Solution0.9

backend.tf

@@ -2,7 +2,7 @@ terraform {
   backend "azurerm" {
     resource_group_name  = "mate-azure-task-12"
     storage_account_name = "storagemodulesouth"
-    container_name       = "task-artifacts"
+    container_name       = "tfstate"
     key                  = "terraform.tfstate"
   }
 }

install-app.sh

@@ -7,17 +7,17 @@
 # install system updates and isntall python3-pip package using apt. '-yq' flags are 
 # used to suppress any interactive prompts - we won't be able to confirm operation 
 # when running the script as VM extention.  
-apt-get update -yq
-apt-get install python3-pip -yq
+sudo apt-get update -yq
+sudo apt-get install python3-pip -yq
 
 # Create a directory for the app and download the files. 
 mkdir /app 
 # make sure to uncomment the line bellow and update the link with your GitHub username
 # git clone https://github.com/<your-gh-username>/azure_task_12_deploy_app_with_vm_extention.git
-cp -r devops_todolist_terraform_task/app/* /app
+sudo cp -r devops_todolist_terraform_task/app/* /app
 
 # create a service for the app via systemctl and start the app
-mv /app/todoapp.service /etc/systemd/system/
-systemctl daemon-reload
-systemctl start todoapp
-systemctl enable todoapp
+sudo mv /app/todoapp.service /etc/systemd/system/
+sudo systemctl daemon-reload
+sudo systemctl start todoapp
+sudo systemctl enable todoapp

main.tf

@@ -7,42 +7,66 @@ terraform {
   }
 }
 
-
 provider "azurerm" {
   features {}
   subscription_id = "d345fa5d-4fda-4d1e-abf1-c8a7e4fb0576"
   tenant_id       = "e84abfc3-c8c5-4892-8f6d-942a64e5bfc4"
 }
 
-
 resource "azurerm_resource_group" "main" {
   name     = var.resource_group_name
   location = var.location
 }
 
-
 module "network" {
-  source              = "./modules/network"
-  resource_group_name = azurerm_resource_group.main.name
-  location            = azurerm_resource_group.main.location
-  dns_label           = var.dns_label
+  source                      = "./modules/network"
+  location                    = var.location
+  resource_group_name         = azurerm_resource_group.main.name
+  virtual_network_name        = var.virtual_network_name
+  vnet_address_prefix         = var.vnet_address_prefix
+  subnet_name                 = var.subnet_name
+  subnet_address_prefix       = var.subnet_address_prefix
+  network_security_group_name = var.network_security_group_name
+  dns_label                   = var.dns_label
 }
 
 module "compute" {
-  source              = "./modules/compute"
-  location            = azurerm_resource_group.main.location
-  resource_group_name = azurerm_resource_group.main.name
-  vm_name             = var.vm_name
-
-  subnet_id         = module.network.subnet_id
-  public_ip_address = module.network.public_ip_address
-  ssh_key           = var.ssh_key
-  blob_url             = "https://raw.githubusercontent.com/mate-academy/devops_todolist_terraform_task/main/install-app.sh"
+  source               = "./modules/compute"
+  location             = azurerm_resource_group.main.location
+  resource_group_name  = azurerm_resource_group.main.name
+  vm_name              = var.vm_name
+  vm_size              = var.vm_size
+  subnet_id            = module.network.subnet_id
+  public_ip_address_id = module.network.public_ip_address_id
+  ssh_key              = var.ssh_key
+  blob_url             = var.blob_url
 }
 
 module "storage" {
-  source               = "./modules/storage"
-  resource_group_name  = azurerm_resource_group.main.name
-  location             = azurerm_resource_group.main.location
-  storage_account_name = var.storage_account_name
+  source                 = "./modules/storage"
+  resource_group_name    = azurerm_resource_group.main.name
+  location               = azurerm_resource_group.main.location
+  storage_account_name   = var.storage_account_name
+  storage_container_name = var.storage_container_name
+  source_file_path       = var.source_file_path
+
+}
+
+resource "null_resource" "clone_git_repo" {
+  provisioner "remote-exec" {
+    inline = [
+      "sudo apt-get update",
+      "sudo apt-get install -y git",
+      "git clone https://github.com/Serveladik/devops_todolist_terraform_task /home/azureuser/devops_todolist_terraform_task"
+    ]
+
+    connection {
+      type        = "ssh"
+      user        = "azureuser"
+      private_key = var.ssh_key
+      host        = module.network.public_ip_address
+    }
+  }
+
+  depends_on = [module.compute]
 }

modules/compute/main.tf

@@ -1,12 +1,3 @@
-resource "azurerm_public_ip" "linuxboxpip" {
-  name                = "${var.vm_name}-public-ip"
-  location            = var.location
-  resource_group_name = var.resource_group_name
-  allocation_method   = "Dynamic"
-  sku                 = "Basic"
-}
-
-
 resource "azurerm_network_interface" "nic" {
   name                = "${var.vm_name}-nic"
   location            = var.location
@@ -15,55 +6,44 @@ resource "azurerm_network_interface" "nic" {
     name                          = "internal"
     subnet_id                     = var.subnet_id
     private_ip_address_allocation = "Dynamic"
-    public_ip_address_id          = azurerm_public_ip.linuxboxpip.id
+    public_ip_address_id          = var.public_ip_address_id
   }
 }
 
 resource "azurerm_linux_virtual_machine" "vm" {
-  name                            = var.vm_name
-  location                        = var.location
-  resource_group_name             = var.resource_group_name
-  network_interface_ids           = [azurerm_network_interface.nic.id]
-  size                            = var.vm_size
-  disable_password_authentication = false
-
-  #computer_name  = var.vm_name
-  admin_username = "adminuser"
-  admin_password = "P@ssw0rd1234"
-
-
-  source_image_reference {
-    publisher = "Canonical"
-    offer     = "0001-com-ubuntu-server-jammy"
-    sku       = "22_04-lts"
-    version   = "latest"
+  name                = var.vm_name
+  resource_group_name = var.resource_group_name
+  location            = var.location
+  size                = "Standard_B1s"
+  admin_username      = "azureuser"
+  network_interface_ids = [
+    azurerm_network_interface.nic.id,
+  ]
+  admin_ssh_key {
+    username   = "azureuser"
+    public_key = var.ssh_key
   }
-
   os_disk {
-    name                 = "vm-disk-module"
     caching              = "ReadWrite"
     storage_account_type = "Standard_LRS"
+    disk_size_gb         = 30
   }
-  tags = {
-    Name = var.vm_name
+  source_image_reference {
+    publisher = "Canonical"
+    offer     = "0001-com-ubuntu-server-jammy"
+    sku       = "22_04-lts"
+    version   = "latest"
   }
 }
 
-resource "azurerm_virtual_machine_extension" "CustomScript" {
-  name                 = "CustomScript"
+resource "azurerm_virtual_machine_extension" "custom_script" {
+  name                 = "install-app"
   virtual_machine_id   = azurerm_linux_virtual_machine.vm.id
   publisher            = "Microsoft.Azure.Extensions"
   type                 = "CustomScript"
   type_handler_version = "2.1"
-
-  settings = <<SETTINGS
-  {
-    "fileUris": [
-      "https://raw.githubusercontent.com/mate-academy/devops_todolist_terraform_task/main/install-app.sh"
-    ],
-    "commandToExecute": "bash install-app.sh"
-  }
-SETTINGS
-
-  depends_on = [azurerm_linux_virtual_machine.vm]
-}
+  settings = jsonencode({
+    fileUris = [var.blob_url]
+    commandToExecute = "bash install-app.sh"
+  })
+}

modules/compute/outputs.tf

@@ -1,7 +1,3 @@
 output "vm_id" {
   value = azurerm_linux_virtual_machine.vm.id
 }
-
-output "vm_ip" {
-  value = azurerm_network_interface.nic.private_ip_address
-}

modules/compute/variables.tf

@@ -1,35 +1,31 @@
-variable "vm_name" {
-  type    = string
-  default = "matebox"
-}
-
 variable "location" {
-  type    = string
-  default = "uksouth"
+  type = string
 }
 
 variable "resource_group_name" {
-  type    = string
-  default = "mate-azure-task-12"
+  type = string
 }
 
-variable "subnet_id" {
+variable "vm_name" {
   type = string
 }
 
-variable "public_ip_address" {
+variable "vm_size" {
   type = string
 }
 
-variable "vm_size" {
-  type    = string
-  default = "Standard_B1s"
+variable "subnet_id" {
+  type = string
 }
 
-variable "blob_url" {
-  type        = string
+variable "public_ip_address_id" {
+  type = string
 }
 
 variable "ssh_key" {
   type = string
 }
+
+variable "blob_url" {
+  type = string
+}

modules/network/main.tf

@@ -18,25 +18,13 @@ resource "azurerm_network_security_group" "defaultnsg" {
   resource_group_name = var.resource_group_name
 
   security_rule {
-    name                       = "allow_http"
+    name                       = "nsgsecuritygroup"
     priority                   = 100
     direction                  = "Inbound"
     access                     = "Allow"
     protocol                   = "Tcp"
     source_port_range          = "*"
-    destination_port_range     = "80"
-    source_address_prefix      = "*"
-    destination_address_prefix = "*"
-  }
-
-  security_rule {
-    name                       = "allow_https"
-    priority                   = 101
-    direction                  = "Inbound"
-    access                     = "Allow"
-    protocol                   = "Tcp"
-    source_port_range          = "*"
-    destination_port_range     = "443"
+    destination_port_range     = "*"
     source_address_prefix      = "*"
     destination_address_prefix = "*"
   }

modules/network/outputs.tf

@@ -1,25 +1,15 @@
-output "virtual_network_id" {
-  value = azurerm_virtual_network.vnet.id
-}
-
 output "subnet_id" {
   value = azurerm_subnet.subnet.id
 }
 
-output "network_security_group_id" {
-  value = azurerm_network_security_group.defaultnsg.id
-}
-
 output "public_ip_address" {
   value = azurerm_public_ip.linuxboxpip.ip_address
 }
 
-output "public_ip_id" {
-  description = "The ID of the public IP address."
-  value       = azurerm_public_ip.linuxboxpip.id
+output "public_ip_address_id" {
+  value = azurerm_public_ip.linuxboxpip.id
 }
 
-output "public_ip_fqdn" {
-  description = "The fully qualified domain name (FQDN) of the public IP address."
-  value       = azurerm_public_ip.linuxboxpip.fqdn
+output "virtual_network" {
+  value = azurerm_virtual_network.vnet
 }

modules/network/variables.tf

@@ -1,11 +1,31 @@
 variable "location" {
-  default = "uksouth"
+  type = string
 }
 
 variable "resource_group_name" {
-  default = "mate-azure-task-12"
+  type = string
+}
+
+variable "virtual_network_name" {
+  type = string
+}
+
+variable "vnet_address_prefix" {
+  type = string
+}
+
+variable "subnet_name" {
+  type = string
+}
+
+variable "subnet_address_prefix" {
+  type = string
+}
+
+variable "network_security_group_name" {
+  type = string
 }
 
 variable "dns_label" {
-  default = "matetask"
+  type = string
 }

modules/storage/main.tf

@@ -13,13 +13,9 @@ resource "azurerm_storage_container" "task_artifacts" {
 }
 
 resource "azurerm_storage_blob" "todoapp_blob" {
+  source                 = var.source_file_path
   name                   = "install-app.sh"
   storage_account_name   = azurerm_storage_account.storage.name
   storage_container_name = azurerm_storage_container.task_artifacts.name
   type                   = "Block"
-  source                 = var.source_file_path
-}
-
-output "blob_url" {
-  value = azurerm_storage_blob.todoapp_blob.url
 }

modules/storage/outputs.tf

@@ -1,3 +1,11 @@
+output "storage_account_name" {
+  value = azurerm_storage_account.storage.name
+}
+
 output "storage_container_name" {
   value = azurerm_storage_container.task_artifacts.name
 }
+
+output "blob_url" {
+  value = azurerm_storage_blob.todoapp_blob.url
+}