update readme and shell script

README.md

@@ -1 +1,65 @@
-# AzureRM Linux VM - Terraform module
+# AzureRM Ansible Linux VM - 
+A custom Terraform module to deploy 1x Linux VM for Ansible playbook development in Microsoft Azure.
+
+## Pre-requisities
+* Terraform > 0.13.0
+* Git
+* VSCode
+* VSCode (extension) Remote SSH
+* VSCode (extension) Remote - SSH: Editing Configuration Files
+* AzureCLI
+
+## Input Variables
+
+* `technician_initials` via Terraform CLI prompt -- Enter your initials (used as a suffix identifier for key Azure resources)
+* `module.linux_vm.nsgRule1.source_address_prefix` via ./main.tf -- Update with your own public IP address
+
+## Outputs
+
+* `module.linux_vm.pip1` - The public IP DNS of the ansible host in azure
+* `module.linux_vm.tls_private_key`- The SSH private key needed to connect to the ansible host in azure
+* `module.linux_vm.azurerm_resource_group_name` - The resource group for the ansible dev environment
+* `module.linux_vm.azurerm_virtual_network_name`- The virtual network name for the ansible dev environment
+
+
+## Example Usage for Windows Users
+
+* Clone this repo
+```
+git clone https://github.com/globalbao/terraform-azurerm-ansible-linux-vm
+```
+
+* Initialize the module
+```
+cd terraform-azurerm-ansible-linux-vm
+terraform init
+```
+* Modify this variable in `/terraform-azurerm-ansible-linux-vm/main.tf`
+	* module.linux_vm.nsgRule1.`source_address_prefix`
+
+* Authenticate to Azure
+```
+az logout
+az login
+az account list
+az account set -s subscriptionID
+az account show
+```
+
+* Run Terraform to create the module resources
+```
+terraform apply -auto-approve
+```
+
+* Create a new local file for the private key e.g. `C:\Local\vm1key.pem`
+	* Modify the file's permissions so only your Windows account has read/write access. Remove all other inherited permissions e.g. System/Administrator Group.
+	* Copy & Paste the Terraform output of `tls_private_key` into this new file.
+
+* VSCode > Remote Explorer > SSH Targets > Add New
+	* Copy & Paste the Terraform output of `pip1` as the SSH target.
+	* Select the SSH config file to update e.g. `C:\Users\Username\.ssh\config`
+	* Add the following to SSH config file
+		* `User ansibleadmin`
+		* `IdentityFile C:/Local/vm1key.pem`
+
+* Test the SSH connection to the target works.

main.tf

@@ -13,18 +13,18 @@ provider "azurerm" {
 module "linux_vm" {
   source = "./modules/linux-vm"
 
-  rgName             = "ansible-devhost-rg"
+  rgName             = "ansible-devhost-${var.technician_initials}"
   rgLocation         = "australiaeast"
-  vnetName           = "ansible-dev-vnet"
+  vnetName           = "ansible-dev-vnet-${var.technician_initials}"
   vnetAddressSpace   = ["10.0.0.0/24"]
   vnetSubnetName     = "default"
   vnetSubnetAddress  = "10.0.0.0/24"
-  nsgName            = "default-subnet-nsg"
+  nsgName            = "ansible-dev-subnet-nsg-${var.technician_initials}"
   vmNICPrivateIP     = "10.0.0.5"
-  vmPublicIPDNS      = "ansibledevhost1"
-  vmName             = "ansibledevhost1"
+  vmPublicIPDNS      = "ansibledevhost1-${var.technician_initials}"
+  vmName             = "ansibledevhost1-${var.technician_initials}"
   vmSize             = "Standard_B2s"
-  vmAdminName        = "ansibleadmin"
+  vmAdminName        = "ansibleadmin" #If this is changed ensure you update "./scripts/ubuntu-setup-ansible.sh" with the new username
   vmShutdownTime     = "1900"
   vmShutdownTimeZone = "AUS Eastern Standard Time"
   vmSrcImageReference = {
@@ -42,7 +42,7 @@ module "linux_vm" {
     "protocol"                   = "Tcp"
     "source_port_range"          = "*"
     "destination_port_range"     = "22"
-    "source_address_prefix"      = "xxx.xxx.xxx.xxx"
+    "source_address_prefix"      = "0.0.0.0" #Update with your own public IP address https://www.whatismyip.com/
     "destination_address_prefix" = "10.0.0.5"
   }
 }

modules/linux-vm/main.tf

@@ -119,7 +119,7 @@ SETTINGS
 
   protected_settings = <<PROTECTED_SETTINGS
     {
-        "commandToExecute": "./ubuntu-setup-ansible.sh"
+        "commandToExecute": ". ./ubuntu-setup-ansible.sh"
     }
 PROTECTED_SETTINGS
-}
+}

modules/linux-vm/outputs.tf

@@ -1,7 +1,15 @@
 output "pip1" {
-  value = "${azurerm_public_ip.pip1.fqdn}"
+  value = azurerm_public_ip.pip1.fqdn
 }
 
 output "tls_private_key" {
-  value = "${tls_private_key.vm1key.private_key_pem}"
+  value = tls_private_key.vm1key.private_key_pem
 }
+
+output "azurerm_resource_group_name" {
+  value = azurerm_resource_group.rg1.name
+}
+
+output "azurerm_virtual_network_name" {
+  value = azurerm_virtual_network.vnet1.name
+}

modules/linux-vm/variables.tf

@@ -8,11 +8,10 @@ data "azurerm_subnet" "default" {
     azurerm_virtual_network.vnet1
   ]
 }
-
 variable "rgName" {
   type        = string
-  description = "resource group name"
-  default     = "ansible-devhost-rg"
+  description = "resource group name w/ technician's initials as a suffix"
+  default     = "ansible-devhost-yourinitials"
 }
 
 variable "rgLocation" {
@@ -23,8 +22,8 @@ variable "rgLocation" {
 
 variable "vnetName" {
   type        = string
-  description = "virtual network name"
-  default     = "ansible-dev-vnet"
+  description = "virtual network name w/ technician's initials as a suffix"
+  default     = "ansible-dev-vnet-yourinitials"
 }
 
 variable "vnetAddressSpace" {
@@ -47,13 +46,13 @@ variable "vnetSubnetAddress" {
 
 variable "nsgName" {
   type        = string
-  description = "network security group name"
-  default     = "default-subnet-nsg"
+  description = "network security group name w/ technician's initials as a suffix"
+  default     = "ansible-dev-subnet-nsg-yourinitials"
 }
 
 variable "nsgRule1" {
   type        = map
-  description = "network security group rule 1"
+  description = "network security group rule 1 - remember to modify 'source_address_prefix' with your own local Public IP address https://www.whatismyip.com/"
   default = {
     "name"                       = "SSH_allow"
     "description"                = "Allow inbound SSH from single Public IP to Ansible Host"
@@ -76,14 +75,14 @@ variable "vmNICPrivateIP" {
 
 variable "vmPublicIPDNS" {
   type        = string
-  description = "virtual machine public IP DNS name"
-  default     = "ansibledevhost1"
+  description = "virtual machine public IP DNS name w/ technician's initials as a suffix"
+  default     = "ansibledevhost1-yourinitials"
 }
 
 variable "vmName" {
   type        = string
-  description = "virtual machine name"
-  default     = "ansibledevhost1"
+  description = "virtual machine name w/ technician's initials as a suffix"
+  default     = "ansibledevhost1-yourinitials"
 }
 
 variable "vmSize" {

outputs.tf

@@ -1,7 +1,15 @@
 output "pip1" {
-  value = "${module.linux_vm.pip1}"
+  value = module.linux_vm.pip1
 }
 
 output "tls_private_key" {
-  value = "${module.linux_vm.tls_private_key}"
+  value = module.linux_vm.tls_private_key
 }
+
+output "azurerm_resource_group_name" {
+  value = module.linux_vm.azurerm_resource_group_name
+}
+
+output "azurerm_virtual_network_name" {
+  value = module.linux_vm.azurerm_virtual_network_name
+}

scripts/requirements-ansible.txt

@@ -0,0 +1,9 @@
+wheel
+requests==2.24.0
+yamllint==1.25.0
+pywinrm==0.4.1
+junit-xml==1.9
+ansible==2.10.2
+ansible-lint==4.3.7
+molecule==3.1.5
+molecule-azure==0.5.0

scripts/requirements-azure.txt

@@ -0,0 +1,40 @@
+packaging
+requests[security]
+xmltodict
+azure-cli-core==2.11.1
+azure-cli-nspkg==3.0.2
+azure-common==1.1.11
+azure-mgmt-authorization==0.51.1
+azure-mgmt-batch==5.0.1
+azure-mgmt-cdn==3.0.0
+azure-mgmt-compute==10.0.0
+azure-mgmt-containerinstance==1.4.0
+azure-mgmt-containerregistry==2.0.0
+azure-mgmt-containerservice==9.1.0
+azure-mgmt-dns==2.1.0
+azure-mgmt-keyvault==1.1.0
+azure-mgmt-marketplaceordering==0.1.0
+azure-mgmt-monitor==0.5.2
+azure-mgmt-network==10.2.0
+azure-mgmt-nspkg==2.0.0
+azure-mgmt-privatedns==0.1.0
+azure-mgmt-redis==5.0.0
+azure-mgmt-resource==10.2.0
+azure-mgmt-rdbms==1.4.1
+azure-mgmt-servicebus==0.5.3
+azure-mgmt-sql==0.10.0
+azure-mgmt-storage==11.1.0
+azure-mgmt-trafficmanager==0.50.0
+azure-mgmt-web==0.41.0
+azure-nspkg==2.0.0
+azure-storage==0.35.1
+msrest==0.6.10
+msrestazure==0.6.4
+azure-keyvault==1.0.0a1
+azure-graphrbac==0.61.1
+azure-mgmt-cosmosdb==0.5.2
+azure-mgmt-hdinsight==0.1.0
+azure-mgmt-devtestlabs==3.0.0
+azure-mgmt-loganalytics==0.2.0
+azure-mgmt-automation==0.1.1
+azure-mgmt-iothub==0.7.0

scripts/ubuntu-setup-ansible.sh

@@ -1,22 +1,28 @@
 #!/bin/bash
+# This file should be sourced
 
-# Update all packages that have available updates.
+# Change directory to user home
+cd /home/ansibleadmin
+
+# Upgrade all packages that have available updates and remove old ones.
 sudo apt-get update
 sudo apt upgrade -y
+sudo apt autoremove --assume-yes
 
 # Install git
-sudo apt install git-all
-
-# Install ansible developer requirements
-pip3 install wheel --quiet
-pip3 install pywinrm --quiet
-pip3 install requests --quiet
-pip3 install ansible --quiet
-pip3 install ansible-lint --quiet
-pip3 install ansible[azure] --quiet
-pip3 install molecule --quiet
-pip3 install molecule-azure --quiet
-pip3 install junit_xml --quiet
+sudo apt install git --assume-yes
 
 # Install azcli
-curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash
+
+# Install venv and pip
+sudo apt install python3-venv --assume-yes
+sudo apt install python3-pip --assume-yes
+
+# Setup virtual environment and push home folder ownership
+sudo python3 -m venv venv
+sudo chown ansibleadmin /home/ansibleadmin --recursive
+
+# Install ansible and azure modules into virtual environment
+pip3 install -r https://raw.githubusercontent.com/globalbao/terraform-azurerm-ansible-linux-vm/master/scripts/requirements-ansible.txt
+pip3 install -r https://raw.githubusercontent.com/globalbao/terraform-azurerm-ansible-linux-vm/master/scripts/requirements-azure.txt

variables.tf

@@ -0,0 +1,4 @@
+variable "technician_initials" {
+  type        = string
+  description = "Enter your initials (used as a suffix identifier for key Azure resources)"
+}