97 lines
3.4 KiB
Terraform
97 lines
3.4 KiB
Terraform
resource "azurerm_resource_group" "rg" {
|
|
name = "${var.prefix}-ephemeral-rg"
|
|
location = var.location
|
|
}
|
|
|
|
resource "azurerm_virtual_network" "vnet" {
|
|
name = "${var.prefix}-vnet"
|
|
resource_group_name = azurerm_resource_group.rg.name
|
|
location = azurerm_resource_group.rg.location
|
|
address_space = var.vnet_address_space
|
|
}
|
|
|
|
resource "azurerm_public_ip" "pip" {
|
|
name = "${var.prefix}-pip"
|
|
resource_group_name = azurerm_resource_group.rg.name
|
|
location = azurerm_resource_group.rg.location
|
|
allocation_method = "Static"
|
|
sku = "Standard"
|
|
}
|
|
|
|
resource "azurerm_subnet" "workload_subnet" {
|
|
name = "${var.prefix}-workload-subnet"
|
|
resource_group_name = azurerm_resource_group.rg.name
|
|
virtual_network_name = azurerm_virtual_network.vnet.name
|
|
address_prefixes = var.workload_subnet_address_prefixes
|
|
}
|
|
|
|
resource "azurerm_network_interface" "vm_nic" {
|
|
name = "${var.prefix}-vm-nic"
|
|
location = azurerm_resource_group.rg.location
|
|
resource_group_name = azurerm_resource_group.rg.name
|
|
|
|
ip_configuration {
|
|
name = "internal"
|
|
subnet_id = azurerm_subnet.workload_subnet.id
|
|
private_ip_address_allocation = "Dynamic"
|
|
public_ip_address_id = azurerm_public_ip.pip.id
|
|
}
|
|
}
|
|
|
|
resource "random_password" "admin_password" {
|
|
length = 16
|
|
special = false
|
|
}
|
|
|
|
resource "azurerm_windows_virtual_machine" "vm" {
|
|
name = "${var.prefix}-winvm"
|
|
computer_name = var.prefix
|
|
resource_group_name = azurerm_resource_group.rg.name
|
|
location = azurerm_resource_group.rg.location
|
|
size = var.vm_size
|
|
priority = var.vm_priority
|
|
eviction_policy = var.vm_priority == "Spot" ? "Deallocate" : null
|
|
|
|
admin_username = var.vm_admin_username
|
|
admin_password = random_password.admin_password.result
|
|
|
|
network_interface_ids = [
|
|
azurerm_network_interface.vm_nic.id
|
|
]
|
|
|
|
os_disk {
|
|
caching = "ReadWrite"
|
|
storage_account_type = "Premium_LRS"
|
|
}
|
|
|
|
source_image_reference {
|
|
publisher = "MicrosoftWindowsDesktop"
|
|
offer = "Windows-10"
|
|
sku = "win10-22h2-pro"
|
|
version = "latest"
|
|
}
|
|
}
|
|
|
|
resource "azurerm_virtual_machine_data_disk_attachment" "data_disk_attachment" {
|
|
managed_disk_id = var.datadisk_id
|
|
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
|
|
lun = var.datadisk_lun
|
|
caching = "ReadWrite"
|
|
}
|
|
|
|
resource "azurerm_virtual_machine_extension" "provision_software" {
|
|
name = "provision-software"
|
|
virtual_machine_id = azurerm_windows_virtual_machine.vm.id
|
|
publisher = "Microsoft.Compute"
|
|
type = "CustomScriptExtension"
|
|
type_handler_version = "1.10"
|
|
|
|
depends_on = [azurerm_virtual_machine_data_disk_attachment.data_disk_attachment]
|
|
|
|
protected_settings = <<SETTINGS
|
|
{
|
|
"commandToExecute": "powershell -command \"[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String('${base64encode(templatefile("${path.module}/scripts/provision-software.ps1.tpl", { tailscale_authkey = var.tailscale_authkey, datadisk_lun = var.datadisk_lun, datadisk_drive_letter = var.datadisk_drive_letter }))}')) | Out-File -filepath provision-software.ps1\" && powershell -ExecutionPolicy Unrestricted -File provision-software.ps1"
|
|
}
|
|
SETTINGS
|
|
}
|