/* * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ /* * This is derived from Hashicat main.tf just for testing OpenGrok's Terraform * handling and modified arbitrarily to test other Terraform or HCL syntax. */ provider "azurerm" { version = "=1.44.0" } resource "azurerm_resource_group" "myresourcegroup" { name = "${var.prefix}-workshop" location = var.location } resource "azurerm_virtual_network" "vnet" { name = "${var.prefix}-vnet" location = azurerm_resource_group.myresourcegroup.location address_space = [var.address_space] resource_group_name = azurerm_resource_group.myresourcegroup.name } resource "azurerm_subnet" "subnet" { name = "${var.prefix}-subnet" virtual_network_name = azurerm_virtual_network.vnet.name resource_group_name = azurerm_resource_group.myresourcegroup.name address_prefix = var.subnet_prefix } resource "azurerm_network_security_group" "catapp-sg" { name = "${var.prefix}-sg" location = var.location resource_group_name = azurerm_resource_group.myresourcegroup.name security_rule { name = "HTTP" priority = 100 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_range = "80" source_address_prefix = "*" destination_address_prefix = "*" } security_rule { name = "HTTPS" priority = 102 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_range = "443" source_address_prefix = "*" destination_address_prefix = "*" } security_rule { name = "SSH" priority = 101 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_range = "22" source_address_prefix = "*" destination_address_prefix = "*" } } resource "azurerm_network_interface" "catapp-nic" { name = "${var.prefix}-catapp-nic" location = var.location resource_group_name = azurerm_resource_group.myresourcegroup.name network_security_group_id = azurerm_network_security_group.catapp-sg.id ip_configuration { name = "${var.prefix}ipconfig" subnet_id = azurerm_subnet.subnet.id private_ip_address_allocation = "Dynamic" public_ip_address_id = azurerm_public_ip.catapp-pip.id } } resource "azurerm_public_ip" "catapp-pip" { name = "${var.prefix}-ip" location = var.location resource_group_name = azurerm_resource_group.myresourcegroup.name allocation_method = "Dynamic" domain_name_label = "${var.prefix}-meow" } resource "azurerm_virtual_machine" "catapp" { name = "${var.prefix}-meow" location = var.location resource_group_name = azurerm_resource_group.myresourcegroup.name vm_size = var.vm_size network_interface_ids = [azurerm_network_interface.catapp-nic.id] delete_os_disk_on_termination = "true" storage_image_reference { publisher = var.image_publisher offer = var.image_offer sku = var.image_sku version = var.image_version } storage_os_disk { name = "${var.prefix}-osdisk" managed_disk_type = "Standard_LRS" caching = "ReadWrite" create_option = "FromImage" } os_profile { computer_name = var.prefix admin_username = var.admin_username admin_password = var.admin_password } os_profile_linux_config { disable_password_authentication = false } } # We're using a little trick here so we can run the provisioner without # destroying the VM. Do not do this in production. # If you need ongoing management (Day N) of your virtual machines a tool such # as Chef or Puppet is a better choice. These tools track the state of # individual files and can keep them in the correct configuration. # Here we do the following steps: # Sync everything in files/ to the remote VM. # Set up some environment variables for our script. # Add execute permissions to our scripts. # Run the deploy_app.sh script. resource "null_resource" "configure-cat-app" { depends_on = [ azurerm_virtual_machine.catapp, ] # Terraform 0.11 # triggers { # build_number = "${timestamp()}" # } # Terraform 0.12 triggers = { build_number = timestamp() } provisioner "file" { source = "files/" destination = "/home/${var.admin_username}/" connection { type = "ssh" user = var.admin_username password = var.admin_password host = azurerm_public_ip.catapp-pip.fqdn } } provisioner "remote-exec" { inline = [ "sudo apt -y update", "sudo apt -y install apache2", "sudo systemctl start apache2", "sudo chown -R ${var.admin_username}:${var.admin_username} /var/www/html", "chmod +x *.sh", "PLACEHOLDER=${var.placeholder} WIDTH=${var.width} HEIGHT=${var.height} PREFIX=${var.prefix} ./deploy_app.sh", ] connection { type = "ssh" user = var.admin_username password = var.admin_password host = azurerm_public_ip.catapp-pip.fqdn } } } resource "no-interp-here-${var.admin_username}" { doc1 = <