Sort out networking

russdaygh · russdaygh · commit 195e6eaf188c · 2024-04-20T12:40:46.000+01:00
diff --git a/terraform/api_server.tf b/terraform/api_server.tf
@@ -20,8 +20,10 @@ resource "azurerm_linux_web_app" "api_server_web_app" {
   }
 
   connection_string {
-    name = "PocketDDDContext"
-    type = "SQLAzure"
+    name  = "PocketDDDContext"
+    type  = "SQLAzure"
     value = local.db_connection_string
   }
+
+  virtual_network_subnet_id = azurerm_subnet.subnet.id
 }
diff --git a/terraform/database.tf b/terraform/database.tf
@@ -24,3 +24,9 @@ resource "azurerm_mssql_database" "sqldb" {
     prevent_destroy = false
   }
 }
+
+resource "azurerm_mssql_virtual_network_rule" "sqlserver_subnet_rule" {
+  name      = "sql-vnet-rule"
+  server_id = azurerm_mssql_server.sqlserver.id
+  subnet_id = azurerm_subnet.subnet.id
+}
diff --git a/terraform/keyvault.tf b/terraform/keyvault.tf
@@ -23,7 +23,9 @@ resource "azurerm_key_vault" "key_vault" {
       "Get",
       "Set",
       "List",
-      "Delete"
+      "Delete",
+      "Purge",
+      "Recover"
     ]
 
     storage_permissions = [
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -15,4 +15,34 @@ resource "random_password" "admin_password" {
 
 locals {
   db_connection_string = "Server=tcp:${local.sql_server_name}.database.windows.net,1433;Persist Security Info=False;User ID=${random_string.admin_login.result};Password=${random_password.admin_password.result};MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Connection Timeout=30;"
-}
+}
+
+resource "azurerm_virtual_network" "vnet" {
+  name                = "${local.resource_prefix}-vnet"
+  location            = azurerm_resource_group.rg.location
+  resource_group_name = azurerm_resource_group.rg.name
+  address_space       = ["10.0.0.0/16"]
+  dns_servers         = ["10.0.0.4", "10.0.0.5"]
+
+  tags = {
+    environment = var.env
+  }
+}
+
+resource "azurerm_subnet" "subnet" {
+  name                 = "default-subnet"
+  resource_group_name  = azurerm_resource_group.rg.name
+  virtual_network_name = azurerm_virtual_network.vnet.name
+  address_prefixes     = ["10.0.1.0/24"]
+
+  delegation {
+    name = "delegation"
+
+    service_delegation {
+      name    = "Microsoft.Web/serverFarms"
+      actions = ["Microsoft.Network/virtualNetworks/subnets/join/action", "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"]
+    }
+  }
+
+  service_endpoints = ["Microsoft.Sql"]
+}
diff --git a/terraform/network.tf b/terraform/network.tf
diff --git a/terraform/outputs.tf b/terraform/outputs.tf
@@ -1,3 +1,3 @@
 output "api_server_url" {
-    value = azurerm_linux_web_app.api_server_web_app.default_hostname  
+  value = "https://${azurerm_linux_web_app.api_server_web_app.default_hostname}/"
 }

Original file line number	Diff line number	Diff line change
`@@ -20,8 +20,10 @@ resource "azurerm_linux_web_app" "api_server_web_app" {`
`20`	`20`	`}`
`21`	`21`
`22`	`22`	`connection_string {`
`23`		`- name = "PocketDDDContext"`
`24`		`- type = "SQLAzure"`
	`23`	`+ name = "PocketDDDContext"`
	`24`	`+ type = "SQLAzure"`
`25`	`25`	`value = local.db_connection_string`
`26`	`26`	`}`
	`27`	`+`
	`28`	`+ virtual_network_subnet_id = azurerm_subnet.subnet.id`
`27`	`29`	`}`
Original file line number	Diff line number	Diff line change
`@@ -24,3 +24,9 @@ resource "azurerm_mssql_database" "sqldb" {`
`24`	`24`	`prevent_destroy = false`
`25`	`25`	`}`
`26`	`26`	`}`
	`27`	`+`
	`28`	`+resource "azurerm_mssql_virtual_network_rule" "sqlserver_subnet_rule" {`
	`29`	`+ name = "sql-vnet-rule"`
	`30`	`+ server_id = azurerm_mssql_server.sqlserver.id`
	`31`	`+ subnet_id = azurerm_subnet.subnet.id`
	`32`	`+}`
Original file line number	Diff line number	Diff line change
`@@ -1,3 +1,3 @@`
`1`	`1`	`output "api_server_url" {`
`2`		`- value = azurerm_linux_web_app.api_server_web_app.default_hostname`
	`2`	`+ value = "https://${azurerm_linux_web_app.api_server_web_app.default_hostname}/"`
`3`	`3`	`}`