Factor out a simple OpenStack VM module

SeaGL · Mar 13, 2024 · 29f0419 · 29f0419
1 parent d2a663b
commit 29f0419
Show file tree

Hide file tree

Showing 6 changed files with 123 additions and 123 deletions.
diff --git a/imports.tf b/imports.tf
diff --git a/mailu.tf b/mailu.tf
@@ -1,55 +1,8 @@
-resource "openstack_networking_secgroup_v2" "mailu" {
-  name = "mailu"
-}
-
-resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" {
-  direction         = "egress"
-  ethertype         = "IPv4"
-  security_group_id = openstack_networking_secgroup_v2.mailu.id
-}
-
-resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" {
-  direction         = "egress"
-  ethertype         = "IPv6"
-  security_group_id = openstack_networking_secgroup_v2.mailu.id
-}
-
-resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" {
-  direction         = "ingress"
-  ethertype         = "IPv4"
-  protocol          = "icmp"
-  remote_ip_prefix  = "0.0.0.0/0"
-  security_group_id = openstack_networking_secgroup_v2.mailu.id
-}
-
-resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" {
-  for_each          = toset(["22", "25", "80", "110", "143", "443", "465", "587", "993", "995"])
-  direction         = "ingress"
-  ethertype         = "IPv4"
-  protocol          = "tcp"
-  port_range_min    = each.value
-  port_range_max    = each.value
-  remote_ip_prefix  = "0.0.0.0/0"
-  security_group_id = openstack_networking_secgroup_v2.mailu.id
-}
-
-resource "openstack_compute_instance_v2" "mailu" {
-  name        = "mailu"
-  flavor_name = "m1.medium"
-  key_pair    = "AJ OpenStack bootstrap" # TODO lol
-  security_groups = [
-    openstack_networking_secgroup_v2.mailu.name
-  ]
-
-  block_device {
-    source_type           = "image"
-    destination_type      = "volume"
-    uuid                  = "5e7b09b5-03f1-4f01-bc1b-41db2e1b09d1" # Ubuntu 22.04
-    volume_size           = 30
-    delete_on_termination = true
-  }
-
-  network {
-    name = "general_servers2"
-  }
+module "mailu-vm" {
+  source        = "./simple_vm"
+  name          = "mailu"
+  ports         = [22, 25, 80, 110, 143, 443, 465, 587, 993, 995]
+  instance_type = "m1.medium"
+  network       = "general_servers2"
+  disk_size     = 30
 }
diff --git a/moved.tf b/moved.tf
@@ -37,3 +37,33 @@ moved {
   to   = module.prod_db.aws_db_instance.osem
   from = aws_db_instance.osem
 }
+
+moved {
+  from = openstack_networking_secgroup_v2.mailu
+  to   = module.mailu-vm.openstack_networking_secgroup_v2.main-sg
+}
+
+moved {
+  from = openstack_networking_secgroup_rule_v2.mailu-ipv4-egress
+  to   = module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv4-egress
+}
+
+moved {
+  from = openstack_networking_secgroup_rule_v2.mailu-ipv6-egress
+  to   = module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv6-egress
+}
+
+moved {
+  from = openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress
+  to   = module.mailu-vm.openstack_networking_secgroup_rule_v2.icmp4-ingress
+}
+
+moved {
+  from = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress
+  to   = module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress
+}
+
+moved {
+  from = openstack_compute_instance_v2.mailu
+  to   = module.mailu-vm.openstack_compute_instance_v2.instance
+}
diff --git a/simple_vm/main.tf b/simple_vm/main.tf
@@ -0,0 +1,55 @@
+resource "openstack_networking_secgroup_v2" "main-sg" {
+  name = var.name
+}
+
+resource "openstack_networking_secgroup_rule_v2" "ipv4-egress" {
+  direction         = "egress"
+  ethertype         = "IPv4"
+  security_group_id = openstack_networking_secgroup_v2.main-sg.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "ipv6-egress" {
+  direction         = "egress"
+  ethertype         = "IPv6"
+  security_group_id = openstack_networking_secgroup_v2.main-sg.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "icmp4-ingress" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "icmp"
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.main-sg.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "tcp4-ingress" {
+  for_each          = toset([for k in var.ports : tostring(k)])
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = each.value
+  port_range_max    = each.value
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.main-sg.id
+}
+
+resource "openstack_compute_instance_v2" "instance" {
+  name        = var.name
+  flavor_name = var.instance_type
+  key_pair    = "AJ OpenStack bootstrap" # TODO lol
+  security_groups = [
+    openstack_networking_secgroup_v2.main-sg.name
+  ]
+
+  block_device {
+    source_type           = "image"
+    destination_type      = "volume"
+    uuid                  = "5e7b09b5-03f1-4f01-bc1b-41db2e1b09d1" # Ubuntu 22.04
+    volume_size           = var.disk_size
+    delete_on_termination = true
+  }
+
+  network {
+    name = var.network
+  }
+}
diff --git a/simple_vm/provider.tf b/simple_vm/provider.tf
@@ -0,0 +1,7 @@
+terraform {
+  required_providers {
+    openstack = {
+      source = "terraform-provider-openstack/openstack"
+    }
+  }
+}
diff --git a/simple_vm/variables.tf b/simple_vm/variables.tf
@@ -0,0 +1,24 @@
+variable "name" {
+  description = "Name of the instance and matching security group"
+  type        = string
+}
+
+variable "network" {
+  description = "OSUOSL network to create the instance in"
+  type        = string
+}
+
+variable "instance_type" {
+  description = "OpenStack instance type"
+  type        = string
+}
+
+variable "ports" {
+  description = "Ports that are open for inbound traffic"
+  type        = list(number)
+}
+
+variable "disk_size" {
+  description = "Size of the VM's root volume"
+  type        = number
+}