diff --git a/terraform/aws/aws-ec2-autoscaling-dual-subnet/main.tf b/terraform/aws/aws-ec2-autoscaling-dual-subnet/main.tf index 15c56fc..385a028 100644 --- a/terraform/aws/aws-ec2-autoscaling-dual-subnet/main.tf +++ b/terraform/aws/aws-ec2-autoscaling-dual-subnet/main.tf @@ -36,11 +36,6 @@ module "vpc" { name = local.name tags = local.aws_tags - - cidr = "10.0.80.0/22" - - public_subnets = ["10.0.80.0/24"] - private_subnets = ["10.0.81.0/24"] } resource "tailscale_tailnet_key" "main" { diff --git a/terraform/aws/aws-ec2-autoscaling-dual-subnet/outputs.tf b/terraform/aws/aws-ec2-autoscaling-dual-subnet/outputs.tf index 68b7273..66dd139 100644 --- a/terraform/aws/aws-ec2-autoscaling-dual-subnet/outputs.tf +++ b/terraform/aws/aws-ec2-autoscaling-dual-subnet/outputs.tf @@ -2,6 +2,10 @@ output "vpc_id" { value = module.vpc.vpc_id } +output "vpc_cidr" { + value = module.vpc.vpc_cidr_block +} + output "nat_public_ips" { value = module.vpc.nat_public_ips } diff --git a/terraform/aws/aws-ec2-autoscaling-session-recorder/main.tf b/terraform/aws/aws-ec2-autoscaling-session-recorder/main.tf index 00f4e37..b53d9cd 100644 --- a/terraform/aws/aws-ec2-autoscaling-session-recorder/main.tf +++ b/terraform/aws/aws-ec2-autoscaling-session-recorder/main.tf @@ -31,11 +31,6 @@ module "vpc" { name = local.name tags = local.aws_tags - - cidr = "10.0.80.0/22" - - public_subnets = ["10.0.80.0/24"] - private_subnets = ["10.0.81.0/24"] } resource "aws_vpc_endpoint" "recorder" { diff --git a/terraform/aws/aws-ec2-autoscaling-session-recorder/outputs.tf b/terraform/aws/aws-ec2-autoscaling-session-recorder/outputs.tf index 68b7273..66dd139 100644 --- a/terraform/aws/aws-ec2-autoscaling-session-recorder/outputs.tf +++ b/terraform/aws/aws-ec2-autoscaling-session-recorder/outputs.tf @@ -2,6 +2,10 @@ output "vpc_id" { value = module.vpc.vpc_id } +output "vpc_cidr" { + value = module.vpc.vpc_cidr_block +} + output "nat_public_ips" { value = module.vpc.nat_public_ips } diff --git a/terraform/aws/aws-ec2-autoscaling/main.tf b/terraform/aws/aws-ec2-autoscaling/main.tf index 9a0fbfb..b68f3ba 100644 --- a/terraform/aws/aws-ec2-autoscaling/main.tf +++ b/terraform/aws/aws-ec2-autoscaling/main.tf @@ -35,11 +35,6 @@ module "vpc" { name = local.name tags = local.aws_tags - - cidr = "10.0.80.0/22" - - public_subnets = ["10.0.80.0/24"] - private_subnets = ["10.0.81.0/24"] } resource "tailscale_tailnet_key" "main" { diff --git a/terraform/aws/aws-ec2-autoscaling/outputs.tf b/terraform/aws/aws-ec2-autoscaling/outputs.tf index 68b7273..66dd139 100644 --- a/terraform/aws/aws-ec2-autoscaling/outputs.tf +++ b/terraform/aws/aws-ec2-autoscaling/outputs.tf @@ -2,6 +2,10 @@ output "vpc_id" { value = module.vpc.vpc_id } +output "vpc_cidr" { + value = module.vpc.vpc_cidr_block +} + output "nat_public_ips" { value = module.vpc.nat_public_ips } diff --git a/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/main.tf b/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/main.tf index e2db4d2..3895f68 100644 --- a/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/main.tf +++ b/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/main.tf @@ -36,11 +36,6 @@ module "vpc" { name = local.name tags = local.aws_tags - cidr = "10.0.80.0/22" - - public_subnets = ["10.0.80.0/24"] - private_subnets = ["10.0.81.0/24"] - enable_ipv6 = true } diff --git a/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/outputs.tf b/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/outputs.tf index 1a7dd14..658d46f 100644 --- a/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/outputs.tf +++ b/terraform/aws/aws-ec2-instance-dual-stack-ipv4-ipv6/outputs.tf @@ -2,6 +2,10 @@ output "vpc_id" { value = module.vpc.vpc_id } +output "vpc_cidr" { + value = module.vpc.vpc_cidr_block +} + output "nat_public_ips" { value = module.vpc.nat_public_ips } diff --git a/terraform/aws/aws-ec2-instance/main.tf b/terraform/aws/aws-ec2-instance/main.tf index fa1d978..f85fc79 100644 --- a/terraform/aws/aws-ec2-instance/main.tf +++ b/terraform/aws/aws-ec2-instance/main.tf @@ -35,11 +35,6 @@ module "vpc" { name = local.name tags = local.aws_tags - - cidr = "10.0.80.0/22" - - public_subnets = ["10.0.80.0/24"] - private_subnets = ["10.0.81.0/24"] } resource "tailscale_tailnet_key" "main" { diff --git a/terraform/aws/aws-ec2-instance/outputs.tf b/terraform/aws/aws-ec2-instance/outputs.tf index 1a7dd14..658d46f 100644 --- a/terraform/aws/aws-ec2-instance/outputs.tf +++ b/terraform/aws/aws-ec2-instance/outputs.tf @@ -2,6 +2,10 @@ output "vpc_id" { value = module.vpc.vpc_id } +output "vpc_cidr" { + value = module.vpc.vpc_cidr_block +} + output "nat_public_ips" { value = module.vpc.nat_public_ips } diff --git a/terraform/aws/internal-modules/aws-vpc/main.tf b/terraform/aws/internal-modules/aws-vpc/main.tf index e666fd8..aad47f8 100644 --- a/terraform/aws/internal-modules/aws-vpc/main.tf +++ b/terraform/aws/internal-modules/aws-vpc/main.tf @@ -1,5 +1,15 @@ -data "aws_availability_zones" "available" { - state = "available" +locals { + vpc_cidr = var.cidr == "" ? cidrsubnet("10.0.0.0/16", 6, random_integer.vpc_cidr[0].result) : var.cidr # /22 + public_subnet_cidr = length(var.public_subnets) == 0 ? [cidrsubnet(local.vpc_cidr, 2, 0)] : var.public_subnets # /24 inside the /22 + private_subnet_cidr = length(var.private_subnets) == 0 ? [cidrsubnet(local.vpc_cidr, 2, 1)] : var.private_subnets # next /24 +} + +# Pick a random /22 within 10.0.0.0/16 +resource "random_integer" "vpc_cidr" { + count = var.cidr == "" ? 1 : 0 + + min = 0 + max = 63 # 2^(22-16)-1 = 64 slices in a /16 } module "vpc" { @@ -13,11 +23,11 @@ module "vpc" { public_subnet_tags = merge(var.tags, { Name = "${var.name}-public" }) private_subnet_tags = merge(var.tags, { Name = "${var.name}-private" }) - cidr = var.cidr + azs = var.azs != null ? var.azs : data.aws_availability_zones.available.zone_ids - azs = var.azs != null ? var.azs : data.aws_availability_zones.available.zone_ids - public_subnets = var.public_subnets - private_subnets = var.private_subnets + cidr = local.vpc_cidr + public_subnets = local.public_subnet_cidr + private_subnets = local.private_subnet_cidr map_public_ip_on_launch = true enable_nat_gateway = true @@ -30,3 +40,7 @@ module "vpc" { public_subnet_ipv6_prefixes = range(0, length(var.public_subnets)) private_subnet_ipv6_prefixes = range(10, 10 + length(var.private_subnets)) } + +data "aws_availability_zones" "available" { + state = "available" +} diff --git a/terraform/aws/internal-modules/aws-vpc/variables.tf b/terraform/aws/internal-modules/aws-vpc/variables.tf index 4779227..508a310 100644 --- a/terraform/aws/internal-modules/aws-vpc/variables.tf +++ b/terraform/aws/internal-modules/aws-vpc/variables.tf @@ -21,14 +21,17 @@ variable "azs" { variable "cidr" { description = "IPv4 CIDR block for the VPC" type = string + default = "" } variable "public_subnets" { description = "List of public subnet CIDR blocks" type = list(string) + default = [] } variable "private_subnets" { description = "List of private subnet CIDR blocks" type = list(string) + default = [] } variable "enable_ipv6" { description = "Conditional to provision IPV6 VPC resources too" diff --git a/terraform/azure/azure-linux-vm/main.tf b/terraform/azure/azure-linux-vm/main.tf index f2e958c..a17a8b9 100644 --- a/terraform/azure/azure-linux-vm/main.tf +++ b/terraform/azure/azure-linux-vm/main.tf @@ -29,7 +29,7 @@ locals { vpc_id = module.vpc.vnet_id subnet_id = module.vpc.public_subnet_id network_security_group_id = azurerm_network_security_group.tailscale_ingress.id - instance_type = "Standard_DS1_v2" + instance_type = "Standard_D2as_v6" admin_public_key_path = var.admin_public_key_path } @@ -47,12 +47,6 @@ module "vpc" { location = local.location resource_group_name = local.resource_group_name - cidrs = ["10.0.0.0/22"] - subnet_cidrs = [ - "10.0.0.0/24", - "10.0.1.0/24", - "10.0.2.0/24", - ] subnet_name_public = "public" subnet_name_private = "private" subnet_name_private_dns_resolver = "dns-inbound" diff --git a/terraform/azure/azure-linux-vm/outputs.tf b/terraform/azure/azure-linux-vm/outputs.tf index f228bc9..d98dcd6 100644 --- a/terraform/azure/azure-linux-vm/outputs.tf +++ b/terraform/azure/azure-linux-vm/outputs.tf @@ -2,6 +2,10 @@ output "vpc_id" { value = module.vpc.vnet_id } +output "vpc_cidrs" { + value = module.vpc.vnet_address_space +} + output "nat_public_ips" { value = module.vpc.nat_public_ips } diff --git a/terraform/azure/internal-modules/azure-network/main.tf b/terraform/azure/internal-modules/azure-network/main.tf index a6952af..6759aac 100644 --- a/terraform/azure/internal-modules/azure-network/main.tf +++ b/terraform/azure/internal-modules/azure-network/main.tf @@ -1,3 +1,16 @@ +locals { + cidrs = length(var.cidrs) == 0 ? [cidrsubnet("10.0.0.0/16", 6, random_integer.vpc_cidr[0].result)] : var.cidrs # /22 + subnet_cidrs = length(var.subnet_cidrs) == 0 ? [cidrsubnet(local.cidrs[0], 2, 0), cidrsubnet(local.cidrs[0], 2, 1), cidrsubnet(local.cidrs[0], 2, 2)] : var.subnet_cidrs # /24 inside the /22 +} + +# Pick a random /22 within 10.0.0.0/16 +resource "random_integer" "vpc_cidr" { + count = length(var.cidrs) == 0 ? 1 : 0 + + min = 0 + max = 63 # 2^(22-16)-1 = 64 slices in a /16 +} + module "vpc" { # https://registry.terraform.io/modules/Azure/network/azurerm/latest source = "Azure/network/azurerm" @@ -9,8 +22,8 @@ module "vpc" { vnet_name = var.name tags = var.tags - address_spaces = var.cidrs - subnet_prefixes = var.subnet_cidrs + address_spaces = local.cidrs + subnet_prefixes = local.subnet_cidrs subnet_names = [ var.subnet_name_public, var.subnet_name_private, diff --git a/terraform/azure/internal-modules/azure-network/variables.tf b/terraform/azure/internal-modules/azure-network/variables.tf index 7c4bbb0..0f922fd 100644 --- a/terraform/azure/internal-modules/azure-network/variables.tf +++ b/terraform/azure/internal-modules/azure-network/variables.tf @@ -24,10 +24,12 @@ variable "tags" { variable "cidrs" { description = "IPv4 CIDR block for the VPC" type = list(string) + default = [] } variable "subnet_cidrs" { description = "List of CIDR blocks" type = list(string) + default = [] } variable "subnet_name_public" { description = "Name of the `public` subnet" diff --git a/terraform/google/google-compute-instance/main.tf b/terraform/google/google-compute-instance/main.tf index 31b8930..7aad25a 100644 --- a/terraform/google/google-compute-instance/main.tf +++ b/terraform/google/google-compute-instance/main.tf @@ -38,19 +38,6 @@ module "vpc" { region = local.region name = local.name - - subnets = [ - { - subnet_name = "subnet-${local.region}-10-0-121" - subnet_ip = "10.0.121.0/24" - subnet_region = local.region - }, - { - subnet_name = "subnet-${local.region}-10-0-122" - subnet_ip = "10.0.122.0/24" - subnet_region = local.region - } - ] } resource "tailscale_tailnet_key" "main" { diff --git a/terraform/google/google-compute-instance/outputs.tf b/terraform/google/google-compute-instance/outputs.tf index 68ebdd9..d5f5def 100644 --- a/terraform/google/google-compute-instance/outputs.tf +++ b/terraform/google/google-compute-instance/outputs.tf @@ -2,6 +2,10 @@ output "instance_id" { value = module.tailscale_instance.instance_id } +output "subnets_ips" { + value = module.vpc.subnets_ips +} + output "user_data_md5" { description = "MD5 hash of the VM user_data script - for detecting changes" value = module.tailscale_instance.user_data_md5 diff --git a/terraform/google/internal-modules/google-vpc/main.tf b/terraform/google/internal-modules/google-vpc/main.tf index 444956b..29912c8 100644 --- a/terraform/google/internal-modules/google-vpc/main.tf +++ b/terraform/google/internal-modules/google-vpc/main.tf @@ -1,3 +1,28 @@ +locals { + cidr = length(var.subnets) == 0 ? [cidrsubnet("10.0.0.0/16", 6, random_integer.vpc_cidr[0].result)] : [] # /22 + # subnets = length(var.subnets) == 0 ? [cidrsubnet(local.cidr[0], 2, 0), cidrsubnet(local.cidr[0], 2, 1)] : var.subnets # /24 inside the /22 + subnets = length(var.subnets) == 0 ? [ + { + subnet_name = "subnet-0" + subnet_ip = cidrsubnet(local.cidr[0], 2, 0) + subnet_region = var.region + }, + { + subnet_name = "subnet-1" + subnet_ip = cidrsubnet(local.cidr[0], 2, 1) + subnet_region = var.region + } + ] : var.subnets +} + +# Pick a random /22 within 10.0.0.0/16 +resource "random_integer" "vpc_cidr" { + count = length(var.subnets) == 0 ? 1 : 0 + + min = 0 + max = 63 # 2^(22-16)-1 = 64 slices in a /16 +} + module "vpc" { # https://registry.terraform.io/modules/terraform-google-modules/network/google/latest source = "terraform-google-modules/network/google" @@ -6,7 +31,7 @@ module "vpc" { project_id = var.project_id network_name = var.name - subnets = var.subnets + subnets = local.subnets } module "cloud_router" { diff --git a/terraform/google/internal-modules/google-vpc/variables.tf b/terraform/google/internal-modules/google-vpc/variables.tf index 8eddef0..a33ceae 100644 --- a/terraform/google/internal-modules/google-vpc/variables.tf +++ b/terraform/google/internal-modules/google-vpc/variables.tf @@ -25,4 +25,5 @@ variable "subnets" { subnet_region = string } )) + default = [] }