boutaric/but3-iac
1
0
Fork 0
forked from pierront/but3-iac
Code Pull Requests Activity

.

Browse Source
This commit is contained in:
James Boutaric
2025-12-04 09:59:27 +01:00
parent cd01194190
commit a1aee0dd84
8 changed files with 116 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
terraform/environments/dev/main.tf
View File

@@ -3,6 +3,7 @@
# 2. Appeler les trois modules avec les bonnes variables # 2. Appeler les trois modules avec les bonnes variables
# 3. Créer le fichier de configuration Ansible (template) # 3. Créer le fichier de configuration Ansible (template)
terraform { terraform {
required_providers { required_providers {
google = { google = {
@@ -26,3 +27,13 @@ module "network" {
database_cidr = var.database_cidr database_cidr = var.database_cidr
ssh_source_ranges = var.ssh_source_ranges ssh_source_ranges = var.ssh_source_ranges
} }
module "compute" {
source = "../../modules/compute"
instance_type = var.instance_type
zone = var.zone
frontend_subnet_id = module.network.subnet_ids["frontend"]
backend_subnet_id = module.network.subnet_ids["backend"]
database_subnet_id = module.network.subnet_ids["database"]
}

33
terraform/environments/dev/variables.tf
View File

@@ -1,19 +1,11 @@
# définissez toutes les variables nécessaires avec des valeurs par défaut appropriées.
# variable "project_id" {
# description = "ID du projet GCP"
# type = string
# default = "mon-projet"
# }
variable "project_name" { variable "project_name" {
description = "Nom du projet" description = "Nom du projet cidr"
type = string type = string
default = "My First Project" default = "My Firdt Project"
} }
variable "region" { variable "region" {
description = "Region du projet" description = "region du cidr"
type = string type = string
default = "europe-west9" default = "europe-west9"
} }
@@ -37,13 +29,28 @@ variable "database_cidr" {
} }
variable "ssh_source_ranges" { variable "ssh_source_ranges" {
description = "" description = "ssh_source_range du projet cidr"
type = string type = string
default = "0.0.0.0/0" default = "0.0.0.0/0"
} }
variable "project_id" { variable "project_id" {
description = "ID du projet" description = "id du projet"
type = string type = string
default = "plenary-plane-478713-q1" default = "plenary-plane-478713-q1"
} }
variable "instance_type" {
description = "type d'instance de vm"
type = string
default = "e2-micro"
}
variable "zone" {
description = "zone du projet"
type = string
default = "europe-west9-b"
}

31
terraform/modules/compute/main.tf
View File

@@ -23,7 +23,7 @@
# } # }
resource "google_compute_instance" "vm_frontend" { resource "google_compute_instance" "vm_frontend" {
name = "frontend-instance" name = "frontend"
machine_type = var.instance_type machine_type = var.instance_type
zone = var.zone zone = var.zone
@@ -34,22 +34,22 @@ resource "google_compute_instance" "vm_frontend" {
} }
} }
network_interface { network_interface {
access_config {} # IP publique
subnetwork = var.frontend_subnet_id subnetwork = var.frontend_subnet_id
access_config {}
} }
tags= ["frontend", "ssh"] tags = ["frontend", "ssh"]
metadata = { metadata = {
enable-oslogin = "TRUE" enable-oslogin = "TRUE"
} }
} }
resource "google_compute_instance" "vm_backend" { resource "google_compute_instance" "vm_backend" {
name = "backend-instance" name = "backend"
machine_type = var.instance_type machine_type = var.instance_type
zone = var.zone zone = var.zone
@@ -60,25 +60,24 @@ resource "google_compute_instance" "vm_backend" {
} }
} }
network_interface { network_interface {
subnetwork = var.backend_subnet_id subnetwork = var.backend_subnet_id
} }
tags = ["backend", "ssh"] tags = ["backend", "ssh"]
metadata = { metadata = {
enable-oslogin = "TRUE" enable-oslogin = "TRUE"
} }
} }
resource "google_compute_instance" "vm_database" { resource "google_compute_instance" "vm_database" {
name = "database-instance" name = "database"
machine_type = var.instance_type machine_type = var.instance_type
zone = var.zone zone = var.zone
boot_disk { boot_disk {
initialize_params { initialize_params {
image = "debian-cloud/debian-11" image = "debian-cloud/debian-11"
@@ -86,13 +85,11 @@ resource "google_compute_instance" "vm_database" {
} }
} }
network_interface { network_interface {
subnetwork = var.database_subnet_id subnetwork = var.database_subnet_id
} }
tags = ["database", "ssh"] tags = ["database", "ssh"]
metadata = { metadata = {
enable-oslogin = "TRUE" enable-oslogin = "TRUE"

14
terraform/modules/compute/outputs.tf
View File

@@ -2,8 +2,8 @@
# value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip # value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip
# } # }
output "instance_internal_ips" {
output "ip_internes" { description = "IPs internes de toutes les instances"
value = { value = {
frontend = google_compute_instance.vm_frontend.network_interface[0].network_ip frontend = google_compute_instance.vm_frontend.network_interface[0].network_ip
backend = google_compute_instance.vm_backend.network_interface[0].network_ip backend = google_compute_instance.vm_backend.network_interface[0].network_ip
@@ -11,14 +11,16 @@ output "ip_internes" {
} }
} }
output "ip_public_frontend" { output "frontend_public_ip" {
value = google_compute_instance.vm_frontend.network_interface[0].access_config[0].nat_ip description = "IP publique de l'instance frontend"
value = google_compute_instance.vm_frontend.network_interface[0].access_config[0].nat_ip
} }
output "nom_instances" { output "instance_names" {
description = "Noms de toutes les instances"
value = { value = {
frontend = google_compute_instance.vm_frontend.name frontend = google_compute_instance.vm_frontend.name
backend = google_compute_instance.vm_backend.name backend = google_compute_instance.vm_backend.name
database = google_compute_instance.vm_database.name database = google_compute_instance.vm_database.name
} }
} }

16
terraform/modules/compute/variables.tf
View File

@@ -5,28 +5,32 @@
# } # }
variable "instance_type" { variable "instance_type" {
description = "Type de machine à utiliser pour les instances" description = "Nom du projet cidr"
type = string type = string
} }
variable "zone" { variable "zone" {
description = "Zone où déployer les instances" description = "Nom du projet cidr"
type = string type = string
} }
variable "frontend_subnet_id" { variable "frontend_subnet_id" {
description = "ID du sous-réseau frontend" description = "Nom du projet cidr"
type = string type = string
} }
variable "backend_subnet_id" { variable "backend_subnet_id" {
description = "ID du sous-réseau backend" description = "Nom du projet cidr"
type = string type = string
} }
variable "database_subnet_id" { variable "database_subnet_id" {
description = "ID du sous-réseau database" description = "Nom du projet cidr"
type = string type = string
} }

68
terraform/modules/network/main.tf
View File

@@ -3,8 +3,8 @@
# name = "mon-vpc" # name = "mon-vpc"
# auto_create_subnetworks = false # auto_create_subnetworks = false
# } # }
resource "google_compute_network" "vpc_terraform" { resource "google_compute_network" "vpc" {
name = "vpc-terraform" name = "mon-vpc"
auto_create_subnetworks = false auto_create_subnetworks = false
} }
@@ -15,23 +15,24 @@ resource "google_compute_network" "vpc_terraform" {
# ip_cidr_range = "10.0.1.0/24" # ip_cidr_range = "10.0.1.0/24"
# region = "europe-west1" # region = "europe-west1"
# } # }
resource "google_compute_subnetwork" "subnet_frontend" {
name = "frontend" resource "google_compute_subnetwork" "frontend" {
network = google_compute_network.vpc_terraform.id name = "mon-frontend"
network = google_compute_network.vpc.id
ip_cidr_range = var.frontend_cidr ip_cidr_range = var.frontend_cidr
region = var.region region = var.region
} }
resource "google_compute_subnetwork" "subnet_backend" { resource "google_compute_subnetwork" "backend" {
name = "backend" name = "mon-backend"
network = google_compute_network.vpc_terraform.id network = google_compute_network.vpc.id
ip_cidr_range = var.backend_cidr ip_cidr_range = var.backend_cidr
region = var.region region = var.region
} }
resource "google_compute_subnetwork" "subnet_database" { resource "google_compute_subnetwork" "database" {
name = "database" name = "ma-database"
network = google_compute_network.vpc_terraform.id network = google_compute_network.vpc.id
ip_cidr_range = var.database_cidr ip_cidr_range = var.database_cidr
region = var.region region = var.region
} }
@@ -49,9 +50,9 @@ resource "google_compute_subnetwork" "subnet_database" {
# target_tags = ["web"] # target_tags = ["web"]
# } # }
resource "google_compute_firewall" "allow_user_frontend" { resource "google_compute_firewall" "frontend_firewall" {
name = "allow-user-frontend" name = "frontend"
network = google_compute_network.vpc_terraform.id network = google_compute_network.vpc.id
allow { allow {
protocol = "tcp" protocol = "tcp"
@@ -62,9 +63,10 @@ resource "google_compute_firewall" "allow_user_frontend" {
target_tags = ["frontend"] target_tags = ["frontend"]
} }
resource "google_compute_firewall" "allow_frontend_backend" {
name = "allow-frontend-backend" resource "google_compute_firewall" "backend_firewall" {
network = google_compute_network.vpc_terraform.id name = "backend"
network = google_compute_network.vpc.id
allow { allow {
protocol = "tcp" protocol = "tcp"
@@ -75,22 +77,9 @@ resource "google_compute_firewall" "allow_frontend_backend" {
target_tags = ["backend"] target_tags = ["backend"]
} }
resource "google_compute_firewall" "allow_ssh_all" { resource "google_compute_firewall" "database_firewall" {
name = "allow-ssh-all" name = "database"
network = google_compute_network.vpc_terraform.id network = google_compute_network.vpc.id
allow {
protocol = "tcp"
ports = ["22"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["ssh"]
}
resource "google_compute_firewall" "allow_backend_database" {
name = "allow-backend-database"
network = google_compute_network.vpc_terraform.id
allow { allow {
protocol = "tcp" protocol = "tcp"
@@ -100,3 +89,16 @@ resource "google_compute_firewall" "allow_backend_database" {
source_tags = ["backend"] source_tags = ["backend"]
target_tags = ["database"] target_tags = ["database"]
} }
resource "google_compute_firewall" "ssh_firewall" {
name = "ssh"
network = google_compute_network.vpc.id
allow {
protocol = "tcp"
ports = ["22"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["ssh"]
}

18
terraform/modules/network/outputs.tf
View File

@@ -2,16 +2,18 @@
# value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip # value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip
# } # }
output "vpc_terraform_output" { output "vpc_terraform" {
description = "ID du VPC crée " description = "ID du VPC créé"
value = google_compute_network.vpc_terraform.id value = google_compute_network.vpc.id
} }
output "list_id" { output "subnet_ids" {
description = "Map des IDS des osus réseaux " description = "Map des IDs des sous-réseaux"
value = { value = {
frontend = google_compute_subnetwork.subnet_frontend.id
backend = google_compute_subnetwork.subnet_backend.id frontend = google_compute_subnetwork.frontend.id
database = google_compute_subnetwork.subnet_database.id backend = google_compute_subnetwork.backend.id
database = google_compute_subnetwork.database.id
} }
} }

8
terraform/modules/network/variables.tf
View File

@@ -5,12 +5,12 @@
# } # }
variable "project_name" { variable "project_name" {
description = "Nom du projet" description = "Nom du projet cidr"
type = string type = string
} }
variable "region" { variable "region" {
description = "Region du projet" description = "region du cidr"
type = string type = string
} }
@@ -30,6 +30,8 @@ variable "database_cidr" {
} }
variable "ssh_source_ranges" { variable "ssh_source_ranges" {
description = "" description = "ssh_source_range du projet cidr"
type = string type = string
} }