|
data "http" "icanhazip" { |
|
url = "http://ipv4.icanhazip.com" |
|
} |
|
|
|
provider "azurerm" { |
|
} |
|
|
|
resource "azurerm_resource_group" "rg" { |
|
name = var.resource_group_name |
|
location = var.location |
|
} |
|
|
|
resource "azurerm_virtual_network" "vnet" { |
|
name = var.vnet_name |
|
location = azurerm_resource_group.rg.location |
|
resource_group_name = azurerm_resource_group.rg.name |
|
address_space = ["10.0.0.0/16"] |
|
dns_servers = ["8.8.8.8", "8.8.4.4"] |
|
} |
|
|
|
# If the VNET already exists, use |
|
#data "azurerm_virtual_network" "vnet" { |
|
# name = "some_vnet_name" |
|
# resource_group_name = "owner_rg_for_vnet" |
|
#} |
|
|
|
resource "azurerm_subnet" "subnet" { |
|
name = var.subnet_name |
|
resource_group_name = azurerm_resource_group.rg.name |
|
virtual_network_name = azurerm_virtual_network.vnet.name |
|
address_prefix = "10.0.1.0/24" |
|
} |
|
|
|
resource "azurerm_network_security_group" "iaasnsg" { |
|
name = "iaas-nsg" |
|
location = azurerm_resource_group.rg.location |
|
resource_group_name = azurerm_resource_group.rg.name |
|
} |
|
|
|
resource "azurerm_network_security_rule" "iaasnsgr" { |
|
name = "iaas-nsg-100" |
|
priority = 100 |
|
direction = "Inbound" |
|
access = "Allow" |
|
protocol = "Tcp" |
|
source_port_range = "*" |
|
destination_port_range = "22" |
|
source_address_prefix = "${trimspace(data.http.icanhazip.body)}/32" |
|
destination_address_prefix = "*" |
|
resource_group_name = azurerm_resource_group.rg.name |
|
network_security_group_name = azurerm_network_security_group.iaasnsg.name |
|
} |
|
|
|
resource "azurerm_public_ip" "iaaspubip" { |
|
name = "iaas-pubip" |
|
location = azurerm_resource_group.rg.location |
|
resource_group_name = azurerm_resource_group.rg.name |
|
allocation_method = "Dynamic" |
|
domain_name_label = var.dns_prefix |
|
} |
|
|
|
resource "azurerm_network_interface" "iaasnic" { |
|
name = "iaas-nic" |
|
location = azurerm_resource_group.rg.location |
|
resource_group_name = azurerm_resource_group.rg.name |
|
network_security_group_id = azurerm_network_security_group.iaasnsg.id |
|
|
|
ip_configuration { |
|
name = "iaas-nic-ip" |
|
subnet_id = azurerm_subnet.subnet.id |
|
private_ip_address_allocation = "Dynamic" |
|
public_ip_address_id = azurerm_public_ip.iaaspubip.id |
|
} |
|
} |
|
|
|
resource "azurerm_virtual_machine" "main" { |
|
name = "iaas-vm" |
|
location = azurerm_resource_group.rg.location |
|
resource_group_name = azurerm_resource_group.rg.name |
|
network_interface_ids = [azurerm_network_interface.iaasnic.id] |
|
vm_size = "Standard_DS1_v2" |
|
|
|
delete_os_disk_on_termination = true |
|
delete_data_disks_on_termination = true |
|
|
|
storage_image_reference { |
|
publisher = "Canonical" |
|
offer = "UbuntuServer" |
|
sku = "18.04-LTS" |
|
version = "latest" |
|
} |
|
|
|
storage_os_disk { |
|
name = "iaas-os-disk" |
|
caching = "ReadWrite" |
|
create_option = "FromImage" |
|
managed_disk_type = "Standard_LRS" |
|
} |
|
|
|
os_profile { |
|
computer_name = "iaas" |
|
admin_username = var.ssh_user |
|
admin_password = var.ssh_password |
|
} |
|
|
|
os_profile_linux_config { |
|
disable_password_authentication = false |
|
} |
|
|
|
|
|
provisioner "remote-exec" { |
|
inline = ["mkdir /tmp/ansible"] |
|
|
|
connection { |
|
host = azurerm_public_ip.iaaspubip.fqdn |
|
user = var.ssh_user |
|
password = var.ssh_password |
|
} |
|
} |
|
provisioner "file" { |
|
source = "ansible/" |
|
destination = "/tmp/ansible" |
|
|
|
connection { |
|
host = azurerm_public_ip.iaaspubip.fqdn |
|
user = var.ssh_user |
|
password = var.ssh_password |
|
} |
|
} |
|
|
|
provisioner "remote-exec" { |
|
inline = [ |
|
"sudo apt update > /tmp/apt_update || cat /tmp/apt_update", |
|
"sudo apt install -y python3-pip > /tmp/apt_install_python3_pip || cat /tmp/apt_install_python3_pip", |
|
"sudo -H pip3 install ansible > /tmp/pip_install_ansible || cat /tmp/pip_install_ansible", |
|
"ansible-playbook /tmp/ansible/main.yml" |
|
] |
|
|
|
connection { |
|
host = azurerm_public_ip.iaaspubip.fqdn |
|
user = var.ssh_user |
|
password = var.ssh_password |
|
} |
|
} |
|
} |