150 lines
3.1 KiB
Terraform
150 lines
3.1 KiB
Terraform
terraform {
|
|
required_providers {
|
|
google = {
|
|
source = "hashicorp/google"
|
|
version = ">= 6.27.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
locals {
|
|
hub_region = substr(var.hub.zone, 0, length(var.hub.zone) - 2)
|
|
spoke_region = substr(var.spoke.zone, 0, length(var.spoke.zone) - 2)
|
|
}
|
|
|
|
provider "google" {
|
|
# Configuration options
|
|
region = local.hub_region
|
|
zone = var.hub.zone
|
|
project = var.hub.project
|
|
}
|
|
|
|
module "hub_network" {
|
|
source = "./modules/network"
|
|
|
|
name = "${var.hub.name}-vpc"
|
|
|
|
subnets = [{
|
|
name = "${var.hub.name}-network"
|
|
cidr = var.hub.cidr
|
|
region = local.hub_region
|
|
}]
|
|
|
|
nat = true
|
|
}
|
|
|
|
module "spoke_network" {
|
|
source = "./modules/network"
|
|
|
|
name = "${var.spoke.name}-vpc"
|
|
project_id = var.spoke.project
|
|
|
|
subnets = [
|
|
{
|
|
name = "${var.spoke.name}-network"
|
|
cidr = var.spoke.cidr
|
|
region = local.spoke_region
|
|
}
|
|
]
|
|
|
|
nat = true
|
|
}
|
|
|
|
module "hub_to_spoke_peering" {
|
|
source = "./modules/network-peering"
|
|
|
|
left = {
|
|
project_id = var.hub.project
|
|
network_id = module.hub_network.id
|
|
network_name = module.hub_network.name
|
|
}
|
|
|
|
right = {
|
|
project_id = var.spoke.project
|
|
network_id = module.spoke_network.id
|
|
network_name = module.spoke_network.name
|
|
}
|
|
|
|
hub_spoke = true
|
|
|
|
depends_on = [
|
|
module.hub_network,
|
|
module.spoke_network
|
|
]
|
|
}
|
|
|
|
module "gw" {
|
|
source = "./modules/cloud-vpn"
|
|
|
|
name = "${var.hub.name}-vpn"
|
|
network_name = module.hub_network.name
|
|
region = local.hub_region
|
|
vpn_external_ip = var.vpn_external_ip
|
|
}
|
|
|
|
module "to_lazurowa" {
|
|
source = "./modules/cloud-vpn-tunnel"
|
|
name = "${var.hub.name}-to-lazurowa"
|
|
gw_name = module.gw.name
|
|
peer_ip = var.peer_ip
|
|
shared_secret = var.shared_secret
|
|
|
|
local_selectors = [var.hub.cidr, var.spoke.cidr]
|
|
remote_selectors = var.remote_selectors
|
|
|
|
module "vm_gw" {
|
|
source = "./modules/linux-vm"
|
|
|
|
name = "vm-${var.hub.name}-gw"
|
|
network_name = "${var.hub.name}-vpc"
|
|
subnet_name = "${var.hub.name}-network"
|
|
ssh = var.ssh
|
|
can_ip_forward = true
|
|
|
|
depends_on = [module.hub_network]
|
|
}
|
|
|
|
module "vm_hub" {
|
|
source = "./modules/linux-vm"
|
|
|
|
name = "vm-${var.hub.name}"
|
|
network_name = "${var.hub.name}-vpc"
|
|
subnet_name = "${var.hub.name}-network"
|
|
ssh = var.ssh
|
|
|
|
depends_on = [module.hub_network]
|
|
}
|
|
|
|
module "vm_spoke" {
|
|
source = "./modules/linux-vm"
|
|
|
|
name = "vm-${var.spoke.name}"
|
|
project_id = var.spoke.project
|
|
network_name = "${var.spoke.name}-vpc"
|
|
subnet_name = "${var.spoke.name}-network"
|
|
ssh = var.ssh
|
|
|
|
depends_on = [module.spoke_network]
|
|
}
|
|
|
|
module "koszewscy_internal_zone" {
|
|
source = "./modules/dns-managed-zone"
|
|
|
|
dns_name = "koszewscy.waw.pl."
|
|
|
|
network_id = module.hub_network.id
|
|
|
|
target_name_servers = ["192.168.2.5"]
|
|
}
|
|
|
|
module "koszewscy_internal_zone_spoke" {
|
|
source = "./modules/dns-managed-zone"
|
|
|
|
project_id = var.spoke.project
|
|
dns_name = "koszewscy.waw.pl."
|
|
zone_name = "koszewscy-waw-pl-spoke"
|
|
|
|
network_id = module.spoke_network.id
|
|
peering_network_id = module.hub_network.id
|
|
}
|