub)"]
+    Userdata[Userdata]
+    AzureCloudInit[Azure Cloudinit]
+    VMinfo["Output file: vm_info.txt"]
+  end
+
+  SkylabPublicKey --> Userdata
+  AzurePrivateKey --> Userdata
+  AzurePublicKey --> AzureCloudInit
+  Userdata --> Web1
+  Userdata --> Web2
+  Userdata --> DB
+  AzureCloudInit --> VM
+
+  Web1 --> VMinfo
+  Web2 --> VMinfo
+  DB --> VMinfo
+  VM --> VMinfo
+
+  classDef existing stroke:#268b26
+```
+
+## Azure
+
+- Complete network setup:
+    - Virtual Network
+    - Subnet
+    - Network Security Group
+    - NIC
+- One Ubuntu 24.04 VM.
+- VM type: `Standard_B2ats_v2`
+- Public IP address enabled
+- The `iac` user is created using cloud-init
+    - `azure.pub` is uploaded as public key.
+- A file `/home/iac/hello.txt` containing `Hello World` is created using cloud-init
+- VM public and private IP address is stored in the `vm_info.txt` file.
+
+## ESXi
+
+- Creates three Ubuntu 24.04 VMs. 
+    - 2 `webserver`
+    - 1 `databaseserver`
+- Each VM is provisioned with 1 vCPU and 2 GB RAM.
+- The `skylab` user is created using cloud-init
+    - `skylab.pub` is uploaded as public key.
+    - `azure` private key us uploaded to access the Azure VM.
+    - A SSH config file is created with info for connecting to the Azure VM.
+    - sudo access.
+    - no password prompt.
+- The packages `wget` and `ntpdate` are installed with cloud-init.
+- VM private IP addresses are stored in the `vm_info.txt` file.
+
+## Demo
+
+![demo](iac-week-2.gif)
+
+This demo shows:
+
+1. Applying the Terraform plan
+    - `terraform apply --auto-approve`
+    - This shows the ip addresses of the VM's in the output.
+2. Opening an SSH session to one of the ESXi VMs
+    - `ssh -i /home/student/.ssh/skylab skylab@192.168.1.115`
+3. Opening an SSH session to one of the Azure VMs
+    - `ssh azurevm` (using SSH config file)
+4. Showing the content of the `hello.txt` file.
+    - `cat hello.txt`

week-2/opdracht-2/cloudinit-azure.yaml

@@ -0,0 +1,16 @@
+#cloud-config
+local-hostname: vm-host-naam
+
+users:
+  - name: iac
+    ssh-authorized-keys:
+      - ${azure-ssh-key}
+    shell: /bin/bash
+
+write_files:
+  - path: /home/iac/hello.txt
+    content: |
+      Hello World  
+    owner: 'iac:iac'
+    permissions: '0644'
+    defer: true

week-2/opdracht-2/main.tf

@@ -0,0 +1,212 @@
+# ESXi
+
+variable "skylab_ssh_public_key_path" {
+  default = "/home/student/.ssh/skylab.pub"
+}
+
+data "local_file" "ssh_key" {
+  filename = var.skylab_ssh_public_key_path
+}
+
+variable "azure_private_key_path" {
+  default = "/home/student/.ssh/azure"
+}
+
+data "local_file" "azure_private_key" {
+  filename = var.azure_private_key_path
+}
+
+# Render userdata template with skylab SSH key
+data "template_file" "esxi_userdata" {
+  template = file("${path.module}/userdata.tftpl")
+  vars = {
+    skylab-ssh-key    = trimspace(data.local_file.ssh_key.content)
+    azure-private-key = indent(6, trimspace(data.local_file.azure_private_key.content))
+    azure-vm-ip       = azurerm_linux_virtual_machine.main.public_ip_address
+  }
+}
+
+
+# resource "esxi_vswitch" "myvswitch" {
+#   name = "${var.prefix}-vswitch"
+#   uplink {
+#     name = "vmnic0"
+#   }
+# }
+
+resource "esxi_portgroup" "week-2-opdracht-2" {
+  name    = "${var.prefix}-network"
+  vswitch = "vSwitch0"
+}
+
+resource "esxi_guest" "webserver" {
+  guest_name = "${var.prefix}-webserver-${count.index}"
+  disk_store = "datastore1"
+  count      = 2
+
+  memsize  = "2048"
+  numvcpus = "1"
+  power    = "on"
+
+  ovf_source = "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.ova"
+
+  network_interfaces {
+    virtual_network = esxi_portgroup.week-2-opdracht-2.name
+  }
+
+  guestinfo = {
+    "metadata" = base64encode(templatefile("${path.module}/metadata.yaml", {
+      hostname = "${var.prefix}-webserver-${count.index}" # Directly using count.index for hostname
+    }))
+    "metadata.encoding" = "base64"
+    "userdata"          = base64encode(data.template_file.esxi_userdata.rendered)
+    "userdata.encoding" = "base64"
+  }
+}
+
+resource "esxi_guest" "databaseserver" {
+  guest_name = "${var.prefix}-databaseserver-${count.index}"
+  disk_store = "datastore1"
+  count      = 1
+
+  memsize  = "2048"
+  numvcpus = "1"
+  power    = "on"
+
+  ovf_source = "https://cloud-images.ubuntu.com/releases/24.04/release/ubuntu-24.04-server-cloudimg-amd64.ova"
+
+  network_interfaces {
+    virtual_network = esxi_portgroup.week-2-opdracht-2.name
+  }
+
+  guestinfo = {
+    "metadata" = base64encode(templatefile("${path.module}/metadata.yaml", {
+      hostname = "${var.prefix}-databaseserver-${count.index}" # Directly using count.index for hostname
+    }))
+    "metadata.encoding" = "base64"
+    "userdata"          = base64encode(data.template_file.esxi_userdata.rendered)
+    "userdata.encoding" = "base64"
+  }
+}
+
+# Azure
+
+resource "azurerm_virtual_network" "main" {
+  name                = "${var.prefix}-network"
+  address_space       = ["10.0.0.0/16"]
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+}
+
+resource "azurerm_subnet" "main" {
+  name                 = "internal"
+  resource_group_name  = var.azure_resourcegroup
+  virtual_network_name = azurerm_virtual_network.main.name
+  address_prefixes     = ["10.0.2.0/24"]
+}
+
+resource "azurerm_public_ip" "pip" {
+  name                = "${var.prefix}-pip"
+  resource_group_name = var.azure_resourcegroup
+  location            = var.azure_location
+  allocation_method   = "Static"
+}
+
+resource "azurerm_network_interface" "main" {
+  name                = "${var.prefix}-nic"
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+
+  ip_configuration {
+    name                          = "internal"
+    subnet_id                     = azurerm_subnet.main.id
+    private_ip_address_allocation = "Dynamic"
+    public_ip_address_id          = azurerm_public_ip.pip.id
+  }
+}
+
+resource "azurerm_network_security_group" "main" {
+  name                = "${var.prefix}-nsg"
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+  security_rule {
+    access                     = "Allow"
+    direction                  = "Inbound"
+    name                       = "tls"
+    priority                   = 100
+    protocol                   = "Tcp"
+    source_port_range          = "*"
+    source_address_prefix      = "*"
+    destination_port_range     = "22"
+    destination_address_prefix = azurerm_network_interface.main.private_ip_address
+  }
+}
+
+resource "azurerm_network_interface_security_group_association" "main" {
+  network_interface_id      = azurerm_network_interface.main.id
+  network_security_group_id = azurerm_network_security_group.main.id
+}
+
+# Render userdata template with skylab SSH key
+data "template_file" "azure_cloudinit" {
+  template = file("${path.module}/cloudinit-azure.yaml")
+  vars = {
+    azure-ssh-key = trimspace(data.azurerm_ssh_public_key.azure.public_key)
+  }
+}
+
+resource "azurerm_linux_virtual_machine" "main" {
+  name                = "${var.prefix}-vm"
+  location            = var.azure_location
+  resource_group_name = var.azure_resourcegroup
+  network_interface_ids = [
+    azurerm_network_interface.main.id,
+  ]
+  size = "Standard_B2ats_v2"
+
+  admin_username = "adminuser"
+  admin_ssh_key {
+    username   = "adminuser"
+    public_key = data.azurerm_ssh_public_key.azure.public_key
+  }
+
+  custom_data = base64encode(data.template_file.azure_cloudinit.rendered)
+
+  os_disk {
+    caching              = "ReadWrite"
+    storage_account_type = "Standard_LRS"
+  }
+
+  source_image_reference {
+    publisher = "Canonical"
+    offer     = "ubuntu-24_04-lts"
+    sku       = "server"
+    version   = "latest"
+  }
+}
+
+# Write ESXi IP adresses to file
+resource "local_file" "vm_info" {
+  content = join("\n",
+    ["ESXi VM's Private IP Adresses:"],
+    concat(
+      [
+        for guest in esxi_guest.webserver :
+        "${guest.guest_name} - ${guest.ip_address}"
+      ],
+      [
+        for guest in esxi_guest.databaseserver :
+        "${guest.guest_name} - ${guest.ip_address}"
+        ], [
+        "Azure VM's Private IP Adresses:",
+        "${azurerm_linux_virtual_machine.main.name} - ${azurerm_linux_virtual_machine.main.private_ip_address}",
+        "Azure VM's Public IP Adresses:",
+    "${azurerm_linux_virtual_machine.main.name} - ${azurerm_linux_virtual_machine.main.public_ip_address}"])
+  )
+
+  filename = "${path.module}/vm_info.txt"
+}
+
+output "ip_addresses" {
+  value = local_file.vm_info.content
+}

week-2/opdracht-2/metadata.yaml

@@ -0,0 +1,2 @@
+#cloud-config
+local-hostname: ${hostname}

week-2/opdracht-2/providers.tf

@@ -0,0 +1,26 @@
+terraform {
+  required_providers {
+    esxi = {
+      source = "registry.terraform.io/josenk/esxi"
+    }
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "~> 4.27.0"
+    }
+  }
+}
+
+provider "esxi" {
+  esxi_hostname = var.esxi_hostname
+  esxi_hostport = var.esxi_hostport
+  esxi_hostssl  = var.esxi_hostssl
+  esxi_username = var.esxi_username
+  esxi_password = var.esxi_password
+}
+
+
+provider "azurerm" {
+  resource_provider_registrations = "none"
+  subscription_id                 = var.azure_subscriptionid
+  features {}
+}

week-2/opdracht-2/secrets.auto.tfvars.example

@@ -0,0 +1,5 @@
+esxi_hostname = ""
+esxi_username = ""
+esxi_password = ""
+azure_subscriptionid = ""
+azure_resourcegroup = ""

week-2/opdracht-2/userdata.tftpl

@@ -0,0 +1,34 @@
+#cloud-config
+users:
+  - name: skylab
+    ssh-authorized-keys:
+      - ${skylab-ssh-key}
+    shell: /bin/bash
+    sudo: ['ALL=(ALL) NOPASSWD:ALL']
+
+write_files:
+  - path: /home/skylab/.ssh/azure
+    content: |
+      ${azure-private-key}
+    permissions: '0600'
+    owner: skylab:skylab
+    defer: true
+
+  - path: /home/skylab/.ssh/config
+    content: |
+      Host azurevm
+        HostName ${azure-vm-ip}
+        User iac
+        IdentityFile ~/.ssh/azure
+        StrictHostKeyChecking no
+        UserKnownHostsFile=/dev/null
+    permissions: '0600'
+    owner: skylab:skylab
+    defer: true
+
+packages:
+  - wget
+  - ntpdate
+
+runcmd:
+  - ntpdate pool.ntp.org

week-2/opdracht-2/variables.tf

@@ -0,0 +1,47 @@
+variable "esxi_hostname" {
+  description = "IP address of the ESXi host"
+}
+
+variable "esxi_hostport" {
+  description = "SSH port of the ESXi host"
+  default     = "22"
+}
+
+variable "esxi_hostssl" {
+  description = "SSL port of the ESXi host"
+  default     = "443"
+}
+
+variable "esxi_username" {
+  description = "Username to connect to the ESXi host"
+}
+
+variable "esxi_password" {
+  description = "Password to connect to the ESXi host"
+  sensitive   = true
+}
+
+variable "azure_subscriptionid" {
+  description = "ID of the Azure Subscription."
+  sensitive   = true
+}
+
+variable "azure_resourcegroup" {
+  description = "Name of the Azure Resource Group."
+}
+
+variable "azure_location" {
+  description = "Location of the Azure resources"
+  default     = "westeurope"
+}
+
+variable "prefix" {
+  description = "The Prefix used for all resources"
+  default     = "week-2-opdracht-2"
+}
+
+# Pull the SSH public key from Azure Key Vault
+data "azurerm_ssh_public_key" "azure" {
+  name                = "azure"
+  resource_group_name = var.azure_resourcegroup
+}