Created
October 15, 2018 00:11
-
-
Save ChrisTruncer/cc7c077330ea572ca1d68b5f04b5669c to your computer and use it in GitHub Desktop.
Sample Terraform Config with PFSense and Win 10 on Azure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################## | |
| # Resource Group Creation # | |
| ################################################## | |
| resource "azurerm_resource_group" "privatenetgroup" { | |
| name = "private-net-group" | |
| location = "West US" | |
| } | |
| ################################################## | |
| # Network Information # | |
| ################################################## | |
| resource "azurerm_virtual_network" "privateoverallnetwork" { | |
| name = "private-network" | |
| address_space = ["10.0.0.0/8"] | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| } | |
| resource "azurerm_subnet" "priv-subnet" { | |
| name = "priv-subnet" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| virtual_network_name = "${azurerm_virtual_network.privateoverallnetwork.name}" | |
| address_prefix = "10.12.10.0/24" | |
| } | |
| resource "azurerm_public_ip" "pf_pubip" { | |
| name = "PF-PUBIP" | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| public_ip_address_allocation = "static" | |
| } | |
| resource "azurerm_network_security_group" "pfsenserulez" { | |
| name = "pfsense-nsg" | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| security_rule { | |
| name = "AllowHTTPS" | |
| priority = 100 | |
| direction = "Inbound" | |
| access = "Allow" | |
| protocol = "Tcp" | |
| source_port_range = "*" | |
| destination_port_range = "443" | |
| source_address_prefix = "Internet" | |
| destination_address_prefix = "*" | |
| } | |
| security_rule { | |
| name = "AllowOpenVPN" | |
| priority = 200 | |
| direction = "Inbound" | |
| access = "Allow" | |
| protocol = "UDP" | |
| source_port_range = "*" | |
| destination_port_range = "1194" | |
| source_address_prefix = "Internet" | |
| destination_address_prefix = "*" | |
| } | |
| } | |
| ################################################## | |
| # Private Systems # | |
| ################################################## | |
| #**************************************************************************************** | |
| resource "azurerm_network_interface" "TestWin10" { | |
| name = "TestWin10" | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| internal_dns_name_label = "TestWin10" | |
| ip_configuration { | |
| name = "primary" | |
| subnet_id = "${azurerm_subnet.priv-subnet.id}" | |
| private_ip_address_allocation = "static" | |
| private_ip_address = "10.12.10.15" | |
| } | |
| } | |
| resource "azurerm_virtual_machine" "TestWin10" { | |
| name = "TestWin10" | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| network_interface_ids = ["${azurerm_network_interface.TestWin10.id}"] | |
| vm_size = "Standard_D1_v2" | |
| delete_os_disk_on_termination = true | |
| storage_image_reference { | |
| publisher = "MicrosoftWindowsDesktop" | |
| offer = "Windows-10" | |
| sku = "rs4-pro" | |
| version = "17134.345.59" | |
| } | |
| storage_os_disk { | |
| name = "TestWin10disk" | |
| caching = "ReadWrite" | |
| create_option = "FromImage" | |
| managed_disk_type = "Standard_LRS" | |
| } | |
| os_profile_windows_config { | |
| enable_automatic_upgrades = false | |
| provision_vm_agent = true | |
| } | |
| os_profile { | |
| computer_name = "TestWin10" | |
| admin_username = "LocalAdminSystem" | |
| admin_password = "TotallyNotAVirus!" | |
| } | |
| } | |
| #******************************************************************************************* | |
| resource "azurerm_network_interface" "pfsensepubpriv" { | |
| name = "pfsense-pub" | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| network_security_group_id = "${azurerm_network_security_group.pfsenserulez.id}" | |
| ip_configuration { | |
| name = "WebPrivate" | |
| subnet_id = "${azurerm_subnet.priv-subnet.id}" | |
| private_ip_address_allocation = "static" | |
| private_ip_address = "10.12.10.10" | |
| public_ip_address_id = "${azurerm_public_ip.pf_pubip.id}" | |
| } | |
| } | |
| resource "azurerm_virtual_machine" "pfsenseme" { | |
| name = "test-pfsense" | |
| location = "${azurerm_resource_group.privatenetgroup.location}" | |
| resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
| network_interface_ids = ["${azurerm_network_interface.pfsensepubpriv.id}"] | |
| vm_size = "Basic_A2" | |
| delete_os_disk_on_termination = true | |
| storage_image_reference { | |
| publisher = "netgate" | |
| offer = "netgate-pfsense-azure-fw-vpn-router" | |
| sku = "netgate-pfsense-azure-243" | |
| version = "2.4.31" | |
| } | |
| plan { | |
| name = "netgate-pfsense-azure-243" | |
| publisher = "netgate" | |
| product = "netgate-pfsense-azure-fw-vpn-router" | |
| } | |
| storage_os_disk { | |
| name = "test-pfsense_OsDisk" | |
| caching = "ReadWrite" | |
| create_option = "FromImage" | |
| managed_disk_type = "Standard_LRS" | |
| } | |
| os_profile_linux_config { | |
| disable_password_authentication = false | |
| } | |
| os_profile { | |
| computer_name = "pfsenseaccess" | |
| admin_username = "LocalAdminSystem" | |
| admin_password = "TotallyNotAVirus!" | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment