1 files changed, 88 insertions, 0 deletions

diff --git a/Terraform/Azure/VPN-Server-WireGuard/virtual_networks.tf b/Terraform/Azure/VPN-Server-WireGuard/virtual_networks.tf
new file mode 100644
index 0000000..a1671e7
--- /dev/null
+++ b/Terraform/Azure/VPN-Server-WireGuard/virtual_networks.tf
@@ -0,0 +1,88 @@
+# vNET Creation
+resource "azurerm_virtual_network" "azure_vnet_vpn_net" {
+  name                = var.vnet_name
+  address_space       = [var.vnet_address_prefix]
+  location            = var.location
+  resource_group_name = var.resource_group
+  depends_on = [
+    var.resource_group
+  ]
+  tags = var.tags
+}
+
+# vNet Subnet Public
+resource "azurerm_subnet" "azure_vnet_pub_subnet" {
+  name                 = join("-", [var.prefix, var.vnet_name, "pub"])
+  resource_group_name  = var.resource_group
+  address_prefixes     = [var.vnet_pub_subnet_prefix]
+  virtual_network_name = azurerm_virtual_network.azure_vnet_vpn_net.name
+}
+
+# vNet Subnet Wire Guard
+resource "azurerm_subnet" "azure_vnet_priv_subnet" {
+  name                 = join("-", [var.prefix, var.vnet_name, "priv-wg"])
+  resource_group_name  = var.resource_group
+  address_prefixes     = [var.wg_server_subnet_prefix]
+  virtual_network_name = azurerm_virtual_network.azure_vnet_vpn_net.name
+}
+
+# Public Address
+resource "azurerm_public_ip" "azure_vnet_public_address_lb" {
+  name                    = join("-", [var.prefix, var.vnet_name, "VPN", "LB", "public", "IP"])
+  location                = var.location
+  resource_group_name     = var.resource_group
+  sku                     = "Standard"
+  allocation_method       = "Static"
+  idle_timeout_in_minutes = "30"
+  tags                    = var.tags
+}
+
+# VyOS Route Table
+resource "azurerm_route_table" "azure_vnet_vpn_net_VyOS_route" {
+  name                          = join("-", [var.prefix, var.vnet_name, "VyOS", "route"])
+  resource_group_name           = var.resource_group
+  location                      = var.location
+  disable_bgp_route_propagation = false
+  tags                          = var.tags
+
+  route {
+    name                   = "Default"
+    address_prefix         = "0.0.0.0/0"
+    next_hop_type          = "VirtualAppliance"
+    next_hop_in_ip_address = var.wg_server_Private_IP
+  }
+}
+
+# Assosiate route table to subnet
+resource "azurerm_subnet_route_table_association" "azure_vnet_vpn_net_assosiation" {
+  subnet_id      = azurerm_subnet.azure_vnet_priv_subnet.id
+  route_table_id = azurerm_route_table.azure_vnet_vpn_net_VyOS_route.id
+}
+
+# Create NIC for VyOS
+resource "azurerm_network_interface" "azure_vnet_vpn_net_nic" {
+  count                = 2
+  name                 = join("-", [var.prefix, var.vnet_name, "VyOS", "${count.index}", "NIC"])
+  location             = var.location
+  resource_group_name  = var.resource_group
+  enable_ip_forwarding = true
+  tags                 = var.tags
+
+  ip_configuration {
+    name                          = "ifconfig-${count.index}"
+    subnet_id                     = azurerm_subnet.azure_vnet_pub_subnet.id
+    private_ip_address_allocation = "Dynamic"
+  }
+
+  depends_on = [
+    azurerm_virtual_network.azure_vnet_vpn_net
+  ]
+}
+
+# VyOS Security Group Assosiation
+resource "azurerm_network_interface_security_group_association" "vpn_net_VyOS_attach" {
+  count                     = 2
+  network_interface_id      = azurerm_network_interface.azure_vnet_vpn_net_nic[count.index].id
+  network_security_group_id = azurerm_network_security_group.azure_sg_vyos.id
+  depends_on                = [azurerm_network_security_group.azure_sg_vyos]
+}