diff --git a/terraform/.gitignore b/terraform/.gitignore deleted file mode 100644 index 7d79a5144bac1a4b96dfe53319c193c75969e9d4..0000000000000000000000000000000000000000 --- a/terraform/.gitignore +++ /dev/null @@ -1,35 +0,0 @@ -# Local .terraform directories -**/.terraform/* - -# .tfstate files -*.tfstate -*.tfstate.* - -# Crash log files -crash.log - -# Exclude all .tfvars files, which are likely to contain sentitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -# -*.tfvars - -# Ignore override files as they are usually used to override resources locally and so -# are not checked in -override.tf -override.tf.json -*_override.tf -*_override.tf.json - -# Include override files you do wish to add to version control using negated pattern -# -# !example_override.tf - -# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan -# example: *tfplan* - -# Ignore CLI configuration files -.terraformrc -terraform.rc -.idea diff --git a/terraform/.terraform.lock.hcl b/terraform/.terraform.lock.hcl deleted file mode 100644 index 492674abcdbd12157f66f383a9da5338fbfd5d5f..0000000000000000000000000000000000000000 --- a/terraform/.terraform.lock.hcl +++ /dev/null @@ -1,39 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/template" { - version = "2.2.0" - constraints = "2.2.0" - hashes = [ - "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=", - "zh:01702196f0a0492ec07917db7aaa595843d8f171dc195f4c988d2ffca2a06386", - "zh:09aae3da826ba3d7df69efeb25d146a1de0d03e951d35019a0f80e4f58c89b53", - "zh:09ba83c0625b6fe0a954da6fbd0c355ac0b7f07f86c91a2a97849140fea49603", - "zh:0e3a6c8e16f17f19010accd0844187d524580d9fdb0731f675ffcf4afba03d16", - "zh:45f2c594b6f2f34ea663704cc72048b212fe7d16fb4cfd959365fa997228a776", - "zh:77ea3e5a0446784d77114b5e851c970a3dde1e08fa6de38210b8385d7605d451", - "zh:8a154388f3708e3df5a69122a23bdfaf760a523788a5081976b3d5616f7d30ae", - "zh:992843002f2db5a11e626b3fc23dc0c87ad3729b3b3cff08e32ffb3df97edbde", - "zh:ad906f4cebd3ec5e43d5cd6dc8f4c5c9cc3b33d2243c89c5fc18f97f7277b51d", - "zh:c979425ddb256511137ecd093e23283234da0154b7fa8b21c2687182d9aea8b2", - ] -} - -provider "registry.terraform.io/hashicorp/vsphere" { - version = "2.0.2" - constraints = "2.0.2" - hashes = [ - "h1:/9qlE9Ni7mhl3cTHLhmYg1AFuyBnXqie53Q5Ujor6oU=", - "zh:0b72856d2a89b118adf64dcfc75a0b0f7d8875e9872c637a9a0549d4a3dd9383", - "zh:2cf50f17464feeac60039f4d36656835895260798d4d9167a1ff2d4e1e464dce", - "zh:39d5f1c99bd4024d88b95892711f234afeb2b83700cdbd3df68a60c6b3bb0ac7", - "zh:551b68f91f5eefa4daee4d826d27d2bc10236e0642fdafd066604884b2a06816", - "zh:8454b5e7dbbf0300bbab1ecd73c12511cf35c0c493ad18e31742d58798e11026", - "zh:84a8233a60240e0020de513668a20d015a7fbc760ad6ab639d52e6ddabfa3376", - "zh:95574b7f092e77f9c629770b802d1635903f14d8d88d3828a96f58ca072876a5", - "zh:a262c779c112e4d6ac47152d6c6303308180dfd4d5929b980cf24707ca9218e9", - "zh:c7622cfa8bab6a6f122c0ab3d4767ecf0f52ccf32d64020aa4e9581f91da5586", - "zh:e01cfc79d21c7151c97047afdc79dfe7bf37c0063908829200480a03359e4c2e", - "zh:f64c3f283c31477886c3d16592426dbefa2cab55f2885cb3351cef094ad898a0", - ] -} diff --git a/terraform/bootstrap.sh b/terraform/bootstrap.sh deleted file mode 100755 index 5bcf1287a6757f63c4411e4a0b184284f89207f9..0000000000000000000000000000000000000000 --- a/terraform/bootstrap.sh +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/bash - -BASEDIR=$(dirname "$0") - -if ! [ -f "$BASEDIR/secret/login.sh" ]; then - echo "Please create the login.sh file!" - exit 0 -fi -source $BASEDIR/secret/login.sh - -if [ -d "$BASEDIR/.terraform" ]; then - echo ".terraform folder exists." -else - terraform init \ - -backend-config="address=https://git.sch.bme.hu/api/v4/projects/${GITLAB_PROJECT_ID}/terraform/state/${GITLAB_STATE_NAME}" \ - -backend-config="lock_address=https://git.sch.bme.hu/api/v4/projects/${GITLAB_PROJECT_ID}/terraform/state/${GITLAB_STATE_NAME}/lock" \ - -backend-config="unlock_address=https://git.sch.bme.hu/api/v4/projects/${GITLAB_PROJECT_ID}/terraform/state/${GITLAB_STATE_NAME}/lock" \ - -backend-config="username=${GITLAB_USER}" \ - -backend-config="password=${GITLAB_REPO_TOKEN}" \ - -backend-config="lock_method=POST" \ - -backend-config="unlock_method=DELETE" \ - -backend-config="retry_wait_min=5" \ - -reconfigure -fi -echo "Environment has been set up." -# to stay in our comfy virtualenv -exec "${SHELL:bash}" \ No newline at end of file diff --git a/terraform/cloud-init/harbor.yaml b/terraform/cloud-init/harbor.yaml deleted file mode 100644 index d368a3e0b76ecae98719570b972e882e7d156024..0000000000000000000000000000000000000000 --- a/terraform/cloud-init/harbor.yaml +++ /dev/null @@ -1,55 +0,0 @@ -#cloud-config -write_files: - - content: | - network: - version: 2 - renderer: networkd - ethernets: - wan: - optional: false - match: - macaddress: 00:50:56:a8:cf:aa - set-name: wan0 - dhcp4: true - - path: /etc/netplan/50-cloud-init.yaml - - content: | - Protocol 2 - Port 10022 - - HostKey /etc/ssh/ssh_host_rsa_key - HostKey /etc/ssh/ssh_host_ed25519_key - - KexAlgorithms curve25519-sha256@libssh.org,diffie-hellman-group-exchange-sha256 - Ciphers chacha20-poly1305@openssh.com,aes256-gcm@openssh.com,aes128-gcm@openssh.com,aes256-ctr,aes192-ctr,aes128-ctr - MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-512,hmac-sha2-256,umac-128@openssh.com - - PermitRootLogin no - PubkeyAuthentication yes - PasswordAuthentication no - - MaxAuthTries 6 - - ChallengeResponseAuthentication no - KerberosAuthentication no - GSSAPIAuthentication no - UsePAM yes - AllowAgentForwarding yes - X11Forwarding yes - PrintMotd no - - AcceptEnv LANG LC_* - - Subsystem sftp /usr/lib/openssh/sftp-server - - AllowUsers ubuntu - path: /etc/ssh/sshd_config -runcmd: - - "netplan apply" - - "systemctl restart ssh" - # Fix slow sudo, because it tries to dns lookup the hostname first - - echo "127.0.1.1 $(hostname)" >> /etc/hosts - # Disable floppy - - echo "blacklist floppy" | sudo tee /etc/modprobe.d/blacklist-floppy.conf - - rmmod floppy || true - - update-initramfs -u \ No newline at end of file diff --git a/terraform/config.tf b/terraform/config.tf deleted file mode 100644 index 0dab6c1fe410a4913de25fba92c2023d4e2c7f07..0000000000000000000000000000000000000000 --- a/terraform/config.tf +++ /dev/null @@ -1,38 +0,0 @@ -terraform { - required_providers { - vsphere = { - source = "hashicorp/vsphere" - version = "2.0.2" - } - template = { - source = "hashicorp/template" - version = "2.2.0" - } - } - backend "http" { - } -} - -# Vsphere provider config - -variable "vsphere_user" { - description = "Administrator user" - type = string - sensitive = false - default = "required" -} - -variable "vsphere_password" { - description = "Administrator password" - type = string - sensitive = true - default = "required" -} - -provider "vsphere" { - user = var.vsphere_user - password = var.vsphere_password - vsphere_server = "horizont.sch.bme.hu" - - allow_unverified_ssl = true -} diff --git a/terraform/data.tf b/terraform/data.tf deleted file mode 100644 index 838db595ce25614ae968a1d7ac5549618adf29b8..0000000000000000000000000000000000000000 --- a/terraform/data.tf +++ /dev/null @@ -1,61 +0,0 @@ -data "vsphere_datacenter" "dc" { - name = "SCH" -} - -data "vsphere_compute_cluster" "SCH-Cluster-01" { - name = "SCH-Cluster-01" - datacenter_id = data.vsphere_datacenter.dc.id -} - -data "vsphere_resource_pool" "kubernetes" { - name = "Kubernetes" - datacenter_id = data.vsphere_datacenter.dc.id -} - -# * Templates - -data "vsphere_virtual_machine" "ubuntu2004-cloud-init" { - name = "ubuntu2004-cloud-init" - datacenter_id = data.vsphere_datacenter.dc.id -} - -# * Datastores - -data "vsphere_datastore_cluster" "SCH-Cluster-FujiStorage" { - name = "SCH-Cluster-FujiStorage" - datacenter_id = data.vsphere_datacenter.dc.id -} - -data "vsphere_datastore" "Memory-Blitzkrieg" { - name = "Memory-Blitzkrieg" - datacenter_id = data.vsphere_datacenter.dc.id -} - -data "vsphere_datastore" "Memory-Storage" { - name = "Memory-Storage" - datacenter_id = data.vsphere_datacenter.dc.id -} - -data "vsphere_datastore" "N1_SSD-01" { - name = "N1_SSD-01" - datacenter_id = data.vsphere_datacenter.dc.id -} -data "vsphere_datastore" "N2_SSD-01" { - name = "N2_SSD-01" - datacenter_id = data.vsphere_datacenter.dc.id -} -data "vsphere_datastore" "N3_SSD-01" { - name = "N3_SSD-01" - datacenter_id = data.vsphere_datacenter.dc.id -} -data "vsphere_datastore" "N4_SSD-01" { - name = "N4_SSD-01" - datacenter_id = data.vsphere_datacenter.dc.id -} - -# * Network - -data "vsphere_network" "dvPG-208-Szerver" { - name = "dvPG-208-Szerver" - datacenter_id = data.vsphere_datacenter.dc.id -} diff --git a/terraform/main.tf b/terraform/main.tf deleted file mode 100644 index a85ee02b565d89445df292b084e0eaeb7c222d49..0000000000000000000000000000000000000000 --- a/terraform/main.tf +++ /dev/null @@ -1,87 +0,0 @@ -locals { - vm_map = { - harbor = { - num_cpus = 2 - memory = 2048 - template_uuid = data.vsphere_virtual_machine.ubuntu2004-cloud-init.id - datastore_cluster_id = data.vsphere_datastore_cluster.SCH-Cluster-FujiStorage.id - vapp_properties = { - public-keys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPpH+TNAwcmxYc5cVctH04wUU83Pba6s/AkKXOnhDn+m rlacko@zen" - user-data = base64encode(file("${path.module}/cloud-init/harbor.yaml")) - } - disk_map = { - 0 = { size = 80 } - } - network_interface_map = { - 01 = { - id = data.vsphere_network.dvPG-208-Szerver.id - mac_address = "00:50:56:a8:cf:aa" - } - } - } - } -} - -resource "vsphere_virtual_machine" "vm" { - for_each = { for k, v in local.vm_map : k => v } - - name = each.key - resource_pool_id = data.vsphere_resource_pool.kubernetes.id - guest_id = try(each.value.guest_id, "ubuntu64Guest") - num_cpus = try(each.value.num_cpus, 1) - memory = try(each.value.memory, 1024) - firmware = try(each.value.firmware, "efi") - folder = "KSZK/sysadmin/k8s" - wait_for_guest_net_timeout = try(each.value.wait_for_guest_net_timeout, 0) - wait_for_guest_ip_timeout = try(each.value.wait_for_guest_ip_timeout, 0) - sync_time_with_host = true - sync_time_with_host_periodically = false - - datastore_cluster_id = try(each.value.datastore_cluster_id, null) - datastore_id = try(each.value.datastore_id, null) - - dynamic "clone" { - for_each = can(each.value.template_uuid) ? [1] : [] - content { - template_uuid = each.value.template_uuid - } - } - dynamic "vapp" { - for_each = can(each.value.template_uuid) ? [1] : [] - content { - properties = { - public-keys = each.value.vapp_properties.public-keys - hostname = try(each.value.vapp_properties.hostname, each.key) - instance-id = try(each.value.vapp_properties.instance-id, each.key) - password = try(each.value.vapp_properties.password, null) - user-data = try(each.value.vapp_properties.user-data, null) - } - } - } - - dynamic "network_interface" { - for_each = each.value.network_interface_map - content { - network_id = network_interface.value.id - use_static_mac = can(network_interface.value.mac_address) - mac_address = try(network_interface.value.mac_address, null) - } - } - - dynamic "disk" { - for_each = each.value.disk_map - content { - thin_provisioned = false - label = "disk${tostring(disk.key)}" - size = disk.value.size - unit_number = tonumber(disk.key) - } - } - - dynamic "cdrom" { - for_each = can(each.value.template_uuid) ? [1] : [] - content { - client_device = true - } - } -} diff --git a/terraform/secret/.gitignore b/terraform/secret/.gitignore deleted file mode 100644 index 6b45583134f2f15bb3a087737ef911191f5e0a16..0000000000000000000000000000000000000000 --- a/terraform/secret/.gitignore +++ /dev/null @@ -1 +0,0 @@ -login.sh \ No newline at end of file diff --git a/terraform/secret/login.sh.example b/terraform/secret/login.sh.example deleted file mode 100755 index 7442c2be686eae035610ddf6e039987873e13f1b..0000000000000000000000000000000000000000 --- a/terraform/secret/login.sh.example +++ /dev/null @@ -1,14 +0,0 @@ -#!/bin/bash - -# Gitlab Project ID, this will be used as state store -export GITLAB_PROJECT_ID="0" -# If you want to rename the terraform state name, feel free. -export GITLAB_STATE_NAME="state" -# GitLab username -export GITLAB_USER="user" -# Access token with API Acces to the repo -export GITLAB_REPO_TOKEN="acces token" -# vSphere Username -export TF_VAR_vsphere_user="username" -# vSphere Password -export TF_VAR_vsphere_password="pw"