From e3054d12974ebca4af25ca63d0f7ae54848bc657 Mon Sep 17 00:00:00 2001 From: Aravinth Manivannan Date: Wed, 15 Nov 2023 16:43:00 +0530 Subject: [PATCH] feat: provision libvirt domain for mCaptcha guard --- terraform/mcaptcha/.gitignore | 45 ++++++++++++++++ terraform/mcaptcha/.terraform.lock.hcl | 53 +++++++++++++++++++ terraform/mcaptcha/cloud_init.cfg | 23 ++++++++ terraform/mcaptcha/main.tf | 46 ++++++++++++++++ terraform/mcaptcha/mcaptcha | Bin 0 -> 8319 bytes terraform/mcaptcha/mcaptcha.tf | 52 ++++++++++++++++++ terraform/mcaptcha/network_config.cfg | 4 ++ terraform/mcaptcha/output.tf | 20 +++++++ terraform/mcaptcha/scripts/on.sh | 7 +++ terraform/mcaptcha/templates/hosts.yml.tftpl | 4 ++ terraform/mcaptcha/variables.tf | 46 ++++++++++++++++ 11 files changed, 300 insertions(+) create mode 100644 terraform/mcaptcha/.gitignore create mode 100644 terraform/mcaptcha/.terraform.lock.hcl create mode 100644 terraform/mcaptcha/cloud_init.cfg create mode 100644 terraform/mcaptcha/main.tf create mode 100644 terraform/mcaptcha/mcaptcha create mode 100644 terraform/mcaptcha/mcaptcha.tf create mode 100644 terraform/mcaptcha/network_config.cfg create mode 100644 terraform/mcaptcha/output.tf create mode 100755 terraform/mcaptcha/scripts/on.sh create mode 100644 terraform/mcaptcha/templates/hosts.yml.tftpl create mode 100644 terraform/mcaptcha/variables.tf diff --git a/terraform/mcaptcha/.gitignore b/terraform/mcaptcha/.gitignore new file mode 100644 index 0000000..ac56741 --- /dev/null +++ b/terraform/mcaptcha/.gitignore @@ -0,0 +1,45 @@ +# Compiled files +*.tfstate +*.tfstate.backup +*.tfstate.lock.info + +# logs +*.log + +# Directories +.terraform/ +.vagrant/ + +# SSH Keys +*.pem + +# Backup files +*.bak + +# Ignored Terraform files +*gitignore*.tf + +# Ignore Mac .DS_Store files +.DS_Store + +# Ignored vscode files +.vscode/ + +# Ignore Any Generated JSON Files +operations/automation-script/apply.json +operations/automation-script/configversion.json +operations/automation-script/run.template.json +operations/automation-script/run.json +operations/automation-script/variable.template.json +operations/automation-script/variable.json +operations/automation-script/workspace.template.json +operations/automation-script/workspace.json +operations/sentinel-policies-scripts/create-policy.template.json +operations/sentinel-policies-scripts/create-policy.json +operations/variable-scripts/variable.template.json +operations/variable-scripts/variable.json + +# Sentinel runtime directory +.sentinel +dos +hosts.ini diff --git a/terraform/mcaptcha/.terraform.lock.hcl b/terraform/mcaptcha/.terraform.lock.hcl new file mode 100644 index 0000000..bb9d6c3 --- /dev/null +++ b/terraform/mcaptcha/.terraform.lock.hcl @@ -0,0 +1,53 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/dmacvicar/libvirt" { + version = "0.7.6" + constraints = "~> 0.7.0" + hashes = [ + "h1:mmbm4vTyC/DCGO4Ed/vbp5AKvy1gmVn/94fzB9VmR08=", + "zh:0bde54f6f658b20b620b875daf106b5b25b1bae4d15408d6c5f06d58360e254d", + "zh:0c97c6930015918b8a34b6d7a2b0c3d17a649c226fcd1874fcba5bbbc0f35972", + "zh:1bdd7aa0011c5f024a09a124836ee9bc8e71b05a6ece810c61824275fd3f695f", + "zh:2b0cc7c794e4caf395d84ffff0b380d17e4b3219a4696264271bfe5059450efe", + "zh:2f8633f7fe07f76c188836ed6f93321ec5fbf5c004bc7699e1741d9b21ed5f37", + "zh:5bf47eed286ce55ed10a5cf657de49a34ab21cc8677c56fef3aab69cdde41a27", + "zh:7dca790fc5fd1d42bc4bc7170be003a7093602026d0f95c8aab84ad551fdf2a4", + "zh:80476b68bc84e3d661d1390025f83879b88f9cdc836de9751af09bd5716089cb", + "zh:82f3e2f3f50176cd6041c8ba36e295cbda1b289ef52ab75b5eceb0f921f64f7b", + "zh:a179b165f3b9bb9a67ebbbf9d73157ded33f02d476b2f58906389dca03b653c9", + "zh:acae54a5d0616f22b3180ddd8e8aad39af664e604394fdacf1f7b337bca2d5b4", + "zh:da4406a2428a9a7e98272c032cb93431c3919253af2fe9934b532d26c0deab09", + "zh:f63dbd8e579ab5268d01ffab4503b8a8e736b70d1a04e4f271559ba8dd133dcd", + "zh:f85c1d9e51a94ecde137435c9d6b0fb7be590437ea8a725334d1577eebbc550c", + ] +} + +provider "registry.opentofu.org/hashicorp/local" { + version = "2.4.0" + hashes = [ + "h1:pWJMQ+uRtVtHg97vU2zSCuYcZTuDQ7FJz+QanfSGMXM=", + "zh:184d6ec1f0e77713b37f0d9cf943b1371f2aa2f44c2c5a618978e897ce3dccab", + "zh:2205a7955a4051c2c25e69646a60746d9416b73001491808ae5d10620f7b7ac1", + "zh:256ddc56457f725819dc6be62f2d0bb3b9fee40a61771317bb32353df5b5c1a0", + "zh:70146e603f540523f6fa2251dd52c225db5a92bda8c07fd198ed51ae2b50176b", + "zh:8c3f9fe12ab8843e25ff7edabc26e01df4a0e8db204e432600a4c77a95ec0535", + "zh:b003e421f643d14247d31dcb7f0f6470c46f772d0e15a175a555a525ce344bf2", + "zh:b4c8ad7c5696aeb2a52adf6047d1e01943fafa57dc123d5192542527406ffd72", + "zh:c3b6fbfa431f3c085621c74596ee63681a278fd433a4758f33c627e8936d5cb3", + "zh:d2e57b19295b326d84ca5f39b797849d901170d5509aa7558f2a6545c9ce72a9", + "zh:e2307421b0b380eb0e8fcee008e0af98ae30fccbfc9e9a1d24d952489e9b0df9", + ] +} + +provider "registry.opentofu.org/hashicorp/template" { + version = "2.2.0" + hashes = [ + "h1:tdS0otiAtvUV8uLJWJNfcqOPo3llj7FyRzExw6X1srY=", + "zh:374c28bafc43cd65e578cb209efc9eee4c1cec7618f451528e928db98059e8c8", + "zh:6a2982e70fbc2ab2668d624c648ef2eb32243c1a1185246b03991a7a21326db9", + "zh:af83169c21bb13f141510a349e1f70cf7d893247a269bd71cad74dd22f1df0f5", + "zh:b81a5bedc91a1a81b938c393247248d6c3d1bd8ea685541f9c858908c0afb6b3", + "zh:de15486244af2d29d44d510d647cd6e0b1408e89952261013c572b7c9bfd744b", + ] +} diff --git a/terraform/mcaptcha/cloud_init.cfg b/terraform/mcaptcha/cloud_init.cfg new file mode 100644 index 0000000..1a4f40b --- /dev/null +++ b/terraform/mcaptcha/cloud_init.cfg @@ -0,0 +1,23 @@ +#cloud-config +# vim: syntax=yaml + +users: +- name: root + ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com +- name: atm + gecos: Aravinth Manivannan + groups: users, admin + sudo: ALL=(ALL) NOPASSWD:ALL + shell: /bin/bash + lock_passwd: true + plain_text_passwd: fooabr12 + ssh_authorized_keys: + - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC/wXdHpwpY/4ubhYTmuNdGepQpj1kchvTUTApxMZyfyVW4uzrPRTYsle1y9QbTBV35qLkNajRC/wmC5/xPchdXpsJpuD9st1HMhLeR8qwaPyptiYJYT+z/WisWw2k6oWhG3QKvPoRtBdW9nhZnkG+O6zkuGXiRHpS7j2VVboDPpWEe1UdELQFVCwfraRal2g3ENFZ/9V1UrW/4ahRnQnSxERplZUm/fgSxQtmXubTkW68ut7yasBsrKFffMm8JztW0tWgTlTKONd3LCjv4juM0t5+cJDotNDnUR86Tq2PG8io7no/h8BWtazmjdpfGgn02ibX26BkdU0LDEYbJt5q9/Fh9TGk2ZwcMQeyepO1AWQgkmHXZWZELqu6MLQpqdtsOjHp9k0MeSpuIbdwzgf10Ydy7vK1z8irS24tVNNnJaMBwOlVOPwfyztHRADPkFcv2lKSjS1uyKR0FIkV8Kvs4txaIjmwv2LfMg6lF5W6j3ZPLyeE4cplJP0DDjzorSanu31xVnqVb3A8V9awsJ/4H7d59bI99c7QHL4K3fBVP3O0gqd31xAVRsdGs5Tj2P+RpiI6o5JJiOa1+DuBdWzrVIXYchQ30ZjaJp1wTNsYLmAsjeYuQZE2tf1xvywdzD4MB4avugDEWikzRWN9V5PHDZr1bamTCCjOrb2PRCd7eSQ== aravinth7820@gmail.com + +ssh_pwauth: true +chpasswd: + list: | + root:foobar12 + atm:foobar12 + expire: False diff --git a/terraform/mcaptcha/main.tf b/terraform/mcaptcha/main.tf new file mode 100644 index 0000000..8c7aa9d --- /dev/null +++ b/terraform/mcaptcha/main.tf @@ -0,0 +1,46 @@ +# SPDX-FileCopyrightText: 2023 Aravinth Manivannan +# +# SPDX-License-Identifier: AGPL-3.0-or-later + +terraform { + required_version = ">= 0.13" + required_providers { + libvirt = { + source = "dmacvicar/libvirt" + version = "~> 0.7.0" + } + } +} + +provider "libvirt" { + uri = var.libvirt_uri +} + +resource "libvirt_pool" "mcaptcha_basic" { + name = "mcaptcha_basic" + type = "dir" + path = var.libvirt_pool_path + +} + +resource "libvirt_volume" "debian-mcaptcha-qcow2" { + name = "debian-mcaptcha-qcow2" + pool = libvirt_pool.mcaptcha_basic.name + source = var.libvirt_debian_src + format = "qcow2" +} + +data "template_file" "user_data" { + template = file("${path.module}/cloud_init.cfg") +} + +data "template_file" "network_config" { + template = file("${path.module}/network_config.cfg") +} + +resource "libvirt_cloudinit_disk" "commoninit" { + name = "commoninit.iso" + user_data = data.template_file.user_data.rendered + network_config = data.template_file.network_config.rendered + pool = libvirt_pool.mcaptcha_basic.name +} diff --git a/terraform/mcaptcha/mcaptcha b/terraform/mcaptcha/mcaptcha new file mode 100644 index 0000000000000000000000000000000000000000..6c9704e8b4993077405ce6ef4b0d82f6f8973ff5 GIT binary patch literal 8319 zcma)hWmH^Swsm2JyL)g57Th7YySqcs!bza85G=R{cSwQ-cMA}lLW4tahu~g3^7`w( zxp`mrd+UrnM(rPao>gbevDTbxt0}_4;{lMK9^CdYUBGVv1Rw)EY+M}8owcG1`aCFkfO6oZB>V;A>v!kOJ-eHSN z`Xj@qTeo@Q*o80#j4-!wB+T_zB`U%6$5I-2jAOj$&){9u&t>smQQm5yF%8ro%$DEH z?nn#U+Kgu2Y=JY6UA7#yp~P&oUd)QELWHvf_j(Cq?2Tx`Efx4C$1ZMdA6 z4nN9kj{#=FX3fn;Z&aAHe81UJM>2jFE<&`nXbTZu>N{!v03>~4`GX=o z9Ag6fI#@?2!gaO!!)v5)AiO1VrQy;+wL4 z&zP_uLSB0Cu{<15NnuLnJ;F{RIvjN4P8DkwoUkLD)u=JzLH7xhE#>-RW!E<~UuDkk zxZMvntpq&m=3cLbr2RbDW|s@_S&iOR$1v&%a)!nDrn&WUt+}V0VvA$ApB(c8fk~3<^+)%l^H3hG>`MCGL9(l zCDjK5Ga=h&AwBa*!=;iRS&?c!RBoZ(fc-^Hvvh9_x2jjJ8j`KdW*0p9^te*vOfQ7& z3Fq5xZA6YSbqu>Nzl3qmtr|^#BqWKLQfX=d3f8?TIvy=a5=WTdN`WZ& zt7Tdm8JpA%eN0)}4IUiZe%(@QEGDLr{(t$^7c#JBij@CG^FE7}TY#vEd=kX2Z(`K_EhUA`V`SuYQ{xw> zq}TSgD*CnCdy2;8(_y9B+)~iybdXMYMN8|neLcaTkho8s(S^6t=y#zZs1aZLd*1sW z3FeowI)>4pjBX{6G`Tg$(pW-kRsB|Sr+r?>5%+iIhf9~9REHajq823I^qT7NIkn(b z1=jZ0pBDNn&h-*7JBwl#j_o!tKPP(;XpVR=jDJoFdqsupSE3a`7@38gN7{*svzNPi z$Q>mmy6^$cPe&tRh?tAV)+jwAIBm~Opef-MAxUzN&*D4>?%uPNj~wn1MSJAsZtYv^ zigpRllYa`TK?sB2&XJ9OD=K$-rHgx_gO~)aGc~nbu;zmZz7qOaPr$vbgV<)iLWZAM z8bZ5+pyQes(NbXG?o<)~nT60$izm=9C+E0KQ?hhwYXoinqe&|x9E#8Ex)*(EZwIIe zAjBcJh^qrQQmA&MlG9Ter5s7t4GQz^JPTw1G9iOg5*fhF&)_C|zmC8rZft;?z$Yy? zZa2QC^FDMPRpTsMr<>J8_3`T)R=u6s762Q?>I1CVX}?ar6=91emOG5j?9uVSoTyr4 z7@&3?J5}jDzF~*O{v)v=oj804`$v}^vR9Pj(mzqSvJ(TiS9>?ohU$MADi7?Kl-bv+w-_>g8cDWijBu7IPF8r2dy49M_1TQMP;ht=T~iBpQ)vFwj$ zfwm$V$5aqx)?P#x-H_!J6>_;XRPgGD|^qXh|_fjE|vEw6?C=gWe?0VYC!29(P6_@ z2&7hd>4L0duYCFu*M|E1R7=n^h1i;aT9}c0V4>TN9L`Kp855d8hfAUg2u?IGxFr zxsSdk$S2@B@#U3oF_kDMhjbjS;FO<~@vzkX7ea^?CuKON=;0!vit8?7zK$N6?`wlH zO3n?AVOPvuS>LEwp--ccxOg5_+`Rh5n8pm8aVFqKy(+Q0?x$vfS@>P3L)kRuXQ#K? z#@EduYzq&pjd)aDn%US5>L|?v{diRD_#u(I`DA9@W&a1`14{3}*fq&*p50;Ef;o^J zdzL|?8U-KDDeJmwAo36eh?%>G_-)D$ zn<$zYZ-A^Ono4u&+%}zjdR{*lw)B=UDuA%;ZeCKIFxHpi0Rat0rhA5@z=!_HtzPksr|K3asc4*QB4sM$s+NU z*(MSI;DG}GsQp`og!tbI$=$=;!}>3Y^kKnyy%|6Bc$*37ID;UqN01T?P3dy;Txl5rY}yxA;b*K*E~q zSFr`l1%w-%SSp=}14WU3Qr{=5L88}g)`ld8n>F@nr@Z5)3vBja&G-y<8cGQuXB=zg z^$hpuMzb0^^-mu&vTFJfO>hk@z<4oiHwrciY4?W(1Rh_o1EQ1i=gGxk_NP6ylJv>( z`A2XVf3k(++&{yP=H4V)%@bCYC$}v9eJl?e`p~4c@-&aM2DtYp-Sn8cndBTA-jb}~IrcX!$+q;l z>i6+0*ICTn@aCZo$3xkMFXwPrB!-a)TI=WlW?!d$005K+B?p);w^q6iZ(pW)%5|@I zQKt4MGS?>+*<`pB5j)}D$ItIB7AgxVQ^z6w))$nMZUTLdSN@xiIt}JlbH#aS;%1+# zW2}wqo+ZWQ5m$%7Ny|2)Iho4NqQSlbzAxWJvQ)m{#%IcQd?;|f8&Q1~QxUM%OxF=) znN$y8j|ePbr&CH~olE%qReRDX*uIptlM!Eg+lAuDj7?%NpG&5NDD{3qeJ0s!gdaX; zo!`k597^7Fo@~N%D9BZE$gk3u=9%7$yJst1?`+>hSdnTcD&x(cVT~wo*}Z=1x@%Q3 zUW_)FT)Jt?o5emO+~sBmX|?t(+JkhzM#DT)sgV=%Ipe;NJWo0iPw{qQ+ki5Xtu%u#o+|J>$RhwC|NZ8 zR$;#Rm4yoAe(6FAUob_I8N!V0-Jz6%naH6Lmes8;v_T`kqYKSd>}^z}*iNYe>lAzI zNGVHXzGsRyO5*-qWD0Dl64$qYlj0b~y? z63XZ&sTm>pV&2V@*WbmS4|K16i90(rXIonCW8Pow=W%^|6;{jtyxXjnFTrq$2V>7h zki}K?tj6j^a`RGmS~UV~)AJmijW?U0V(O~RyAYMjLDWl^M@|cTwhwuixxm9|tt`1a z+rmKxTb}KmnEjz(&bD;h@iy^`u4m~lZ$4)<#QWNm-j&o*j%wMt2L>y#rC7F86k~|} z@DyD*$HVR~vDD9X*Cnmvc|Cl!lug>Z-6T}6dt1A*^kOb}w|Y`Q=|hRqHo4VW@4*lu zfLK^Y>RoY>T)Xeor5UWU? zd|M!&^#@v*DRcuZEC9GZFs0A3=sZM>;ULl@KLM-EPOXf2`sF>{RIE4gM(a!V#}$AT za#X*{kHl*_gd~aBfx(pm0h6^uhYxgV}ZPYC!U8Z0Qx;0;c2R{+9=cY1?DUF;NcS zS|>pDO!A;lDD+KsxM}Ro$u0=ypEbBXhGRtr0RT9~{ZBO*?XMcl>f&bY^{+xK^}Y=S zmIE#DN>sX^r4M;+Ocz@~A;KW4oHlxB+&lGK*U8-+9Kc_$w)Q=?O4vY_)I|A!!yTb8 z+qSjzv4RGU<-6&4#UhUqfd`)&Xnh5dIVIb>+BB>5JvYx}%A}l(IFdX4Xo0Ao=>N<& zzb!%D>B&FGJ*|J=Gl>2>UrUg)jh!vK6DzxyxtpE2g`>4Qn}^N6a?eZvDK4sD_2q19 zqiu6hHJBt(Qi~}*NJ{@4RCm~|c`-Lk7d*GrC?roBdE7?3Rp?elvBV&6vklq4%R1;f z+&lHXk6>CdDSHCF#h#1`^(ppHOo+(eqg#`0_M00 zH*c%?lI;3^X4%j5ft=2{={~+B%rVq`I|e6xbT7nqp79l08zF`oSjON zMjon!4S|R>ZjHnC=UN#i24o$^O<<5OyekFj+je_zENwwalwQU|Hw{a!X+CusOV;Kd z?(WW8^!`jvnG9eh0~09o+v-yJs+(L$FDymvT|9u4Wye&_9pmamjeP11Tql=QVWhcf z`OJjYRXjy_pGXD!pp28bo%8Q(iPGq@UwDbtcC3q*K`|f9Tj9s}ZjigS z7Ec4IHf*`a$J-Gz-Ya=r!4B!DA+?H5*3FnCxJ&4G#1~`(hFJlLJq(L#Mo?Nl^w-W6 zQ(iM0cY%3LJ9!pjB<8>Jk$$Y9ngtvaJK6dE=pHNvN(R%L8GJ^aMqQ3ew7;CTl&huR zU~YuE`6jXsvqWYl^HMP<$IVsH=>9AO5FHy@oJ)r-s-eXNn{2({0ulP4&5#M5_K&oq z<`!zpW$AiM3b zWV9RADt)y*@I&-h@6)p%ORn*BGc+u7lswACaSU1Wd&?Afu6K;B$^w}$K8(oeC(zK{ zc52b9$G0D&(6y4}eQkBcCORw&4MWeOi*S$H%;vo0ne3GDm~vg8%tYMGH!lHf4C}-c z`UYodEYqV3nrjbH=Id!PeOdrEVeQ0u1X3YVwSKS6w(`=HUP)__p5e<)KzBrSQ7_nMMpAYYkV-F^N5T{c(96H&mvnkIwtyOMS<)Ul}5&Xv{RLss>N zsI<%ZqKjZrO24Ss2Q3WN09;-nd*$qoSDkj)Zjz?b3Ms4ZO8|ynOcWbdg)$u|$}4lp z=wjramYfcu4j2GDK2{k;iXY)QO_O5*>aJ`+72-5}UVJu0`U8#<04ZqQ@g`P&< z{r9=#LBoAxXcpgClgl{i9vMubwsOJdjGgwmCmLqbBu1LC(&gu+A|||e*n)xbi^u^u z8ptrTa3_OxPTk=4r(TsJ-quH8bY45E$s`$RqR%ppfVMm3b4j8a0~B=h;mlDWm;aDe ze}dv8W$SKmKnR#sKd1XuQKjIK0n$2t`fPk3^SYoH?(&Eq0OVW( zAqg7KJ#d6z4oRXWYV}Mh$aug^ffP=%Ux1_}wOiCz6<$Qs>Yt5Sw{0$Gj1g zdF_!T8zD|?sgm50&m6e^=$87d7w-G^RH%r9r`F29G)rk>7b(WmZs}?LU%xEK%JWzI zw|58qHE4gorJ?rmX+6cMO1W0GhMLAikc%;Ae_suE?`wfvZtVDMK8(pDsYp<4pvXgX@zt!l#y4`o#m5Cn0-8-#gfNY3Uivv9AkpEt;)C;4{0>*A<) zvx@@LyYKAq*mmLagZEWf#=g@dxHYT0w{d6Nc43Qe=ILD9%$?suPRHUU>ukgF-owJ8 z?&Irv-K>t@*oumS_mmyJx97dKIsP~J0Tk>MhdQD+BkQ>BO+J1P7Orh~(>{I|=)}=dF zAr%V}jq%UypKz!A8!;&(6OBt*BL=j!&735D$kod5!7YXP8kcw0+WuRR}Ker5ooZcIZf{nZYCXnifj)X z>+F}VI!e%HX=VtZu@9)HLZ_3L5XrNJt(>X38_~Mq^NyIL~ zkdb60nXZtxhgJmL9$ROdq=d1z3av$}#=5>Xmb=D)gXHK6zZ_rfpj>mnXl%h~6=kHE z+q8sn22TfhXEw5*L?t{tO_OJSVlS%(uAvuyFNCM8&b$K8qQo125Y0HkZf_#qVd7bs zjB}~0BnXvIelmZsjwFK{We+3X-eq3cG(x&^mViM6Ob|+@5x1IE z+9;AE>-|($`Wg{4f~TtwZGD$ASelQKG^ILlK`u*B&S0UJf@X49x^txf>TwzSNN(c` zPkz63blJNZy}x^hLTE=-L@m)GgRfWLePRk4L$;q)>(fj+M@k*#w2xCVT3xEv zR1egz(N05~cReN!(=VWBRZt?sSJ4J;WRn{p2dkBuD9{p7ZAjtJH}^}FbbsvR;ezKG zST?*I76a8ikDuDwNTJoHksSHNV1~!MfmYyGNa6{wrj$%A4CWRPCw{5u&u)WiwT6w} z?S!Yb4Kv#IEjLg~oh+X^Ut(?UL%E9k(rn2$3cFGVl236mo(H8clZq;XJ-VB{4EB26}WGS`1{Jx!?Q1jMMlY+C9=a}2A;=APH{HMVrPBcQ+ zDj5;_7KJ)%%jf}Sf@c^=*m|EOtqAN02~4wt&$TuSfx*a!5Bmu~fgvs!o44Q7)6oZ) z26fqbpT*GixNmZX8$8Aa^tCp(O<6(-5q53yg}*hpxC?{b!1vG#@b%#kr3tj+p562T zT5N0reFHu@A8CO+Ud}*imRBA;KAVvqa4Qcrz44GIo{Tozghq4DjZez<>9a6$yN{z8 z;#zHtENm z|7Z!68EujSPu;x(Zgr|&EJQi zf1du`BL6b(e?>9IzfS+%#{UWNyJh<2rT+>Y%wG`yi?jX{?ss|pt3&=35!io+`_py( ziS)au`X$Hzin1p$|9fIimj6?n|B3dykoYCUehY%Xqy0}=_9xcw`rz+a286$3{r`l> lpIE;W>+jzS@`UxD^o5!t0`S+rKz@3{p2X+c)36-?_%EW|)+hh~ literal 0 HcmV?d00001 diff --git a/terraform/mcaptcha/mcaptcha.tf b/terraform/mcaptcha/mcaptcha.tf new file mode 100644 index 0000000..0c19bd5 --- /dev/null +++ b/terraform/mcaptcha/mcaptcha.tf @@ -0,0 +1,52 @@ +# SPDX-FileCopyrightText: 2023 Aravinth Manivannan +# +# SPDX-License-Identifier: AGPL-3.0-or-later + +resource "libvirt_volume" "mcaptcha_volume" { + name = "mcaptcha_volume-${count.index}" + base_volume_id = libvirt_volume.debian-mcaptcha-qcow2.id + count = var.mcaptcha_vm_count + pool = libvirt_pool.mcaptcha_basic.name + size = var.mcaptcha_vm_disk_size +} + +resource "libvirt_domain" "mcaptcha_mcaptcha" { + count = var.mcaptcha_vm_count + + name = "mcaptcha_mcaptcha_${count.index}" + memory = var.mcaptcha_vm_memory + vcpu = var.mcaptcha_vm_vcpu + + cloudinit = libvirt_cloudinit_disk.commoninit.id + + console { + type = "pty" + target_port = "0" + target_type = "serial" + } + + console { + type = "pty" + target_type = "virtio" + target_port = "1" + } + + network_interface { + network_name = "default" + wait_for_lease = true + } + + disk { + volume_id = element(libvirt_volume.mcaptcha_volume.*.id, count.index) + } +} + +locals { + mcaptcha_vm_ips = [for i in libvirt_domain.mcaptcha_mcaptcha : i.network_interface.0.addresses[0]] + mcaptcha_vm_names = [for i in libvirt_domain.mcaptcha_mcaptcha : i.name] + mcaptcha_vm_map = [for i in libvirt_domain.mcaptcha_mcaptcha : { + ip = i.network_interface.0.addresses[0], + name = i.name + }] +} + diff --git a/terraform/mcaptcha/network_config.cfg b/terraform/mcaptcha/network_config.cfg new file mode 100644 index 0000000..5b2cbca --- /dev/null +++ b/terraform/mcaptcha/network_config.cfg @@ -0,0 +1,4 @@ +version: 2 +ethernets: + ens3: + dhcp4: true diff --git a/terraform/mcaptcha/output.tf b/terraform/mcaptcha/output.tf new file mode 100644 index 0000000..688a67e --- /dev/null +++ b/terraform/mcaptcha/output.tf @@ -0,0 +1,20 @@ +# SPDX-FileCopyrightText: 2023 Aravinth Manivannan +# +# SPDX-License-Identifier: AGPL-3.0-or-later + + +output "mcaptcha_mcaptcha_ip" { + value = local.mcaptcha_vm_map +} + +resource "local_file" "hosts_yml" { + content = templatefile("./templates/hosts.yml.tftpl", + { + mcaptcha_vms_ips = local.mcaptcha_vm_ips, + mcaptcha_vms_names = local.mcaptcha_vm_names, + mcaptcha_vms = local.mcaptcha_vm_map + + }) + + filename = "hosts.ini" +} diff --git a/terraform/mcaptcha/scripts/on.sh b/terraform/mcaptcha/scripts/on.sh new file mode 100755 index 0000000..cc953cb --- /dev/null +++ b/terraform/mcaptcha/scripts/on.sh @@ -0,0 +1,7 @@ +#!/bin/bash + + +for vm in $(virsh list --all --name --state-shutoff); do \ + echo "[*] Starting vm: $vm"; \ + virsh start $vm; \ +done diff --git a/terraform/mcaptcha/templates/hosts.yml.tftpl b/terraform/mcaptcha/templates/hosts.yml.tftpl new file mode 100644 index 0000000..bcfac22 --- /dev/null +++ b/terraform/mcaptcha/templates/hosts.yml.tftpl @@ -0,0 +1,4 @@ +[mcaptcha_hosts] +%{ for vm in mcaptcha_vms ~} +${vm.name} ansible_host=${vm.ip} ansible_user=atm +%{ endfor ~} diff --git a/terraform/mcaptcha/variables.tf b/terraform/mcaptcha/variables.tf new file mode 100644 index 0000000..6bbfab4 --- /dev/null +++ b/terraform/mcaptcha/variables.tf @@ -0,0 +1,46 @@ +# SPDX-FileCopyrightText: 2023 Aravinth Manivannan +# +# SPDX-License-Identifier: AGPL-3.0-or-later +/* main.tf */ +variable "libvirt_uri" { + description = "URI of libvert socket" + type = string + default = "qemu:///system" +} + +variable "libvirt_pool_path" { + description = "Path of libvirt storage pool" + type = string + default = "/home/atm/code/libvirt/pool/mcaptcha_basic" +} + +variable "libvirt_debian_src" { + description = "Location of Debian 11 qcow2 image" + type = string + default = "/home/atm/disk-images/debian/12/clould/debian-12-generic-amd64.qcow2" +} + +/* mcaptcha/mcaptcha server server */ +variable "mcaptcha_vm_count" { + description = "Number of VMs to be deployed to run mcaptcha/mcaptcha" + type = number + default = 1 +} + +variable "mcaptcha_vm_disk_size" { + description = "Size of disk of VMs running mcaptcha/mcaptcha in bytes" + type = number + default = 8000000000 # 8GB +} + +variable "mcaptcha_vm_memory" { + description = "Memory of VMs running mcaptcha/mcaptcha in MB" + type = number + default = 2000 # 2GB +} + +variable "mcaptcha_vm_vcpu" { + description = "Number of CPUs of VMs running mcaptcha/mcaptcha" + type = number + default = 4 +}