commit pertama

Signed-off-by: Samsul Maarif <[email protected]>

.gitignore

@@ -0,0 +1,6 @@
+*.box
+*.tfstate*
+variable.tf
+.terraform/
+inventory
+.terraform.lock.hcl

Makefile

@@ -0,0 +1,27 @@
+PROJECT := simple
+
+apply:
+	terraform apply -auto-approve
+
+init:
+	terraform init
+
+validate:
+	terraform validate
+
+plan:
+	terraform plan
+
+## recreate terraform resources
+rebuild: destroy apply
+
+destroy:
+	terraform destroy -auto-approve
+
+## create public/private keypair for ssh
+create-keypair:
+	@echo "THIDIR=$(THISDIR)"
+	ssh-keygen -t rsa -b 4096 -f id_rsa -C $(PROJECT) -N "" -q
+
+metadata:
+	terraform refresh

README.md

@@ -0,0 +1,31 @@
+# Preparing VirtualBox LAB with terraform
+
+Bagaimana cara menggunakan repo ini? berikut langkah-langkahnya secara singkat
+
+## Install beberapa dependency berikut
+
+```bash
+sudo apt install python3-pip sshpass 
+# install ansible
+sudo pip3 install -r ansible/requirement.txt
+# install terraform
+cd /tmp
+wget https://releases.hashicorp.com/terraform/1.3.9/terraform_1.3.9_linux_amd64.zip
+unzip terraform_1.3.9_linux_amd64.zip
+sudo mv terraform /usr/local/bin/terraform
+```
+
+## eksekusi
+
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+> catatan: dokumentasi lengkapnya menyusul ya, kalo sempat nulis :)
+
+# Known Issue
+
+- belum support NAT network
+- belum support multiple network interface

ansible/files/banner.txt

@@ -0,0 +1,19 @@
+
+#############################################################
+#   ____  _____ ____  _   _    _  _____ ___    _    _   _   #
+#  |  _ \| ____|  _ \| | | |  / \|_   _|_ _|  / \  | \ | |  #
+#  | |_) |  _| | |_) | |_| | / _ \ | |  | |  / _ \ |  \| |  #
+#  |  __/| |___|  _ <|  _  |/ ___ \| |  | | / ___ \| |\  |  #
+#  |_|   |_____|_| \_|_| |_/_/   \_|_| |___/_/   \_|_| \_|  #
+#                                                           #
+#    Anda memasuki area LAB dari Nacita Training Center.    #
+#  Berdoalah sebelum memulai aktifitas belajar, agar  ilmu  #
+#  yang akan dipelajari bermanfaat untuk Anda, dan  orang-  #
+#             orang di sekitar Anda. Amiiin...              #
+#############################################################
++                                                           +
++                   https://nacita.id                       +
++                                                           +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 
+
+

ansible/hosts.tpl

@@ -0,0 +1,9 @@
+[linux]
+%{ for ip in vm_addresses ~}
+${ip}
+%{ endfor ~}
+
+[linux:vars]
+ansible_user=student
+ansible_password=student
+ansible_port=22

ansible/playbook.yml

@@ -0,0 +1,25 @@
+- name: Run Ansible Playbook
+  hosts: all
+  become: true
+  remote_user: student
+  gather_facts: false
+  tasks:
+    - name: Upload banner file
+      ansible.builtin.copy:
+        src: banner.txt
+        dest: /etc/nacita
+        owner: root
+        group: root
+        mode: '0644'
+
+    - name: Add SSH Banner
+      ansible.builtin.lineinfile:
+        path: /etc/ssh/sshd_config
+        regexp: '^Banner'
+        insertafter: '^#Banner '
+        line: 'Banner /etc/nacita'
+
+    - name: Restart SSH service
+      ansible.builtin.service:
+        name: ssh
+        state: restarted

ansible/requirement.txt

@@ -0,0 +1 @@
+ansible==2.10

ansible/vagrant_private_key

@@ -0,0 +1,28 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI
+w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP
+kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2
+hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO
+Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW
+yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd
+ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1
+Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf
+TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK
+iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A
+sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf
+4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP
+cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk
+EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN
+CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX
+3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG
+YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj
+3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+
+dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz
+6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC
+P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF
+llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ
+kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH
++vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ
+NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s=
+-----END RSA PRIVATE KEY-----
+

main.tf

@@ -0,0 +1,71 @@
+terraform {
+  required_providers {
+    virtualbox = {
+      source  = "shekeriev/virtualbox"
+      version = "0.0.4"
+    }
+  }
+}
+
+provider "virtualbox" {
+  delay      = 60
+  mintimeout = 5
+}
+
+resource "virtualbox_vm" "lab-vm" {
+  count  = length(var.hostname)
+  name   = var.hostname[count.index]
+  image  = var.vm_template
+  cpus   = var.cpu
+  memory = var.memoryMB
+  # user_data will be deprecated soon, so disabled for this
+  # user_data = file("${path.module}/user_data") 
+
+  network_adapter {
+    type           = var.interfaceType
+    device         = "IntelPro1000MTDesktop"
+    host_interface = var.hostInterface
+    # On Windows use this instead
+    # host_interface = "VirtualBox Host-Only Ethernet Adapter"
+  }
+
+  provisioner "remote-exec" {
+    inline = ["sudo apt update", "sudo apt install python3 -y", "sudo hostnamectl set-hostname ${self.name}"]
+
+    connection {
+      host     = self.network_adapter.0.ipv4_address
+      type     = "ssh"
+      user     = "student"
+      password = "student"
+      # private_key = file(var.pvt_key)
+    }
+  }
+
+}
+
+# generate inventory file for Ansible
+resource "local_file" "hosts_cfg" {
+  depends_on = [
+    virtualbox_vm.lab-vm
+  ]
+  filename             = "./ansible/inventory"
+  directory_permission = 0644
+  file_permission      = 0755
+  content = templatefile("${path.module}/ansible/hosts.tpl",
+    {
+      vm_addresses = virtualbox_vm.lab-vm.*.network_adapter.0.ipv4_address
+    }
+  )
+
+  provisioner "local-exec" {
+    command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i './ansible/inventory' --become-user root ./ansible/playbook.yml"
+  }
+
+}
+
+
+
+
+output "IPAddress" {
+  value = zipmap(virtualbox_vm.lab-vm.*.name, virtualbox_vm.lab-vm.*.network_adapter.0.ipv4_address)
+}

variable.tf.example

@@ -0,0 +1,31 @@
+variable "hostname" {
+  type = list(string)
+  default = [
+    "nacita-lab0",
+    "nacita-lab1",
+  ]
+}
+variable "vm_template" {
+  default = "https://master.dl.sourceforge.net/project/nacita-box/debian/debian-11.box?viasf=1"
+}
+variable "domain" {
+  default = "nacita"
+}
+variable "memoryMB" {
+  default = "512 mib"
+}
+variable "cpu" {
+  default = 1
+}
+variable "interfaceType" {
+  default = "bridged"
+}
+variable "hostInterface" {
+  default = "eno1"
+}
+variable "pvt_key" {
+  default = "~/.ssh/id_rsa"
+}
+variable "pub_key" {
+  default = "~/.ssh/id_rsa.pub"
+}