Created
October 15, 2018 00:11
-
-
Save ChrisTruncer/cc7c077330ea572ca1d68b5f04b5669c to your computer and use it in GitHub Desktop.
Sample Terraform Config with PFSense and Win 10 on Azure
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
################################################## | |
# Resource Group Creation # | |
################################################## | |
resource "azurerm_resource_group" "privatenetgroup" { | |
name = "private-net-group" | |
location = "West US" | |
} | |
################################################## | |
# Network Information # | |
################################################## | |
resource "azurerm_virtual_network" "privateoverallnetwork" { | |
name = "private-network" | |
address_space = ["10.0.0.0/8"] | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
} | |
resource "azurerm_subnet" "priv-subnet" { | |
name = "priv-subnet" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
virtual_network_name = "${azurerm_virtual_network.privateoverallnetwork.name}" | |
address_prefix = "10.12.10.0/24" | |
} | |
resource "azurerm_public_ip" "pf_pubip" { | |
name = "PF-PUBIP" | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
public_ip_address_allocation = "static" | |
} | |
resource "azurerm_network_security_group" "pfsenserulez" { | |
name = "pfsense-nsg" | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
security_rule { | |
name = "AllowHTTPS" | |
priority = 100 | |
direction = "Inbound" | |
access = "Allow" | |
protocol = "Tcp" | |
source_port_range = "*" | |
destination_port_range = "443" | |
source_address_prefix = "Internet" | |
destination_address_prefix = "*" | |
} | |
security_rule { | |
name = "AllowOpenVPN" | |
priority = 200 | |
direction = "Inbound" | |
access = "Allow" | |
protocol = "UDP" | |
source_port_range = "*" | |
destination_port_range = "1194" | |
source_address_prefix = "Internet" | |
destination_address_prefix = "*" | |
} | |
} | |
################################################## | |
# Private Systems # | |
################################################## | |
#**************************************************************************************** | |
resource "azurerm_network_interface" "TestWin10" { | |
name = "TestWin10" | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
internal_dns_name_label = "TestWin10" | |
ip_configuration { | |
name = "primary" | |
subnet_id = "${azurerm_subnet.priv-subnet.id}" | |
private_ip_address_allocation = "static" | |
private_ip_address = "10.12.10.15" | |
} | |
} | |
resource "azurerm_virtual_machine" "TestWin10" { | |
name = "TestWin10" | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
network_interface_ids = ["${azurerm_network_interface.TestWin10.id}"] | |
vm_size = "Standard_D1_v2" | |
delete_os_disk_on_termination = true | |
storage_image_reference { | |
publisher = "MicrosoftWindowsDesktop" | |
offer = "Windows-10" | |
sku = "rs4-pro" | |
version = "17134.345.59" | |
} | |
storage_os_disk { | |
name = "TestWin10disk" | |
caching = "ReadWrite" | |
create_option = "FromImage" | |
managed_disk_type = "Standard_LRS" | |
} | |
os_profile_windows_config { | |
enable_automatic_upgrades = false | |
provision_vm_agent = true | |
} | |
os_profile { | |
computer_name = "TestWin10" | |
admin_username = "LocalAdminSystem" | |
admin_password = "TotallyNotAVirus!" | |
} | |
} | |
#******************************************************************************************* | |
resource "azurerm_network_interface" "pfsensepubpriv" { | |
name = "pfsense-pub" | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
network_security_group_id = "${azurerm_network_security_group.pfsenserulez.id}" | |
ip_configuration { | |
name = "WebPrivate" | |
subnet_id = "${azurerm_subnet.priv-subnet.id}" | |
private_ip_address_allocation = "static" | |
private_ip_address = "10.12.10.10" | |
public_ip_address_id = "${azurerm_public_ip.pf_pubip.id}" | |
} | |
} | |
resource "azurerm_virtual_machine" "pfsenseme" { | |
name = "test-pfsense" | |
location = "${azurerm_resource_group.privatenetgroup.location}" | |
resource_group_name = "${azurerm_resource_group.privatenetgroup.name}" | |
network_interface_ids = ["${azurerm_network_interface.pfsensepubpriv.id}"] | |
vm_size = "Basic_A2" | |
delete_os_disk_on_termination = true | |
storage_image_reference { | |
publisher = "netgate" | |
offer = "netgate-pfsense-azure-fw-vpn-router" | |
sku = "netgate-pfsense-azure-243" | |
version = "2.4.31" | |
} | |
plan { | |
name = "netgate-pfsense-azure-243" | |
publisher = "netgate" | |
product = "netgate-pfsense-azure-fw-vpn-router" | |
} | |
storage_os_disk { | |
name = "test-pfsense_OsDisk" | |
caching = "ReadWrite" | |
create_option = "FromImage" | |
managed_disk_type = "Standard_LRS" | |
} | |
os_profile_linux_config { | |
disable_password_authentication = false | |
} | |
os_profile { | |
computer_name = "pfsenseaccess" | |
admin_username = "LocalAdminSystem" | |
admin_password = "TotallyNotAVirus!" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment