Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bicep - configure ssh tunnel with public IP #1628

Merged
merged 1 commit into from
Jun 26, 2023
Merged

Bicep - configure ssh tunnel with public IP #1628

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 9 additions & 7 deletions bicep/azhop.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -940,12 +940,14 @@ output azhopGlobalConfig object = union(
} : {}
)

var sshTunelIp = deployJumpbox ? ( config.public_ip ? azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.publicIp : azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp ) : ''

output azhopInventory object = {
all: {
hosts: union (
{
localhost: {
psrp_ssh_proxy: deployJumpbox ? azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp : ''
psrp_ssh_proxy: sshTunelIp
}
scheduler: {
ansible_host: azhopVm[indexOf(map(vmItems, item => item.key), 'scheduler')].outputs.privateIp
Expand All @@ -964,7 +966,7 @@ output azhopInventory object = {
ansible_psrp_protocol: 'http'
ansible_user: config.admin_user
ansible_password: '__ADMIN_PASSWORD__'
psrp_ssh_proxy: deployJumpbox ? azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp : ''
psrp_ssh_proxy: sshTunelIp
ansible_psrp_proxy: deployJumpbox ? 'socks5h://localhost:5985' : ''
}
} : {} ,
Expand All @@ -975,13 +977,13 @@ output azhopInventory object = {
ansible_psrp_protocol: 'http'
ansible_user: config.admin_user
ansible_password: '__ADMIN_PASSWORD__'
psrp_ssh_proxy: deployJumpbox ? azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp : ''
psrp_ssh_proxy: sshTunelIp
ansible_psrp_proxy: deployJumpbox ? 'socks5h://localhost:5985' : ''
}
} : {} ,
deployJumpbox ? {
jumpbox : {
ansible_host: azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp
ansible_host: sshTunelIp
ansible_ssh_port: config.vms.jumpbox.sshPort
ansible_ssh_common_args: ''
}
Expand Down Expand Up @@ -1013,7 +1015,7 @@ output azhopInventory object = {
)
vars: {
ansible_ssh_user: config.admin_user
ansible_ssh_common_args: deployJumpbox ? '-o ProxyCommand="ssh -i ${config.admin_user}_id_rsa -p ${config.vms.jumpbox.sshPort} -W %h:%p ${config.admin_user}@${azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp}"' : ''
ansible_ssh_common_args: deployJumpbox ? '-o ProxyCommand="ssh -i ${config.admin_user}_id_rsa -p ${config.vms.jumpbox.sshPort} -W %h:%p ${config.admin_user}@${sshTunelIp}"' : ''
}
}
}
Expand All @@ -1030,7 +1032,7 @@ output azhopPackerOptions object = (config.deploy_sig) ? {
var_virtual_network_name: config.vnet.name
var_virtual_network_subnet_name: config.vnet.subnets.compute.name
var_virtual_network_resource_group_name: azhopResourceGroupName
var_ssh_bastion_host: azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp // TODO: add support for public IP
var_ssh_bastion_host: sshTunelIp
var_ssh_bastion_port: '${config.vms.jumpbox.sshPort}'
var_ssh_bastion_username: config.admin_user
var_ssh_bastion_private_key_file: '../${config.admin_user}_id_rsa'
Expand Down Expand Up @@ -1062,7 +1064,7 @@ case $1 in
exec ssh -i {0}_id_rsa -o ProxyCommand="ssh -i {0}_id_rsa -p {1} -W %h:%p {0}@{2}" -o "User={0}" "$@"
;;
esac
''', config.admin_user, config.vms.jumpbox.sshPort, azhopVm[indexOf(map(vmItems, item => item.key), 'jumpbox')].outputs.privateIp)
''', config.admin_user, config.vms.jumpbox.sshPort, sshTunelIp)

output azhopConnectScript string = deployDeployer ? azhopConnectScript : azhopSSHConnectScript

Expand Down
1 change: 1 addition & 0 deletions bicep/vm.bicep
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -145,6 +145,7 @@ resource virtualMachine 'Microsoft.Compute/virtualMachines@2022-11-01' = {

//output private_ip string = nic.properties.ipConfigurations[0].properties.privateIPAddress
output fqdn string = contains(vm, 'pip') && vm.pip ? publicIp.properties.dnsSettings.fqdn : ''
output publicIp string = contains(vm, 'pip') && vm.pip ? publicIp.properties.ipAddress : ''
output privateIp string = nic.properties.ipConfigurations[0].properties.privateIPAddress
output principalId string = virtualMachine.identity.principalId
//output privateIps array = [ for i in range(0, count): nic[i].properties.ipConfigurations[0].properties.privateIPAddress ]
Expand Down