diff --git a/modules/wireguard/data.tfvars b/modules/wireguard/data.tfvars index f1d13a4..b2fc5e2 100644 --- a/modules/wireguard/data.tfvars +++ b/modules/wireguard/data.tfvars @@ -1,25 +1,35 @@ ### Provider ### -project = "scitas-project-1" -region = "europe-west4" -zone = "europe-west4-c" -service_account_email = "default" +project = "scitas-project-1" +region = "europe-west4" +zone = "europe-west4-c" +service_account_email = "default" ### Wireguard Network ### -wg_network_name = "scitas-wg-network" -wg_routing_mode = "REGIONAL" -wg_subnetwork_name = "wg-ldap" -wg_subnetwork_cidr = "10.0.0.0/24" +cluster_network_name = "scitas-gcp-poc" +cluster_subnetwork_name = "scitas-gcp-poc-europe-west4" +#wg_network_name = "scitas-wg-network" +#wg_routing_mode = "REGIONAL" +#wg_subnetwork_name = "wg-ldap" +#wg_subnetwork_cidr = "10.0.0.0/24" ### Wireguard LDAP Machine ### -wg_machine_name = "wireguard-ldap" -wg_machine_type = "e2-small" +wg_machine_name = "scitas-gcp-poc-wireguard" +wg_machine_type = "e2-small" -wg_boot_disk_type = "pd-standard" -wg_boot_disk_size = 20 -wg_boot_image = "centos-cloud/centos-8" +wg_boot_disk_type = "pd-standard" +wg_boot_disk_size = 20 +wg_boot_image = "centos-cloud/centos-8" -wg_fw_allow_rules = { - "tcp" = ["22"] - "udp" = ["51820"] +wg_fw_allow_rules = { + "default" = { + "tcp" = ["22"] + "udp" = ["51820"] + }, + "cluster" = { + "udp" = ["51820"] + } } +wg_routes = { + "scoldap" = "128.178.222.16/32" +} diff --git a/modules/wireguard/variables.tf b/modules/wireguard/variables.tf index 29b3c3f..83cc0ae 100644 --- a/modules/wireguard/variables.tf +++ b/modules/wireguard/variables.tf @@ -1,79 +1,99 @@ ### Compute instance variables ### variable "wg_machine_type" { type = string description = "The machine type to create. To see possible values: https://cloud.google.com/compute/docs/machine-types" } variable "wg_machine_name" { type = string description = "The hostname for the wireguard node." } variable "wg_boot_image" { type = string } variable "wg_boot_disk_size" { description = "Size of boot disk to create for the wireguard node" default = 50 } variable "wg_boot_disk_type" { description = "Type of boot disk to create for the wireguard node" default = "pd-standard" } ### Global variables used by GCP ### variable "project" { description = "GCP project ID" type = string } variable "region" { description = "Specific geographical location where GPC host the resources" type = string } variable "zone" { description = "Regions can have three or more zones" type = string } variable "service_account_email" { type = string } variable "service_account_scopes" { type = list default = ["https://www.googleapis.com/auth/cloud-platform"] } +### Cluster variables ### +variable "cluster_network_name" { + description = "Name of the cluster network" + type = string + default = null +} + +variable "cluster_subnetwork_name" { + description = "Name of the cluster subnetwork" + type = string + default = null +} ### Network variables ### variable "wg_network_name" { - description = "Name of the network" - type = string + description = "Name of the wireguard network" + type = string + default = null +} + +variable "wg_subnetwork_name" { + description = "Name of the wireguard subnetwork" + type = string + default = null } variable "wg_routing_mode" { description = "The network-wide routing mode to use" - type = string + type = string + default = "REGIONAL" } variable "wg_fw_allow_rules" { - type = map -} - -variable "wg_subnetwork_name" { - type = string + type = map } variable "wg_subnetwork_cidr" { type = string + default = "10.0.0.0/24" } +variable "wg_routes" { + type = map +}