From 31b01ce711061de4aba8d0aff6878786d2c3d884 Mon Sep 17 00:00:00 2001 From: karim mdmirajul Date: Thu, 2 Nov 2023 16:16:56 +0200 Subject: [PATCH] Organize codes sturcture and enable services Signed-off-by: karim mdmirajul --- terraform/azure-ghaf-infra.tf | 67 +++++++++++++++++------------------ terraform/backend.tf | 13 +++++++ terraform/data.tf | 7 ++++ terraform/outputs.tf | 11 ++++++ terraform/providers.tf | 19 ++++++++++ terraform/variables.tf | 31 ++++++++++++++++ 6 files changed, 114 insertions(+), 34 deletions(-) create mode 100644 terraform/backend.tf create mode 100644 terraform/data.tf create mode 100644 terraform/outputs.tf create mode 100644 terraform/providers.tf create mode 100644 terraform/variables.tf diff --git a/terraform/azure-ghaf-infra.tf b/terraform/azure-ghaf-infra.tf index facc229a..0724b253 100644 --- a/terraform/azure-ghaf-infra.tf +++ b/terraform/azure-ghaf-infra.tf @@ -1,47 +1,46 @@ # SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII) # # SPDX-License-Identifier: Apache-2.0 -terraform { - required_providers { - azurerm = { - source = "hashicorp/azurerm" - } - sops = { - source = "carlpett/sops" - } - } -} -data "sops_file" "ghaf-infra" { - source_file = "secrets.yaml" +# Resource group +resource "azurerm_resource_group" "rg" { + name = "ghaf-infra-terraform-dev" + location = var.resource_group_location } - -provider "azurerm" { - features {} +# Create VN +resource "azurerm_virtual_network" "ghaf-infra-vnet" { + name = "ghaf-infra-terraform-dev-vnet" + address_space = ["10.3.0.0/24"] + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name } -# Backend for storing tfstate - -terraform { - backend "azurerm" { - resource_group_name = "ghaf-infra-storage" - storage_account_name = "ghafinfrastatestorage" - container_name = "ghaf-infra-tfstate-container" - key = "ghaf-infra.tfstate" - } +# Create public IPs +resource "azurerm_public_ip" "ghafhydra_terraform_public_ip" { + name = "ghaf-infra-terraform-dev-ip" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + allocation_method = "Dynamic" } -# Resource group - -variable "resource_group_location" { - type = string - default = "northeurope" - description = "Location of the resource group." +# Create Network SG and rule +resource "azurerm_network_security_group" "ghafhydra_terraform_nsg" { + name = "ghaf-infra-terraform-dev-nsg" + location = azurerm_resource_group.rg.location + resource_group_name = azurerm_resource_group.rg.name + + security_rule { + name = "SSH" + priority = 300 + direction = "Inbound" + access = "Allow" + protocol = "Tcp" + source_port_range = "*" + destination_port_range = "22" + source_address_prefix = "*" + destination_address_prefix = "*" + } } -resource "azurerm_resource_group" "rg" { - name = "ghaf-infra-terraform-dev" - location = var.resource_group_location -} diff --git a/terraform/backend.tf b/terraform/backend.tf new file mode 100644 index 00000000..ac85fecf --- /dev/null +++ b/terraform/backend.tf @@ -0,0 +1,13 @@ +# SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII) +# +# SPDX-License-Identifier: Apache-2.0 + + +terraform { + backend "azurerm" { + resource_group_name = "ghaf-infra-storage" + storage_account_name = "ghafinfrastatestorage" + container_name = "ghaf-infra-tfstate-container" + key = "ghaf-infra.tfstate" + } +} diff --git a/terraform/data.tf b/terraform/data.tf new file mode 100644 index 00000000..717db167 --- /dev/null +++ b/terraform/data.tf @@ -0,0 +1,7 @@ +# SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII) +# +# SPDX-License-Identifier: Apache-2.0 + +data "sops_file" "ghaf-infra" { + source_file = "secrets.yaml" +} diff --git a/terraform/outputs.tf b/terraform/outputs.tf new file mode 100644 index 00000000..5689a6ba --- /dev/null +++ b/terraform/outputs.tf @@ -0,0 +1,11 @@ +# SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII) +# +# SPDX-License-Identifier: Apache-2.0 + +output "resource_group_name" { + value = azurerm_resource_group.rg.name +} + +output "resource_group_location" { + value = azurerm_resource_group.rg.location +} diff --git a/terraform/providers.tf b/terraform/providers.tf new file mode 100644 index 00000000..6e9e9206 --- /dev/null +++ b/terraform/providers.tf @@ -0,0 +1,19 @@ +# SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII) +# +# SPDX-License-Identifier: Apache-2.0 + +provider "azurerm" { + features {} +} + +terraform { + required_providers { + azurerm = { + source = "hashicorp/azurerm" + } + sops = { + source = "carlpett/sops" + } + } +} + diff --git a/terraform/variables.tf b/terraform/variables.tf new file mode 100644 index 00000000..f60249f2 --- /dev/null +++ b/terraform/variables.tf @@ -0,0 +1,31 @@ +# SPDX-FileCopyrightText: 2023 Technology Innovation Institute (TII) +# +# SPDX-License-Identifier: Apache-2.0 + +variable "resource_group_location" { + type = string + default = "swedencentral" + description = "Location of the resource group." +} + + +variable "resourcegroup" { + description = "The Azure Resource Group Name within your Subscription in which this resource will be created." + default = "ghaf-infra-swe" +} + +variable "resource_group_name_prefix" { + type = string + default = "rg" + description = "Prefix of the resource group name that's combined with a random ID so name is unique in your Azure subscription." +} + +variable "location" { + description = "Location for resources" + default = "eastus" +} + +variable "subnet_address_prefix" { + description = "Address prefix for subnet" + default = "10.0.1.0/24" +} \ No newline at end of file