diff --git a/.DS_Store b/.DS_Store new file mode 100644 index 0000000..5008ddf Binary files /dev/null and b/.DS_Store differ diff --git a/terraform/environments/dev/main.tf b/terraform/environments/dev/main.tf new file mode 100644 index 0000000..ec8f309 --- /dev/null +++ b/terraform/environments/dev/main.tf @@ -0,0 +1,28 @@ +# À vous de : +# 1. Configurer le provider google +# 2. Appeler les trois modules avec les bonnes variables +# 3. Créer le fichier de configuration Ansible (template) + +terraform { + required_providers { + google = { + source = "hashicorp/google" + version = "~> 6.12.0" + } + } +} + +provider "google" { + project = var.project_id + region = var.region +} + +module "network" { + source = "../../modules/network" + project_name = var.project_name + region = var.region + frontend_cidr = var.frontend_cidr + backend_cidr = var.backend_cidr + database_cidr = var.database_cidr + ssh_source_ranges = var.ssh_source_ranges +} \ No newline at end of file diff --git a/terraform/environments/dev/outputs.tf b/terraform/environments/dev/outputs.tf new file mode 100644 index 0000000..e69de29 diff --git a/terraform/environments/dev/variables.tf b/terraform/environments/dev/variables.tf new file mode 100644 index 0000000..075accd --- /dev/null +++ b/terraform/environments/dev/variables.tf @@ -0,0 +1,43 @@ +# définissez toutes les variables nécessaires avec des valeurs par défaut appropriées. + +variable "project_name" { + description = "Nom du projet" + type = string + default = "My First Project" +} + +variable "region" { + description = "Region du projet" + type = string + default = "europe-west9" +} + +variable "frontend_cidr" { + description = "CIDR for frontend subnet" + type = string + default = "10.0.1.0/24" +} + +variable "backend_cidr" { + description = "CIDR for backend subnet" + type = string + default = "10.0.2.0/24" +} + +variable "database_cidr" { + description = "CIDR for database subnet" + type = string + default = "10.0.3.0/24" +} + +variable "ssh_source_ranges" { + description = "" + type = string + default = "0.0.0.0/0" +} + +variable "project_id" { + description = "ID du projet" + type = string + default = "plenary-plane-478713-q1" +} \ No newline at end of file diff --git a/terraform/modules/compute/main.tf b/terraform/modules/compute/main.tf new file mode 100644 index 0000000..a4f4814 --- /dev/null +++ b/terraform/modules/compute/main.tf @@ -0,0 +1,22 @@ +# À vous de créer : + +# 1. Instance frontend : +# - Image : debian-11 +# - Disque : 10GB +# - IP publique +# - Tags : frontend, ssh +# - OS Login enabled + +# 2. Instance backend : +# - Image : debian-11 +# - Disque : 10GB +# - Pas d'IP publique (interne seulement) +# - Tags : backend, ssh +# - OS Login enabled + +# 3. Instance database : +# - Image : debian-11 +# - Disque : 20GB +# - Pas d'IP publique +# - Tags : database, ssh +# - OS Login enabled \ No newline at end of file diff --git a/terraform/modules/compute/outputs.tf b/terraform/modules/compute/outputs.tf new file mode 100644 index 0000000..4a91aa9 --- /dev/null +++ b/terraform/modules/compute/outputs.tf @@ -0,0 +1,4 @@ +# À vous d'exposer : +# 1. Les IPs internes de toutes les instances +# 2. L'IP publique du frontend +# 3. Les noms des instances \ No newline at end of file diff --git a/terraform/modules/compute/variables.tf b/terraform/modules/compute/variables.tf new file mode 100644 index 0000000..76a14cc --- /dev/null +++ b/terraform/modules/compute/variables.tf @@ -0,0 +1,6 @@ +# À vous de définir les variables pour : +# - instance_type +# - zone +# - frontend_subnet_id +# - backend_subnet_id +# - database_subnet_id \ No newline at end of file diff --git a/terraform/modules/iam/main.tf b/terraform/modules/iam/main.tf new file mode 100644 index 0000000..a4b77c1 --- /dev/null +++ b/terraform/modules/iam/main.tf @@ -0,0 +1,5 @@ +# À vous de créer : +# 1. Un compte de service pour Terraform +# 2. Une clé pour ce compte de service +# 3. Les rôles IAM nécessaires +# 4. La configuration OS Login avec votre clé SSH \ No newline at end of file diff --git a/terraform/modules/iam/outputs.tf b/terraform/modules/iam/outputs.tf new file mode 100644 index 0000000..c73acc0 --- /dev/null +++ b/terraform/modules/iam/outputs.tf @@ -0,0 +1,3 @@ +# À vous d'exposer : +# 1. L'email du compte de service +# 2. La clé du compte de service (sensitive = true) \ No newline at end of file diff --git a/terraform/modules/iam/variables.tf b/terraform/modules/iam/variables.tf new file mode 100644 index 0000000..5ac1614 --- /dev/null +++ b/terraform/modules/iam/variables.tf @@ -0,0 +1,2 @@ +# À vous de définir : +# - project_id (string) \ No newline at end of file diff --git a/terraform/modules/network/main.tf b/terraform/modules/network/main.tf new file mode 100644 index 0000000..25062bd --- /dev/null +++ b/terraform/modules/network/main.tf @@ -0,0 +1,88 @@ +# À vous de créer : +# 1. Un VPC personnalisé avec auto_create_subnetworks = false +# 2. Trois sous-réseaux (frontend, backend, database) +# 3. Règles de firewall : +# - HTTP/HTTPS vers frontend +# - SSH vers toutes les instances +# - Port 8000 de frontend vers backend +# - Port 3306 de backend vers database + +# VPC +resource "google_compute_network" "vpc_terraform" { + name = "vpc-terraform" + auto_create_subnetworks = false +} + +# Sous-réseau +resource "google_compute_subnetwork" "subnet_frontend" { + name = "frontend" + network = google_compute_network.vpc_terraform.id + ip_cidr_range = var.frontend_cidr + region = var.region +} + +resource "google_compute_subnetwork" "subnet_backend" { + name = "backend" + network = google_compute_network.vpc_terraform.id + ip_cidr_range = var.backend_cidr + region = var.region +} + +resource "google_compute_subnetwork" "subnet_database" { + name = "database" + network = google_compute_network.vpc_terraform.id + ip_cidr_range = var.database_cidr + region = var.region +} + +resource "google_compute_firewall" "allow_user_frontend" { + name = "allow-user-frontend" + network = google_compute_network.vpc_terraform.id + + allow { + protocol = "tcp" + ports = ["80", "443"] + } + + source_ranges = ["0.0.0.0/0"] + target_tags = ["frontend"] +} + +resource "google_compute_firewall" "allow_frontend_backend" { + name = "allow-frontend-backend" + network = google_compute_network.vpc_terraform.id + + allow { + protocol = "tcp" + ports = ["8000"] + } + + source_tags = ["frontend"] + target_tags = ["backend"] +} + +resource "google_compute_firewall" "allow_ssh_all" { + name = "allow-ssh-all" + network = google_compute_network.vpc_terraform.id + + allow { + protocol = "tcp" + ports = ["22"] + } + + source_ranges = ["0.0.0.0/0"] + target_tags = ["ssh"] +} + +resource "google_compute_firewall" "allow_backend_database" { + name = "allow-backend-database" + network = google_compute_network.vpc_terraform.id + + allow { + protocol = "tcp" + ports = ["3306"] + } + + source_tags = ["backend"] + target_tags = ["database"] +} \ No newline at end of file diff --git a/terraform/modules/network/outputs.tf b/terraform/modules/network/outputs.tf new file mode 100644 index 0000000..078bc94 --- /dev/null +++ b/terraform/modules/network/outputs.tf @@ -0,0 +1,15 @@ +# À vous d'exposer : +# 1. L'ID du VPC +# 2. Les IDs des sous-réseaux sous forme de map + +output "vpc_terraform_output" { + value = google_compute_network.vpc_terraform.id +} + +output "list_id" { + value = { + frontend = google_compute_subnetwork.subnet_frontend.id + backend = google_compute_subnetwork.subnet_backend.id + database = google_compute_subnetwork.subnet_database.id + } +} \ No newline at end of file diff --git a/terraform/modules/network/variables.tf b/terraform/modules/network/variables.tf new file mode 100644 index 0000000..36786d4 --- /dev/null +++ b/terraform/modules/network/variables.tf @@ -0,0 +1,37 @@ +# À vous de définir les variables pour : +# - project_name (string) +# - region (string) +# - frontend_cidr (string) +# - backend_cidr (string) +# - database_cidr (string) +# - ssh_source_ranges (string) + +variable "project_name" { + description = "Nom du projet" + type = string +} + +variable "region" { + description = "Region du projet" + type = string +} + +variable "frontend_cidr" { + description = "CIDR for frontend subnet" + type = string +} + +variable "backend_cidr" { + description = "CIDR for backend subnet" + type = string +} + +variable "database_cidr" { + description = "CIDR for database subnet" + type = string +} + +variable "ssh_source_ranges" { + description = "" + type = string +} \ No newline at end of file