slawek/gcp-simple-lz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added conditional project designation feature for relevant modules.

Browse Source
This commit is contained in:
Sławek Koszewski
2025-03-31 21:17:33 +02:00
parent fadc7573cb
commit e7222382f1
13 changed files with 89 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+13 -3
View File
@@ -9,6 +9,16 @@ There are two submodules:
Compute Engine free tier regions:
* Oregon - **us-west1**
* Iowa - **us-central1**
* South Carolina - **us-east1**
* Oregon (**us-west1**)
* `us-west1-a`
* `us-west1-b`
* `us-west1-c`
* Iowa (**us-central1**)
* `us-central1-a`
* `us-central1-b`
* `us-central1-c`
* `us-central1-f`
* South Carolina (**us-east1**)
* `us-east1-b`
* `us-east1-c`
* `us-east1-d`
main.tf
+13 -5
View File
@@ -7,9 +7,14 @@ terraform {
}
}
locals {
hub_region = substr(var.hub.zone, 0, length(var.hub.zone) - 2)
spoke_region = substr(var.spoke.zone, 0, length(var.spoke.zone) - 2)
}
provider "google" {
# Configuration options
region = var.hub.region
region = local.hub_region
zone = var.hub.zone
project = var.hub.project
}
@@ -18,10 +23,11 @@ module "hub_network" {
source = "./modules/network"
name = "${var.hub.name}-vpc"
subnets = [{
name = "${var.hub.name}-network"
cidr = var.hub.cidr
region = var.hub.region
region = local.hub_region
}]
nat = true
@@ -31,11 +37,13 @@ module "spoke_network" {
source = "./modules/network"
name = "${var.spoke.name}-vpc"
project_id = var.spoke.project
subnets = [
{
name = "${var.spoke.name}-network"
cidr = var.spoke.cidr
region = var.spoke.region
region = local.spoke_region
}
]
@@ -70,7 +78,7 @@ module "gw" {
name = "${var.hub.name}-vpn"
network_name = module.hub_network.name
region = var.hub.region
region = local.hub_region
vpn_external_ip = var.vpn_external_ip
}
@@ -102,6 +110,7 @@ module "vm_spoke" {
source = "./modules/linux-vm"
name = "vm-${var.spoke.name}"
project_id = var.spoke.project
network_name = "${var.spoke.name}-vpc"
subnet_name = "${var.spoke.name}-network"
ssh = var.ssh
@@ -112,7 +121,6 @@ module "vm_spoke" {
module "koszewscy_internal_zone" {
source = "./modules/dns-managed-zone"
project_id = var.hub.project
dns_name = "koszewscy.waw.pl."
network_id = module.hub_network.id
modules/cloud-vpn-tunnel/main.tf
+5 -1
View File
@@ -1,3 +1,5 @@
data "google_client_config" "default" {}
data "google_compute_vpn_gateway" "gw" {
name = var.gw_name
}
@@ -6,12 +8,13 @@ locals {
vpc_name = regex("networks/([^/]+)$", data.google_compute_vpn_gateway.gw.network)[0]
}
data google_compute_network network {
data "google_compute_network" "network" {
name = local.vpc_name
}
resource "google_compute_vpn_tunnel" "tunnel" {
name = var.name
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
target_vpn_gateway = data.google_compute_vpn_gateway.gw.id
shared_secret = var.shared_secret
@@ -25,6 +28,7 @@ resource "google_compute_vpn_tunnel" "tunnel" {
resource "google_compute_route" "route_to_remote_network" {
count = length(var.remote_selectors)
name = "${data.google_compute_network.network.name}-to-${replace(var.remote_selectors[count.index], "/[./]/", "-")}"
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
network = data.google_compute_network.network.name
dest_range = var.remote_selectors[count.index]
next_hop_vpn_tunnel = google_compute_vpn_tunnel.tunnel.id
modules/cloud-vpn-tunnel/variables.tf
+7
View File
@@ -3,6 +3,13 @@ variable "name" {
type = string
}
variable "project_id" {
description = "The GCP project ID. If not provided, the default project will be used."
type = string
nullable = true
default = null
}
variable "gw_name" {
description = "The name of the VPN gateway"
type = string
modules/cloud-vpn/main.tf
+7
View File
@@ -1,14 +1,18 @@
data "google_client_config" "default" {}
# Cloud VPN
resource "google_compute_vpn_gateway" "gw" {
name = var.name
network = var.network_name
region = var.region
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
}
resource "google_compute_address" "vpn_ip" {
count = var.vpn_external_ip != null ? 0 : 1
name = "${var.name}-ip"
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
region = var.region
address_type = "EXTERNAL"
}
@@ -21,6 +25,7 @@ data "google_compute_address" "vpn_ip" {
resource "google_compute_forwarding_rule" "gw_fw_esp" {
name = "fwd-esp"
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
ip_protocol = "ESP"
ip_address = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
target = google_compute_vpn_gateway.gw.id
@@ -28,6 +33,7 @@ resource "google_compute_forwarding_rule" "gw_fw_esp" {
resource "google_compute_forwarding_rule" "gw_fw_udp_500" {
name = "fwd-udp-500"
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
ip_protocol = "UDP"
ip_address = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
port_range = "500"
@@ -36,6 +42,7 @@ resource "google_compute_forwarding_rule" "gw_fw_udp_500" {
resource "google_compute_forwarding_rule" "gw_fw_udp_4500" {
name = "fwd-udp-4500"
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
ip_protocol = "UDP"
ip_address = var.vpn_external_ip != null ? data.google_compute_address.vpn_ip[0].address : google_compute_address.vpn_ip[0].address
port_range = "4500"
modules/cloud-vpn/variables.tf
+7
View File
@@ -3,6 +3,13 @@ variable "name" {
type = string
}
variable "project_id" {
description = "The GCP project ID. If not provided, the default project will be used."
type = string
nullable = true
default = null
}
variable "network_name" {
description = "The name of the network."
type = string
modules/dns-managed-zone/main.tf
+4 -2
View File
@@ -1,7 +1,9 @@
data "google_client_config" "default" {}
resource "google_dns_managed_zone" "zone" {
dns_name = var.dns_name
name = var.zone_name != null ? var.zone_name : "${replace(replace(var.dns_name, "/\\.$/", ""), ".", "-")}-zone"
project = var.project_id
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
visibility = var.network_id != null ? "private" : "public"
@@ -38,7 +40,7 @@ resource "google_dns_managed_zone" "zone" {
resource "google_dns_record_set" "records" {
count = length(var.resource_records)
project = var.project_id
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
managed_zone = google_dns_managed_zone.zone.name
name = var.resource_records[count.index].name
modules/dns-managed-zone/variables.tf
+3 -1
View File
@@ -1,6 +1,8 @@
variable "project_id" {
description = "The project ID where the managed zone will be created."
description = "The GCP project ID. If not provided, the default project will be used."
type = string
nullable = true
default = null
}
variable "dns_name" {
modules/linux-vm/main.tf
+4
View File
@@ -1,7 +1,10 @@
data "google_client_config" "default" {}
resource "google_compute_instance" "vm_hub" {
name = var.name
machine_type = var.machine_type
can_ip_forward = var.can_ip_forward
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
description = var.description
boot_disk {
@@ -13,6 +16,7 @@ resource "google_compute_instance" "vm_hub" {
network_interface {
network = var.network_name
subnetwork = var.subnet_name
subnetwork_project = var.project_id != null ? var.project_id : data.google_client_config.default.project
}
metadata = {
modules/linux-vm/variables.tf
+7
View File
@@ -3,6 +3,13 @@ variable "name" {
type = string
}
variable "project_id" {
description = "The GCP project ID. If not provided, the default project will be used."
type = string
nullable = true
default = null
}
variable "machine_type" {
description = "The machine type of the VM instance."
type = string
modules/network/main.tf
+6
View File
@@ -1,13 +1,17 @@
data "google_client_config" "default" {}
# VPC
resource "google_compute_network" "network" {
name = var.name
auto_create_subnetworks = false
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
}
# Subnets
resource "google_compute_subnetwork" "subnet" {
count = length(var.subnets)
name = var.subnets[count.index].name
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
ip_cidr_range = var.subnets[count.index].cidr
region = var.subnets[count.index].region != null ? var.subnets[count.index].region : var.subnets[0].region
network = google_compute_network.network.id
@@ -18,6 +22,7 @@ resource "google_compute_router" "cr" {
count = var.nat ? 1 : 0
name = "${var.name}-router"
network = var.name
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
depends_on = [google_compute_network.network]
}
@@ -25,6 +30,7 @@ resource "google_compute_router" "cr" {
resource "google_compute_router_nat" "nat" {
count = var.nat ? 1 : 0
name = "${var.name}-nat"
project = var.project_id != null ? var.project_id : data.google_client_config.default.project
router = google_compute_router.cr[0].name
nat_ip_allocate_option = "AUTO_ONLY"
source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
modules/network/variables.tf
+7
View File
@@ -3,6 +3,13 @@ variable "name" {
type = string
}
variable "project_id" {
description = "The GCP project ID. If not provided, the default project will be used."
type = string
nullable = true
default = null
}
# A Cloud NAT will be created in the same region as the first subnet.
variable "subnets" {
description = "A list of subnets with names and CIDRs."
variables.tf
-2
View File
@@ -1,7 +1,6 @@
variable "hub" {
type = object({
name = string
region = string
zone = string
project = string
cidr = string
@@ -11,7 +10,6 @@ variable "hub" {
variable "spoke" {
type = object({
name = string
region = string
zone = string
project = string
cidr = string