117 lines
2.2 KiB
Terraform
117 lines
2.2 KiB
Terraform
terraform {
|
|
required_providers {
|
|
google = {
|
|
source = "hashicorp/google"
|
|
version = ">= 6.27.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "google" {
|
|
# Configuration options
|
|
region = var.hub.region
|
|
zone = var.hub.zone
|
|
project = var.hub.project
|
|
}
|
|
|
|
module "hub_network" {
|
|
source = "./modules/network"
|
|
|
|
name = "${var.hub.name}-vpc"
|
|
subnets = [{
|
|
name = "${var.hub.name}-network"
|
|
cidr = var.hub.cidr
|
|
region = var.hub.region
|
|
}]
|
|
|
|
nat = true
|
|
}
|
|
|
|
module "spoke_network" {
|
|
source = "./modules/network"
|
|
|
|
name = "${var.spoke.name}-vpc"
|
|
subnets = [
|
|
{
|
|
name = "${var.spoke.name}-network"
|
|
cidr = var.spoke.cidr
|
|
region = var.spoke.region
|
|
}
|
|
]
|
|
|
|
nat = true
|
|
}
|
|
|
|
module "hub_to_spoke_peering" {
|
|
source = "./modules/network-peering"
|
|
|
|
left = {
|
|
project_id = var.hub.project
|
|
network_id = module.hub_network.id
|
|
network_name = module.hub_network.name
|
|
}
|
|
|
|
right = {
|
|
project_id = var.spoke.project
|
|
network_id = module.spoke_network.id
|
|
network_name = module.spoke_network.name
|
|
}
|
|
|
|
hub_spoke = true
|
|
|
|
depends_on = [
|
|
module.hub_network,
|
|
module.spoke_network
|
|
]
|
|
}
|
|
|
|
module "gw" {
|
|
source = "./modules/cloud-vpn"
|
|
|
|
name = "${var.hub.name}-vpn"
|
|
network_name = module.hub_network.name
|
|
region = var.hub.region
|
|
vpn_external_ip = "vpw-gw-us-west1"
|
|
}
|
|
|
|
module "to_lazurowa" {
|
|
source = "./modules/cloud-vpn-tunnel"
|
|
name = "${var.hub.name}-to-lazurowa"
|
|
gw_name = module.gw.name
|
|
peer_ip = var.peer_ip
|
|
shared_secret = var.shared_secret
|
|
|
|
local_selectors = [
|
|
var.hub.cidr,
|
|
var.spoke.cidr
|
|
]
|
|
|
|
remote_selectors = [
|
|
"192.168.2.0/24", "192.168.10.0/24"
|
|
]
|
|
|
|
depends_on = [module.gw]
|
|
}
|
|
|
|
module "vm_hub" {
|
|
source = "./modules/linux-vm"
|
|
|
|
name = "vm-${var.hub.name}"
|
|
network_name = "${var.hub.name}-vpc"
|
|
subnet_name = "${var.hub.name}-network"
|
|
ssh = var.ssh
|
|
|
|
depends_on = [module.hub_network]
|
|
}
|
|
|
|
module "vm_spoke" {
|
|
source = "./modules/linux-vm"
|
|
|
|
name = "vm-${var.spoke.name}"
|
|
network_name = "${var.spoke.name}-vpc"
|
|
subnet_name = "${var.spoke.name}-network"
|
|
ssh = var.ssh
|
|
|
|
depends_on = [module.spoke_network]
|
|
}
|