Initial commit

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 AtaxyaNetwork - Cécile MORANGE
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,19 @@
+**Netbox + XO + Terraform + Ansible = The best deployment kit**
+
+How to run:<br>
+cp passwd.auto.tfvars.example passwd.auto.tfvars<br>
+replace all variable to match your infrastructure
+
+edit cloud_config.tftpl to add your ssh key<br>
+edit cloud_network_config.tftpl to replace eth0 and your gateway (to be changed)
+
+create a prefix with IP you want to use on netbox <br>
+edit variables.auto.tfvars 
+
+You can add your playbook in the folder playbooks/ and use them in variables.auto.tfvars
+
+then
+
+terraform init<br>
+terraform plan<br>
+terraform apply

cloud_config.tftpl

@@ -0,0 +1,5 @@
+#cloud-config
+hostname: ${hostname}
+ssh_authorized_keys:
+${ssh_keys}
+

cloud_network_config.tftpl

@@ -0,0 +1,9 @@
+#cloud-config
+version: 1
+config:
+  - type: physical
+    name: eth0
+    subnets:
+      - type: static
+        address: "${ip}"
+        gateway: "${gateway}"

main.tf

@@ -0,0 +1,96 @@
+data "netbox_prefix" "test" {
+  cidr = var.netbox_prefix
+}
+
+resource "netbox_available_ip_address" "test" {
+  prefix_id   = data.netbox_prefix.test.id
+  description = var.name
+  dns_name    = var.dns_name
+}
+
+output "ip_addr" {
+  value = netbox_available_ip_address.test.ip_address
+}
+
+data "xenorchestra_sr" "local_storage" {
+  name_label = var.storage
+}
+
+data "xenorchestra_network" "network" {
+  name_label = var.network
+  pool_id    = data.xenorchestra_pool.pool.id
+}
+
+
+data "xenorchestra_pool" "pool" {
+  name_label = var.pool
+}
+
+data "xenorchestra_template" "template" {
+  name_label = var.template
+}
+
+
+resource "xenorchestra_vm" "bar" {
+  memory_max = var.ram * 1024 * 1024 * 1024
+  cpus       = var.cpu
+  cloud_config = templatefile("cloud_config.tftpl", {
+    hostname = var.name
+    ssh_keys = var.ssh_keys
+  })
+  cloud_network_config = templatefile("cloud_network_config.tftpl", {
+    ip = "${replace(netbox_available_ip_address.test.ip_address, "var.netmask_netbox", var.netmask)}"
+    gateway = var.gateway
+  })
+  name_label       = var.name
+  name_description = var.desc
+  template         = data.xenorchestra_template.template.id
+
+  # Prefer to run the VM on the primary pool instance
+  affinity_host = data.xenorchestra_pool.pool.master
+  network {
+    network_id = data.xenorchestra_network.network.id
+  }
+
+  disk {
+    sr_id      = data.xenorchestra_sr.local_storage.id
+    name_label = var.name
+    size       = var.disk_size * 1024 * 1024 * 1024
+  }
+
+  tags = [
+    "Debian",
+    "Best Distro",
+  ]
+
+  // Override the default create timeout from 5 mins to 20.
+  timeouts {
+    create = "20m"
+  }
+}
+
+
+# Generate inventory file
+resource "local_file" "inventory" {
+  filename = "inventory"
+  content  = <<EOF
+[all]
+${split("/", netbox_available_ip_address.test.ip_address)[0]}
+EOF
+}
+
+resource "time_sleep" "wait_30_seconds" {
+  depends_on = [xenorchestra_vm.bar]
+
+  create_duration = "30s"
+}
+
+resource "null_resource" "run-ansible" {
+  provisioner "local-exec" {
+    command = "ansible-playbook -D -i inventory playbooks/${var.playbook} "
+    environment = {
+      ANSIBLE_HOST_KEY_CHECKING = "false"
+    }
+  }
+  depends_on = [time_sleep.wait_30_seconds]
+}

passwd.auto.tfvars.example

@@ -0,0 +1,13 @@
+#Netbox
+
+
+netbox_server_url = "https://netbox.exemple.net"
+netbox_api_token  = ""
+netbox_allow_insecure_https = false
+
+#XO
+
+xo_url      = "ws://xo.example.net" 
+xo_username = "admin"              
+xo_password = "passwd"             
+xo_insecure = true

playbooks/basicpackage.yml

@@ -0,0 +1,8 @@
+- hosts: all
+  tasks:
+    - name: update a server
+      apt: update_cache=yes
+    - name: "emacs-nox"
+      apt:
+        name: ["emacs-nox"]
+        state: present

providers.tf

@@ -0,0 +1,31 @@
+terraform {
+  required_providers {
+    netbox = {
+      source  = "e-breuninger/netbox"
+      version = "~> 1.5.2"
+    }
+    xenorchestra = {
+      source  = "terra-farm/xenorchestra"
+      version = "~> 0.9"
+    }
+  }
+}
+
+provider "netbox" {
+  server_url           = var.netbox_server_url
+  api_token            = var.netbox_api_token
+  allow_insecure_https = var.netbox_allow_insecure_https
+}
+provider "xenorchestra" {
+  # Must be ws or wss
+  url      = var.xo_url
+  username = var.xo_username
+  password = var.xo_password
+
+  # This is false by default and
+  # will disable ssl verification if true.
+  # This is useful if your deployment uses
+  # a self signed certificate but should be
+  # used sparingly!
+  insecure = var.xo_insecure # Or set XOA_INSECURE environment variable to any value
+}

var.tf

@@ -0,0 +1,95 @@
+#Provider
+variable "netbox_server_url" {
+  type = string
+}
+
+variable "netbox_api_token" {
+  type = string
+}
+variable "netbox_allow_insecure_https" {
+  type = string
+}
+
+variable "xo_url" {
+  type = string
+}
+
+variable "xo_username" {
+  type = string
+}
+
+variable "xo_password" {
+  type = string
+}
+
+variable "xo_insecure" {
+  type = string
+}
+
+
+
+
+#Main
+variable "netbox_prefix" {
+  type = string
+}
+
+variable "netmask_netbox" {
+  type = string
+}
+
+variable "gateway" {
+  type = string
+}
+
+variable "netmask" {
+  type = string
+}
+
+variable "dns_name" {
+  type = string
+}
+
+variable "storage" {
+  type = string
+}
+
+variable "network" {
+  type = string
+}
+
+variable "pool" {
+  type = string
+}
+
+variable "template" {
+  type = string
+}
+
+variable "playbook" {
+  type = string
+}
+
+variable "cpu" {
+  type = number
+}
+
+variable "ram" {
+  type = number
+}
+
+variable "name" {
+  type = string
+}
+
+variable "desc" {
+  type = string
+}
+
+variable "disk_size" {
+  type = number
+}
+
+variable "ssh_keys" {
+  type = string
+}

variables.auto.tfvars

@@ -0,0 +1,29 @@
+####
+#Variables utilisé dans le main.tf
+####
+netbox_prefix  = "185.119.254.192/27"
+netmask_netbox = "/27"
+netmask        = "/32"
+gateway        = "185.119.254.1" 
+dns_name       = "maVM.ataxya.net"
+# storage utilisé pour le disque de la VM
+storage = "Local storage"
+# Interface réseau pour la VM
+network = "Pool-wide network associated with eth2"
+# nom du pool ou sera storé la VM
+pool = "chouffe"
+# nom de la template utilisé pour la VM
+template = "Debian11"
+playbook = "basicpackage.yml"
+###################
+#PARAMETRES DE LA VM
+###################
+cpu       = 2
+ram       = 2
+name      = "maVM"
+desc      = "By Ataxya"
+disk_size = 30
+ssh_keys = <<-EOF
+  - key1
+  - key2
+EOF