diff --git a/imports.tf b/imports.tf deleted file mode 100644 index c739093..0000000 --- a/imports.tf +++ /dev/null @@ -1,69 +0,0 @@ -import { - to = openstack_networking_secgroup_v2.mailu - id = "d422a797-f933-4a88-9daa-ad3bf51fd524" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["22"] - id = "ee1d0145-522d-4bb2-8ba2-e4241c103678" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["25"] - id = "1c044046-80b4-4482-8345-92537c3220ac" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["80"] - id = "aff5f8e3-6d72-4378-b80c-46948b157d06" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["110"] - id = "0d3c863b-8f4e-4db8-96a2-0714951e3719" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["143"] - id = "b21d57e8-8f50-41d3-bb7f-42456c2e1d60" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["443"] - id = "bb495a69-4c90-431a-a634-7b5459315a65" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["465"] - id = "39e2ac5c-2040-4c2b-9ad5-22c424b0abcb" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["587"] - id = "c664a4f7-d968-46ca-b476-c444078a6ab2" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["993"] - id = "76d6ca04-3aad-466c-8b75-f75c063ca097" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress["995"] - id = "db876dde-1e0b-47fa-8960-6c82e495acf3" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-ipv4-egress - id = "880f7c96-02a4-41d9-aa0c-85236175a91b" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-ipv6-egress - id = "094e8ef1-4f00-4dc4-a7b0-9ad5bf09a8e0" -} - -import { - to = openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress - id = "f7332d33-9702-4b7b-af9f-e66deb8ce0af" -} diff --git a/mailu.tf b/mailu.tf index 8d6b703..056e37b 100644 --- a/mailu.tf +++ b/mailu.tf @@ -1,55 +1,8 @@ -resource "openstack_networking_secgroup_v2" "mailu" { - name = "mailu" -} - -resource "openstack_networking_secgroup_rule_v2" "mailu-ipv4-egress" { - direction = "egress" - ethertype = "IPv4" - security_group_id = openstack_networking_secgroup_v2.mailu.id -} - -resource "openstack_networking_secgroup_rule_v2" "mailu-ipv6-egress" { - direction = "egress" - ethertype = "IPv6" - security_group_id = openstack_networking_secgroup_v2.mailu.id -} - -resource "openstack_networking_secgroup_rule_v2" "mailu-icmp4-ingress" { - direction = "ingress" - ethertype = "IPv4" - protocol = "icmp" - remote_ip_prefix = "0.0.0.0/0" - security_group_id = openstack_networking_secgroup_v2.mailu.id -} - -resource "openstack_networking_secgroup_rule_v2" "mailu-tcp4-ingress" { - for_each = toset(["22", "25", "80", "110", "143", "443", "465", "587", "993", "995"]) - direction = "ingress" - ethertype = "IPv4" - protocol = "tcp" - port_range_min = each.value - port_range_max = each.value - remote_ip_prefix = "0.0.0.0/0" - security_group_id = openstack_networking_secgroup_v2.mailu.id -} - -resource "openstack_compute_instance_v2" "mailu" { - name = "mailu" - flavor_name = "m1.medium" - key_pair = "AJ OpenStack bootstrap" # TODO lol - security_groups = [ - openstack_networking_secgroup_v2.mailu.name - ] - - block_device { - source_type = "image" - destination_type = "volume" - uuid = "5e7b09b5-03f1-4f01-bc1b-41db2e1b09d1" # Ubuntu 22.04 - volume_size = 30 - delete_on_termination = true - } - - network { - name = "general_servers2" - } +module "mailu-vm" { + source = "./simple_vm" + name = "mailu" + ports = [22, 25, 80, 110, 143, 443, 465, 587, 993, 995] + instance_type = "m1.medium" + network = "general_servers2" + disk_size = 30 } diff --git a/moved.tf b/moved.tf index ad4ec2d..554577a 100644 --- a/moved.tf +++ b/moved.tf @@ -37,3 +37,33 @@ moved { to = module.prod_db.aws_db_instance.osem from = aws_db_instance.osem } + +moved { + from = openstack_networking_secgroup_v2.mailu + to = module.mailu-vm.openstack_networking_secgroup_v2.main-sg +} + +moved { + from = openstack_networking_secgroup_rule_v2.mailu-ipv4-egress + to = module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv4-egress +} + +moved { + from = openstack_networking_secgroup_rule_v2.mailu-ipv6-egress + to = module.mailu-vm.openstack_networking_secgroup_rule_v2.ipv6-egress +} + +moved { + from = openstack_networking_secgroup_rule_v2.mailu-icmp4-ingress + to = module.mailu-vm.openstack_networking_secgroup_rule_v2.icmp4-ingress +} + +moved { + from = openstack_networking_secgroup_rule_v2.mailu-tcp4-ingress + to = module.mailu-vm.openstack_networking_secgroup_rule_v2.tcp4-ingress +} + +moved { + from = openstack_compute_instance_v2.mailu + to = module.mailu-vm.openstack_compute_instance_v2.instance +} diff --git a/simple_vm/main.tf b/simple_vm/main.tf new file mode 100644 index 0000000..0d5875b --- /dev/null +++ b/simple_vm/main.tf @@ -0,0 +1,55 @@ +resource "openstack_networking_secgroup_v2" "main-sg" { + name = var.name +} + +resource "openstack_networking_secgroup_rule_v2" "ipv4-egress" { + direction = "egress" + ethertype = "IPv4" + security_group_id = openstack_networking_secgroup_v2.main-sg.id +} + +resource "openstack_networking_secgroup_rule_v2" "ipv6-egress" { + direction = "egress" + ethertype = "IPv6" + security_group_id = openstack_networking_secgroup_v2.main-sg.id +} + +resource "openstack_networking_secgroup_rule_v2" "icmp4-ingress" { + direction = "ingress" + ethertype = "IPv4" + protocol = "icmp" + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.main-sg.id +} + +resource "openstack_networking_secgroup_rule_v2" "tcp4-ingress" { + for_each = toset([for k in var.ports : tostring(k)]) + direction = "ingress" + ethertype = "IPv4" + protocol = "tcp" + port_range_min = each.value + port_range_max = each.value + remote_ip_prefix = "0.0.0.0/0" + security_group_id = openstack_networking_secgroup_v2.main-sg.id +} + +resource "openstack_compute_instance_v2" "instance" { + name = var.name + flavor_name = var.instance_type + key_pair = "AJ OpenStack bootstrap" # TODO lol + security_groups = [ + openstack_networking_secgroup_v2.main-sg.name + ] + + block_device { + source_type = "image" + destination_type = "volume" + uuid = "5e7b09b5-03f1-4f01-bc1b-41db2e1b09d1" # Ubuntu 22.04 + volume_size = var.disk_size + delete_on_termination = true + } + + network { + name = var.network + } +} diff --git a/simple_vm/provider.tf b/simple_vm/provider.tf new file mode 100644 index 0000000..43cc156 --- /dev/null +++ b/simple_vm/provider.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + openstack = { + source = "terraform-provider-openstack/openstack" + } + } +} diff --git a/simple_vm/variables.tf b/simple_vm/variables.tf new file mode 100644 index 0000000..1b7588a --- /dev/null +++ b/simple_vm/variables.tf @@ -0,0 +1,24 @@ +variable "name" { + description = "Name of the instance and matching security group" + type = string +} + +variable "network" { + description = "OSUOSL network to create the instance in" + type = string +} + +variable "instance_type" { + description = "OpenStack instance type" + type = string +} + +variable "ports" { + description = "Ports that are open for inbound traffic" + type = list(number) +} + +variable "disk_size" { + description = "Size of the VM's root volume" + type = number +}