From f48c698399c4609eb7d79ab24a3769e1f11741d2 Mon Sep 17 00:00:00 2001 From: kara-mosr Date: Wed, 3 Dec 2025 16:48:20 +0100 Subject: [PATCH] ajout des configs terraform --- terraform/environments/dev/outputs.tf | 19 ------ terraform/modules/compute/main.tf | 81 -------------------------- terraform/modules/compute/outputs.tf | 22 ------- terraform/modules/compute/variables.tf | 35 ----------- terraform/modules/iam/main.tf | 30 ---------- terraform/modules/iam/outputs.tf | 13 ----- terraform/modules/iam/variables.tf | 20 ------- 7 files changed, 220 deletions(-) diff --git a/terraform/environments/dev/outputs.tf b/terraform/environments/dev/outputs.tf index ca0746f..e69de29 100644 --- a/terraform/environments/dev/outputs.tf +++ b/terraform/environments/dev/outputs.tf @@ -1,19 +0,0 @@ -output "frontend_public_ip" { - description = "IP publique du Frontend pour les tests HTTP/HTTPS." - value = module.compute.frontend_public_ip -} - -output "internal_ips" { - description = "Map des IPs internes pour la configuration Ansible." - value = module.compute.internal_ips -} - -output "gcp_user_for_ssh" { - description = "Nom d'utilisateur pour se connecter en SSH via OS Login." - value = regex("^(.*)@", var.gcp_user_email)[0] -} - -output "service_account_email" { - description = "Email du compte de service Terraform." - value = module.iam.service_account_email -} \ No newline at end of file diff --git a/terraform/modules/compute/main.tf b/terraform/modules/compute/main.tf index 75b938f..e69de29 100644 --- a/terraform/modules/compute/main.tf +++ b/terraform/modules/compute/main.tf @@ -1,81 +0,0 @@ -locals { - disk_config = { - frontend = 10 - backend = 10 - database = 20 - } -} - -resource "google_compute_instance" "frontend_instance" { - project = var.project_id - name = "frontend-instance" - machine_type = var.instance_type - zone = var.zone - tags = ["frontend", "ssh"] - - boot_disk { - initialize_params { - image = var.image - size = local.disk_config.frontend - } - } - - network_interface { - subnetwork = var.frontend_subnet_id - access_config { - # IP publique (éphémère) - } - } - - metadata = { - enable-oslogin = "TRUE" - } -} - -resource "google_compute_instance" "backend_instance" { - project = var.project_id - name = "backend-instance" - machine_type = var.instance_type - zone = var.zone - tags = ["backend", "ssh"] - - boot_disk { - initialize_params { - image = var.image - size = local.disk_config.backend - } - } - - network_interface { - subnetwork = var.backend_subnet_id - # Pas de bloc access_config pour IP interne seulement - } - - metadata = { - enable-oslogin = "TRUE" - } -} - -resource "google_compute_instance" "database_instance" { - project = var.project_id - name = "database-instance" - machine_type = var.instance_type - zone = var.zone - tags = ["database", "ssh"] - - boot_disk { - initialize_params { - image = var.image - size = local.disk_config.database - } - } - - network_interface { - subnetwork = var.database_subnet_id - # Pas de bloc access_config pour IP interne seulement - } - - metadata = { - enable-oslogin = "TRUE" - } -} \ No newline at end of file diff --git a/terraform/modules/compute/outputs.tf b/terraform/modules/compute/outputs.tf index a48fce3..e69de29 100644 --- a/terraform/modules/compute/outputs.tf +++ b/terraform/modules/compute/outputs.tf @@ -1,22 +0,0 @@ -output "frontend_public_ip" { - description = "L'IP publique de l'instance frontend." - value = google_compute_instance.frontend_instance.network_interface[0].access_config[0].nat_ip -} - -output "internal_ips" { - description = "Map des IPs internes de toutes les instances." - value = { - frontend = google_compute_instance.frontend_instance.network_interface[0].network_ip - backend = google_compute_instance.backend_instance.network_interface[0].network_ip - database = google_compute_instance.database_instance.network_interface[0].network_ip - } -} - -output "instance_names" { - description = "Map des noms des instances." - value = { - frontend = google_compute_instance.frontend_instance.name - backend = google_compute_instance.backend_instance.name - database = google_compute_instance.database_instance.name - } -} \ No newline at end of file diff --git a/terraform/modules/compute/variables.tf b/terraform/modules/compute/variables.tf index 379c31f..e69de29 100644 --- a/terraform/modules/compute/variables.tf +++ b/terraform/modules/compute/variables.tf @@ -1,35 +0,0 @@ -variable "project_id" { - description = "L'ID du projet GCP." - type = string -} - -variable "instance_type" { - description = "Le type de machine (machine type) pour les instances (ex: e2-small)." - type = string -} - -variable "zone" { - description = "La zone GCP où déployer les instances." - type = string -} - -variable "image" { - description = "L'image du système d'exploitation à utiliser (ex: debian-cloud/debian-11)." - type = string - default = "debian-cloud/debian-11" -} - -variable "frontend_subnet_id" { - description = "L'ID du sous-réseau frontend." - type = string -} - -variable "backend_subnet_id" { - description = "L'ID du sous-réseau backend." - type = string -} - -variable "database_subnet_id" { - description = "L'ID du sous-réseau database." - type = string -} \ No newline at end of file diff --git a/terraform/modules/iam/main.tf b/terraform/modules/iam/main.tf index 78c980b..e69de29 100644 --- a/terraform/modules/iam/main.tf +++ b/terraform/modules/iam/main.tf @@ -1,30 +0,0 @@ -resource "google_service_account" "terraform_sa" { - project = var.project_id - account_id = var.service_account_name - display_name = "Terraform Deployment SA" -} - -resource "google_project_iam_member" "sa_roles" { - for_each = toset([ - "roles/compute.admin", - "roles/iam.serviceAccountUser" - ]) - project = var.project_id - role = each.key - member = "serviceAccount:${google_service_account.terraform_sa.email}" -} - -resource "google_project_iam_member" "oslogin_roles" { - for_each = toset([ - "roles/compute.osLogin", - "roles/iam.serviceAccountUser" - ]) - project = var.project_id - role = each.key - member = "user:${var.gcp_user_email}" -} - -resource "google_os_login_ssh_public_key" "user_ssh_key" { - user = var.gcp_user_email - key = var.ssh_public_key -} \ No newline at end of file diff --git a/terraform/modules/iam/outputs.tf b/terraform/modules/iam/outputs.tf index 31382af..e69de29 100644 --- a/terraform/modules/iam/outputs.tf +++ b/terraform/modules/iam/outputs.tf @@ -1,13 +0,0 @@ -output "service_account_email" { - description = "L'email du compte de service créé." - value = google_service_account.terraform_sa.email -} - -# La clé n'est pas exposée ici mais l'output est là pour l'exercice (décommenter si nécessaire) -/* -output "service_account_key" { - description = "La clé privée encodée du compte de service." - value = google_service_account_key.terraform_sa_key.private_key_base64 - sensitive = true -} -*/ \ No newline at end of file diff --git a/terraform/modules/iam/variables.tf b/terraform/modules/iam/variables.tf index 84578a3..e69de29 100644 --- a/terraform/modules/iam/variables.tf +++ b/terraform/modules/iam/variables.tf @@ -1,20 +0,0 @@ -variable "project_id" { - description = "L'ID du projet GCP." - type = string -} - -variable "service_account_name" { - description = "Nom du compte de service Terraform." - type = string - default = "terraform-deployer" -} - -variable "gcp_user_email" { - description = "Votre adresse e-mail GCP (pour OS Login)." - type = string -} - -variable "ssh_public_key" { - description = "Votre clé publique SSH (contenu du fichier ~/.ssh/id_ed25519.pub)." - type = string -} \ No newline at end of file