diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..c669776 --- /dev/null +++ b/.gitignore @@ -0,0 +1,6 @@ +*.box +*.tfstate* +variable.tf +.terraform/ +inventory +.terraform.lock.hcl \ No newline at end of file diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..df8fc12 --- /dev/null +++ b/Makefile @@ -0,0 +1,27 @@ +PROJECT := simple + +apply: + terraform apply -auto-approve + +init: + terraform init + +validate: + terraform validate + +plan: + terraform plan + +## recreate terraform resources +rebuild: destroy apply + +destroy: + terraform destroy -auto-approve + +## create public/private keypair for ssh +create-keypair: + @echo "THIDIR=$(THISDIR)" + ssh-keygen -t rsa -b 4096 -f id_rsa -C $(PROJECT) -N "" -q + +metadata: + terraform refresh \ No newline at end of file diff --git a/README.md b/README.md new file mode 100644 index 0000000..dcec62a --- /dev/null +++ b/README.md @@ -0,0 +1,31 @@ +# Preparing VirtualBox LAB with terraform + +Bagaimana cara menggunakan repo ini? berikut langkah-langkahnya secara singkat + +## Install beberapa dependency berikut + +```bash +sudo apt install python3-pip sshpass +# install ansible +sudo pip3 install -r ansible/requirement.txt +# install terraform +cd /tmp +wget https://releases.hashicorp.com/terraform/1.3.9/terraform_1.3.9_linux_amd64.zip +unzip terraform_1.3.9_linux_amd64.zip +sudo mv terraform /usr/local/bin/terraform +``` + +## eksekusi + +```bash +terraform init +terraform plan +terraform apply +``` + +> catatan: dokumentasi lengkapnya menyusul ya, kalo sempat nulis :) + +# Known Issue + +- belum support NAT network +- belum support multiple network interface diff --git a/ansible/files/banner.txt b/ansible/files/banner.txt new file mode 100644 index 0000000..9926f48 --- /dev/null +++ b/ansible/files/banner.txt @@ -0,0 +1,19 @@ + +############################################################# +# ____ _____ ____ _ _ _ _____ ___ _ _ _ # +# | _ \| ____| _ \| | | | / \|_ _|_ _| / \ | \ | | # +# | |_) | _| | |_) | |_| | / _ \ | | | | / _ \ | \| | # +# | __/| |___| _ <| _ |/ ___ \| | | | / ___ \| |\ | # +# |_| |_____|_| \_|_| |_/_/ \_|_| |___/_/ \_|_| \_| # +# # +# Anda memasuki area LAB dari Nacita Training Center. # +# Berdoalah sebelum memulai aktifitas belajar, agar ilmu # +# yang akan dipelajari bermanfaat untuk Anda, dan orang- # +# orang di sekitar Anda. Amiiin... # +############################################################# ++ + ++ https://nacita.id + ++ + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + diff --git a/ansible/hosts.tpl b/ansible/hosts.tpl new file mode 100644 index 0000000..41fb5b8 --- /dev/null +++ b/ansible/hosts.tpl @@ -0,0 +1,9 @@ +[linux] +%{ for ip in vm_addresses ~} +${ip} +%{ endfor ~} + +[linux:vars] +ansible_user=student +ansible_password=student +ansible_port=22 diff --git a/ansible/playbook.yml b/ansible/playbook.yml new file mode 100644 index 0000000..9759571 --- /dev/null +++ b/ansible/playbook.yml @@ -0,0 +1,25 @@ +- name: Run Ansible Playbook + hosts: all + become: true + remote_user: student + gather_facts: false + tasks: + - name: Upload banner file + ansible.builtin.copy: + src: banner.txt + dest: /etc/nacita + owner: root + group: root + mode: '0644' + + - name: Add SSH Banner + ansible.builtin.lineinfile: + path: /etc/ssh/sshd_config + regexp: '^Banner' + insertafter: '^#Banner ' + line: 'Banner /etc/nacita' + + - name: Restart SSH service + ansible.builtin.service: + name: ssh + state: restarted \ No newline at end of file diff --git a/ansible/requirement.txt b/ansible/requirement.txt new file mode 100644 index 0000000..880e168 --- /dev/null +++ b/ansible/requirement.txt @@ -0,0 +1 @@ +ansible==2.10 \ No newline at end of file diff --git a/ansible/vagrant_private_key b/ansible/vagrant_private_key new file mode 100755 index 0000000..682aa62 --- /dev/null +++ b/ansible/vagrant_private_key @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI +w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP +kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2 +hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO +Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW +yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd +ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1 +Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf +TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK +iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A +sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf +4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP +cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk +EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN +CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX +3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG +YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj +3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+ +dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz +6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC +P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF +llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ +kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH ++vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ +NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s= +-----END RSA PRIVATE KEY----- + diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..a0c0ecc --- /dev/null +++ b/main.tf @@ -0,0 +1,71 @@ +terraform { + required_providers { + virtualbox = { + source = "shekeriev/virtualbox" + version = "0.0.4" + } + } +} + +provider "virtualbox" { + delay = 60 + mintimeout = 5 +} + +resource "virtualbox_vm" "lab-vm" { + count = length(var.hostname) + name = var.hostname[count.index] + image = var.vm_template + cpus = var.cpu + memory = var.memoryMB + # user_data will be deprecated soon, so disabled for this + # user_data = file("${path.module}/user_data") + + network_adapter { + type = var.interfaceType + device = "IntelPro1000MTDesktop" + host_interface = var.hostInterface + # On Windows use this instead + # host_interface = "VirtualBox Host-Only Ethernet Adapter" + } + + provisioner "remote-exec" { + inline = ["sudo apt update", "sudo apt install python3 -y", "sudo hostnamectl set-hostname ${self.name}"] + + connection { + host = self.network_adapter.0.ipv4_address + type = "ssh" + user = "student" + password = "student" + # private_key = file(var.pvt_key) + } + } + +} + +# generate inventory file for Ansible +resource "local_file" "hosts_cfg" { + depends_on = [ + virtualbox_vm.lab-vm + ] + filename = "./ansible/inventory" + directory_permission = 0644 + file_permission = 0755 + content = templatefile("${path.module}/ansible/hosts.tpl", + { + vm_addresses = virtualbox_vm.lab-vm.*.network_adapter.0.ipv4_address + } + ) + + provisioner "local-exec" { + command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i './ansible/inventory' --become-user root ./ansible/playbook.yml" + } + +} + + + + +output "IPAddress" { + value = zipmap(virtualbox_vm.lab-vm.*.name, virtualbox_vm.lab-vm.*.network_adapter.0.ipv4_address) +} \ No newline at end of file diff --git a/variable.tf.example b/variable.tf.example new file mode 100644 index 0000000..48ed3bb --- /dev/null +++ b/variable.tf.example @@ -0,0 +1,31 @@ +variable "hostname" { + type = list(string) + default = [ + "nacita-lab0", + "nacita-lab1", + ] +} +variable "vm_template" { + default = "https://master.dl.sourceforge.net/project/nacita-box/debian/debian-11.box?viasf=1" +} +variable "domain" { + default = "nacita" +} +variable "memoryMB" { + default = "512 mib" +} +variable "cpu" { + default = 1 +} +variable "interfaceType" { + default = "bridged" +} +variable "hostInterface" { + default = "eno1" +} +variable "pvt_key" { + default = "~/.ssh/id_rsa" +} +variable "pub_key" { + default = "~/.ssh/id_rsa.pub" +} \ No newline at end of file