boutaric/but3-iac
1
0
Fork 0
forked from pierront/but3-iac
Code Pull Requests Activity

ajout outputs

Browse Source
This commit is contained in:
James Boutaric
2025-12-04 11:05:37 +01:00
parent cfeee8df7f
commit f54d9bacfb
12 changed files with 115 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
terraform/environments/dev/main.tf
View File

@@ -1,8 +1,3 @@
# À vous de :
# 1. Configurer le provider google
# 2. Appeler les trois modules avec les bonnes variables
# 3. Créer le fichier de configuration Ansible (template)
terraform { terraform {
required_providers { required_providers {
google = { google = {

29
terraform/environments/dev/outputs.tf
View File

@@ -0,0 +1,29 @@
output "ip_internes" {
value = module.compute.ip_internes
}
output "ip_public_frontend" {
value = module.compute.ip_public_frontend
}
output "nom_instances" {
value = module.compute.nom_instances
}
output "service_account_email" {
description = "Email du compte de service Terraform."
value = module.iam.email
}
output "service_account_key" {
description = "Clé privée du compte de service Terraform (sensitive)."
value = module.iam.key
sensitive = true
}
output "vpc" {
value = module.network.vpc
}
output "subnets" {
value = module.network.subnets
}

6
terraform/environments/dev/variables.tf
View File

@@ -1,4 +1,8 @@
# définissez toutes les variables nécessaires avec des valeurs par défaut appropriées. # variable "project_id" {
# description = "ID du projet GCP"
# type = string
# default = "mon-projet"
# }
variable "project_name" { variable "project_name" {
description = "Nom du projet" description = "Nom du projet"

39
terraform/modules/compute/main.tf
View File

@@ -1,25 +1,26 @@
# À vous de créer : # resource "google_compute_instance" "vm" {
# name = "ma-vm"
# machine_type = "e2-medium"
# zone = "europe-west1-b"
# 1. Instance frontend : # boot_disk {
# - Image : debian-11 # initialize_params {
# - Disque : 10GB # image = "debian-cloud/debian-11"
# - IP publique # size = 10
# - Tags : frontend, ssh # }
# - OS Login enabled # }
# 2. Instance backend : # network_interface {
# - Image : debian-11 # access_config {} # IP publique
# - Disque : 10GB # subnetwork = google_compute_subnetwork.subnet.id
# - Pas d'IP publique (interne seulement) # }
# - Tags : backend, ssh
# - OS Login enabled
# 3. Instance database : # tags = ["web", "app"]
# - Image : debian-11
# - Disque : 20GB # metadata = {
# - Pas d'IP publique # enable-oslogin = "TRUE"
# - Tags : database, ssh # }
# - OS Login enabled # }
resource "google_compute_instance" "vm_frontend" { resource "google_compute_instance" "vm_frontend" {
name = "vm-frontend" name = "vm-frontend"

7
terraform/modules/compute/outputs.tf
View File

@@ -1,7 +1,6 @@
# À vous d'exposer : # output "instance_ip" {
# 1. Les IPs internes de toutes les instances # value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip
# 2. L'IP publique du frontend # }
# 3. Les noms des instances
output "ip_internes" { output "ip_internes" {
value = { value = {

11
terraform/modules/compute/variables.tf
View File

@@ -1,9 +1,8 @@
# À vous de définir les variables pour : # variable "project_id" {
# - instance_type # description = "ID du projet GCP"
# - zone # type = string
# - frontend_subnet_id # default = "mon-projet"
# - backend_subnet_id # }
# - database_subnet_id
variable "instance_type" { variable "instance_type" {
description = "type de l'instance" description = "type de l'instance"

6
terraform/modules/iam/main.tf
View File

@@ -1,9 +1,3 @@
# À vous de créer :
# 1. Un compte de service pour Terraform
# 2. Une clé pour ce compte de service
# 3. Les rôles IAM nécessaires
# 4. La configuration OS Login avec votre clé SSH
resource "google_service_account" "service_account" { resource "google_service_account" "service_account" {
account_id = "terraform" account_id = "terraform"
display_name = "terraform" display_name = "terraform"

11
terraform/modules/iam/outputs.tf
View File

@@ -1,12 +1,17 @@
# À vous d'exposer : # output "instance_ip" {
# 1. L'email du compte de service # value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip
# 2. La clé du compte de service (sensitive = true) # }
output "email" { output "email" {
description = "Service account email." description = "Service account email."
value = google_service_account.service_account.email value = google_service_account.service_account.email
} }
# output "vpc_id" {
# description = "ID of project VPC"
# value = module.vpc.vpc_id
# }
output "key" { output "key" {
description = "Service account private key." description = "Service account private key."
sensitive = true sensitive = true

7
terraform/modules/iam/variables.tf
View File

@@ -1,5 +1,8 @@
# À vous de définir : # variable "project_id" {
# - project_id (string) # description = "ID du projet GCP"
# type = string
# default = "mon-projet"
# }
variable "project_id" { variable "project_id" {
description = "ID du projet" description = "ID du projet"

35
terraform/modules/network/main.tf
View File

@@ -1,19 +1,22 @@
# À vous de créer :
# 1. Un VPC personnalisé avec auto_create_subnetworks = false
# 2. Trois sous-réseaux (frontend, backend, database)
# 3. Règles de firewall :
# - HTTP/HTTPS vers frontend
# - SSH vers toutes les instances
# - Port 8000 de frontend vers backend
# - Port 3306 de backend vers database
# VPC # VPC
# resource "google_compute_network" "vpc" {
# name = "mon-vpc"
# auto_create_subnetworks = false
# }
resource "google_compute_network" "vpc_terraform" { resource "google_compute_network" "vpc_terraform" {
name = "vpc-terraform-2" name = "vpc-terraform-2"
auto_create_subnetworks = false auto_create_subnetworks = false
} }
# Sous-réseau # Sous-réseau
# resource "google_compute_subnetwork" "subnet" {
# name = "mon-subnet"
# network = google_compute_network.vpc.id
# ip_cidr_range = "10.0.1.0/24"
# region = "europe-west1"
# }
resource "google_compute_subnetwork" "subnet_frontend" { resource "google_compute_subnetwork" "subnet_frontend" {
name = "frontend-2" name = "frontend-2"
network = google_compute_network.vpc_terraform.id network = google_compute_network.vpc_terraform.id
@@ -35,6 +38,20 @@ resource "google_compute_subnetwork" "subnet_database" {
region = var.region region = var.region
} }
# Règles de Pare-feu
# resource "google_compute_firewall" "allow_http" {
# name = "allow-http"
# network = google_compute_network.vpc.id
# allow {
# protocol = "tcp"
# ports = ["80", "443"]
# }
# source_ranges = ["0.0.0.0/0"]
# target_tags = ["web"]
# }
resource "google_compute_firewall" "allow_user_frontend" { resource "google_compute_firewall" "allow_user_frontend" {
name = "allow-user-frontend-2" name = "allow-user-frontend-2"
network = google_compute_network.vpc_terraform.id network = google_compute_network.vpc_terraform.id

11
terraform/modules/network/outputs.tf
View File

@@ -1,11 +1,16 @@
# À vous d'exposer : # output "instance_ip" {
# 1. L'ID du VPC # value = google_compute_instance.main.network_interface[0].access_config[0].nat_ip
# 2. Les IDs des sous-réseaux sous forme de map # }
output "vpc" { output "vpc" {
value = google_compute_network.vpc_terraform.id value = google_compute_network.vpc_terraform.id
} }
# output "vpc_id" {
# description = "ID of project VPC"
# value = module.vpc.vpc_id
# }
output "subnets" { output "subnets" {
value = { value = {
frontend = google_compute_subnetwork.subnet_frontend.id frontend = google_compute_subnetwork.subnet_frontend.id

6
terraform/modules/network/variables.tf
View File

@@ -6,6 +6,12 @@
# - database_cidr (string) # - database_cidr (string)
# - ssh_source_ranges (string) # - ssh_source_ranges (string)
# variable "project_id" {
# description = "ID du projet GCP"
# type = string
# default = "mon-projet"
# }
variable "project_name" { variable "project_name" {
description = "Nom du projet" description = "Nom du projet"
type = string type = string