Restructure into modules to enable persistent disk

This commit is contained in:
2025-10-04 16:57:12 +02:00
parent 3cfe796184
commit 8d2fc90a25
12 changed files with 253 additions and 194 deletions
+12 -120
View File
@@ -1,125 +1,17 @@
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = ">= 4.46"
}
}
required_version = ">= 1.0.0"
module "ephemeral" {
source = "./modules/ephemeral"
subscription_id = var.subscription_id
prefix = var.prefix
location = var.location
tailscale_authkey = var.tailscale_authkey
datadisk_id = module.persistent.datadisk_id
vm_admin_username = var.vm_admin_username
}
provider "azurerm" {
subscription_id = var.subscription_id
module "persistent" {
source = "./modules/persistent"
features {}
}
resource "azurerm_resource_group" "rg" {
name = "${var.prefix}-rg"
prefix = var.prefix
location = var.location
}
resource "azurerm_virtual_network" "vnet" {
name = "${var.prefix}-vnet"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
address_space = var.vnet_address_space
}
resource "azurerm_public_ip" "pip" {
name = "${var.prefix}-pip"
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
allocation_method = "Static"
sku = "Standard"
}
resource "azurerm_subnet" "workload_subnet" {
name = "${var.prefix}-workload-subnet"
resource_group_name = azurerm_resource_group.rg.name
virtual_network_name = azurerm_virtual_network.vnet.name
address_prefixes = var.workload_subnet_address_prefixes
}
resource "azurerm_network_interface" "vm_nic" {
name = "${var.prefix}-vm-nic"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
ip_configuration {
name = "internal"
subnet_id = azurerm_subnet.workload_subnet.id
private_ip_address_allocation = "Dynamic"
public_ip_address_id = azurerm_public_ip.pip.id
}
}
resource "azurerm_managed_disk" "data_disk" {
name = "${var.prefix}-winvm-datadisk"
location = azurerm_resource_group.rg.location
resource_group_name = azurerm_resource_group.rg.name
storage_account_type = "Premium_LRS"
create_option = "Empty"
disk_size_gb = var.datadisk_size_gb
lifecycle {
prevent_destroy = true
}
}
resource "random_password" "admin_password" {
length = 16
special = false
}
resource "azurerm_windows_virtual_machine" "vm" {
name = "${var.prefix}-winvm"
computer_name = var.prefix
resource_group_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
size = var.vm_size
priority = var.vm_priority
eviction_policy = var.vm_priority == "Spot" ? "Deallocate" : null
admin_username = var.vm_admin_username
admin_password = random_password.admin_password.result
network_interface_ids = [
azurerm_network_interface.vm_nic.id
]
os_disk {
caching = "ReadWrite"
storage_account_type = "Premium_LRS"
}
source_image_reference {
publisher = "MicrosoftWindowsDesktop"
offer = "Windows-10"
sku = "win10-22h2-pro"
version = "latest"
}
}
resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attachment" {
managed_disk_id = azurerm_managed_disk.data_disk.id
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
lun = var.datadisk_lun
caching = "ReadWrite"
}
resource "azurerm_virtual_machine_extension" "provision_software" {
name = "provision-software"
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
publisher = "Microsoft.Compute"
type = "CustomScriptExtension"
type_handler_version = "1.10"
depends_on = [azurerm_virtual_machine_data_disk_attachment.data_disk_attachment]
protected_settings = <<SETTINGS
{
"commandToExecute": "powershell -command \"[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('${base64encode(templatefile("${path.module}/scripts/provision-software.ps1.tpl", { tailscale_authkey = var.tailscale_authkey, datadisk_lun = var.datadisk_lun, datadisk_drive_letter = var.datadisk_drive_letter }))}')) | Out-File -filepath provision-software.ps1\" && powershell -ExecutionPolicy Unrestricted -File provision-software.ps1"
}
SETTINGS
}