diff --git a/.drone.yml b/.drone.yml index 5d23613..b65c785 100644 --- a/.drone.yml +++ b/.drone.yml @@ -21,7 +21,7 @@ steps: commands: - | terraform -chdir=terraform plan \ - -var="hv_password=$${VSPHERE_PASSWORD}" -var="repo_username=$${REPO_USERNAME}" -var="repo_password=$${REPO_PASSWORD}" -var="adds_password=$${ADDS_PASSWORD}"\ + -var="hv_password=$${VSPHERE_PASSWORD}" -var="repo_username=$${REPO_USERNAME}" -var="repo_password=$${REPO_PASSWORD}" -var="adds_password=$${ADDS_PASSWORD}" -var="vault_token=$${VAULT_TOKEN}" \ -var-file='vsphere.tfvars' -var-file='vm.tfvars' \ -input=false \ -out=terraform.plan @@ -35,6 +35,8 @@ steps: from_secret: repo_password ADDS_PASSWORD: from_secret: adds_password + VAULT_TOKEN: + from_secret: vault_token # TF_LOG: TRACE - name: Terraform Apply image: bv11-cr01.bessems.eu/library/packer-extended diff --git a/terraform/DC01.tf b/terraform/DC01.tf index a52b298..a20fd15 100644 --- a/terraform/DC01.tf +++ b/terraform/DC01.tf @@ -56,6 +56,11 @@ resource "vsphere_virtual_machine" "vm-dc" { "dhcpconfig.subnetmask" = var.dhcp_subnetmask "dhcpconfig.gateway" = var.dhcp_gateway "dhcpconfig.leaseduration" = var.dhcp_leaseduration + + "vault.api" = var.vault_api + "vault.token" = var.vault_token + "vault.pwpolicy" = var.vault_pwpolicy + "vault.secret" = var.vault_secret } } diff --git a/terraform/variables.tf b/terraform/variables.tf index d43d1f5..1c7ae40 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -26,4 +26,9 @@ variable "dhcp_startip" {} variable "dhcp_endip" {} variable "dhcp_subnetmask" {} variable "dhcp_gateway" {} -variable "dhcp_leaseduration" {} \ No newline at end of file +variable "dhcp_leaseduration" {} + +variable "vault_api" {} +variable "vault_token" {} +variable "vault_pwpolicy" {} +variable "vault_secret" {} \ No newline at end of file diff --git a/terraform/vm.tfvars b/terraform/vm.tfvars index 85ffc0f..0c4b682 100644 --- a/terraform/vm.tfvars +++ b/terraform/vm.tfvars @@ -1,13 +1,17 @@ -vm_numcpu = 2 -vm_memory = 4096 +vm_numcpu = 2 +vm_memory = 4096 -adds_domainname = "srv.io" -adds_netbiosname = "SRV" -adds_username = "SRV\\Administrator" -adds_ntpserver = "0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org" +adds_domainname = "srv.io" +adds_netbiosname = "SRV" +adds_username = "SRV\\Administrator" +adds_ntpserver = "0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org" -dhcp_startip = "10.0.0.50" -dhcp_endip = "10.0.0.250" -dhcp_subnetmask = "255.255.255.0" -dhcp_gateway = "10.0.0.1" -dhcp_leaseduration = "01:00:00.00" \ No newline at end of file +dhcp_startip = "10.0.0.50" +dhcp_endip = "10.0.0.250" +dhcp_subnetmask = "255.255.255.0" +dhcp_gateway = "10.0.0.1" +dhcp_leaseduration = "01:00:00.00" + +vault_api = "https://secure.spamasaurus.com/v1" +vault_pwpolicy = "complex" +vault_secret = "SRV.IO" \ No newline at end of file diff --git a/terraform/vsphere.tfvars b/terraform/vsphere.tfvars index dfa1bc5..c7c8e30 100644 --- a/terraform/vsphere.tfvars +++ b/terraform/vsphere.tfvars @@ -5,4 +5,4 @@ hv_host = "bv11-esx.bessems.lan" hv_hostip = "192.168.11.200" hv_datastore = "Datastore02.SSD" hv_vmfolder = "/Terraform" -hv_network = "Isolated" +hv_network = "Staging"