Obisidian vault auto-backup: 20-01-2026 10:42:26 on . 21 files edited

.obsidian/workspace.json

@@ -204,8 +204,19 @@
       "obsidian-git:Open Git source control": false
     }
   },
-  "active": "e11a6a080eb83632",
+  "active": "622da1d4e0ba0f73",
   "lastOpenFiles": [
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/104/install-demo-flask.sh",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/104/terraform.tfstate.backup",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/104/main.tf",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/104/install-nginx.sh.tpl",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/104/terraform.tfstate",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/104/provider.tf",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/103/install-demo-flask.sh",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/103/terraform.tfstate.backup",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/103/main.tf",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/103/install-nginx.sh.tpl",
+    "ISEN/Cloud Computing/CIPA4/TP Terraform/103/terraform.tfstate",
     "ISEN/Cloud Computing/CIPA4/Cloud Computing Cours 5.md",
     "ISEN/Cloud Computing/CIPA4/Cloud Computing Cours 2.md",
     "ISEN/Cloud Computing/CIPA4/Cloud Computing Cours 1.md",
@@ -216,7 +227,6 @@
     "ISEN/English/A2/23 févr 2024.md",
     "ISEN/English/A2/20 oct 2023.md",
     "ISEN/English/A2/2 févr 2024.md",
-    "ISEN/English/Untitled",
     "ISEN/Réunion/CIPA 4/Réunion international.md",
     "README.md",
     "Protocol Data Units (PDU).md",
@@ -224,17 +234,8 @@
     "Pasted image 20250610091125.png",
     "Pasted image 20240505210657.png",
     "Pasted image 20240505210642.png",
-    "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/Intro2Cyber - Sujet TP 2025-2026.pdf",
-    "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/~$tro2Cyber - Sujet TP 2025-2026.docx",
-    "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/Intro2Cyber - Sujet TP 2025-2026.docx",
-    "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/~$tro2Cyber - Sujet TP 2025-2026.pdf",
     "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/Cours 1.md",
     "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4/Untitled.md",
-    "ISEN/Introduction a la cyber et a la cryptographie/CIPA 4",
-    "ISEN/Introduction a la cyber et a la cryptographie",
-    "ISEN/Web/CIPA 4/TP/TP3/TP3_MARQUET.zip",
-    "ISEN/Web/CIPA 4/TP/TP3/Archive.zip",
-    "ISEN/Web/CIPA 4/TP/TP1/authentification.html~",
     "ISEN/Cloud Computing/CIPA4/TP 1 Ansible.md",
     "ISEN/Web/CIPA 4/Idée projet.md",
     "ISEN/Cloud Computing/CIPA4/TP 4 Ansible.md",
@@ -246,7 +247,6 @@
     "ISEN/Réunion/CIPA 4/Untitled.md",
     "ISEN/English/CIPA4/24 oct 2025.md",
     "ISEN/Réseau/CIPA4/TP/TP M02 Conversion.md",
-    "ISEN/English/CIPA4/Elevator pitch.md",
     "src/Pasted image 20240130111505.png",
     "src/Pasted image 20240123120819.png",
     "src/Pasted image 20240123120807.png",

ISEN/Cloud Computing/CIPA4/TP Terraform/101/main.tf

@@ -0,0 +1,47 @@
+terraform {
+  required_providers {
+    openstack = {
+      source = "terraform-provider-openstack/openstack"
+      version = "1.46.0"
+    }
+  }
+}
+
+provider "openstack" {
+}
+
+
+resource "openstack_compute_instance_v2" "server1" {
+  name        = "server1"
+  image_name  = "Debian 13"
+  flavor_name = "small"
+  key_pair    = "isen"
+  network {
+    name = "public"
+  }
+  security_groups = ["allow_ssh_and_ping"]
+}
+
+resource "openstack_networking_secgroup_v2" "allow_ssh_and_ping" {
+  name        = "allow_ssh_and_ping"
+  description = "Security group to allow SSH and ping"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_ssh" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 22
+  port_range_max    = 22
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_ping" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "icmp"
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+

ISEN/Cloud Computing/CIPA4/TP Terraform/101/terraform.tfstate

@@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.11.3","serial":6,"lineage":"8bed9d06-a2b8-c601-2f35-29ce8d2d52f0","outputs":{},"resources":[{"mode":"managed","type":"openstack_compute_instance_v2","name":"server1","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"access_ip_v4":"51.91.90.66","access_ip_v6":"","admin_pass":null,"all_metadata":{},"all_tags":[],"availability_zone":"nova","availability_zone_hints":null,"block_device":[],"config_drive":null,"flavor_id":"f847fe12-45f5-46ed-bbb6-0610e595298b","flavor_name":"small","floating_ip":null,"force_delete":false,"id":"1b7abc44-eaa9-4804-90ab-902a238c23f5","image_id":"c8f79c22-0e21-42ce-9797-ceb683b335a2","image_name":"Debian 13","key_pair":"isen","metadata":null,"name":"server1","network":[{"access_network":false,"fixed_ip_v4":"51.91.90.66","fixed_ip_v6":"","floating_ip":"","mac":"fa:16:3e:a7:42:9f","name":"public","port":"","uuid":"09d8416d-7442-4f96-8f87-4d47314feaf6"}],"network_mode":null,"personality":[],"power_state":"active","region":"","scheduler_hints":[],"security_groups":["allow_ssh_and_ping"],"stop_before_destroy":false,"tags":[],"timeouts":null,"user_data":null,"vendor_options":[],"volume":[]},"sensitive_attributes":[[{"type":"get_attr","value":"admin_pass"}]],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19"}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_ping","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"ffe7ff86-8bbe-4b1a-8dc0-0afcae8060cb","port_range_max":0,"port_range_min":0,"protocol":"icmp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"10b14eb0-1f77-43c0-9e03-f07be661d7de","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_ssh","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"8b032a32-426f-4bc3-b97d-6014e5175840","port_range_max":22,"port_range_min":22,"protocol":"tcp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"10b14eb0-1f77-43c0-9e03-f07be661d7de","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_v2","name":"allow_ssh_and_ping","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"all_tags":[],"delete_default_rules":null,"description":"Security group to allow SSH and ping","id":"10b14eb0-1f77-43c0-9e03-f07be661d7de","name":"allow_ssh_and_ping","region":"","tags":[],"tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ=="}]}],"check_results":null}

ISEN/Cloud Computing/CIPA4/TP Terraform/101/terraform.tfstate.backup

@@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.11.3","serial":5,"lineage":"8bed9d06-a2b8-c601-2f35-29ce8d2d52f0","outputs":{},"resources":[{"mode":"managed","type":"openstack_compute_instance_v2","name":"server1","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"access_ip_v4":"51.91.90.66","access_ip_v6":"","admin_pass":null,"all_metadata":{},"all_tags":[],"availability_zone":"nova","availability_zone_hints":null,"block_device":[],"config_drive":null,"flavor_id":"f847fe12-45f5-46ed-bbb6-0610e595298b","flavor_name":"small","floating_ip":null,"force_delete":false,"id":"1b7abc44-eaa9-4804-90ab-902a238c23f5","image_id":"c8f79c22-0e21-42ce-9797-ceb683b335a2","image_name":"Debian 13","key_pair":"isen","metadata":null,"name":"server1","network":[{"access_network":false,"fixed_ip_v4":"51.91.90.66","fixed_ip_v6":"","floating_ip":"","mac":"fa:16:3e:a7:42:9f","name":"public","port":"","uuid":"09d8416d-7442-4f96-8f87-4d47314feaf6"}],"network_mode":null,"personality":[],"power_state":"active","region":"","scheduler_hints":[],"security_groups":["allow_ssh_and_ping"],"stop_before_destroy":false,"tags":[],"timeouts":null,"user_data":null,"vendor_options":[],"volume":[]},"sensitive_attributes":[[{"type":"get_attr","value":"admin_pass"}]],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19"}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_ping","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"ffe7ff86-8bbe-4b1a-8dc0-0afcae8060cb","port_range_max":0,"port_range_min":0,"protocol":"icmp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"10b14eb0-1f77-43c0-9e03-f07be661d7de","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_ssh","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"8b032a32-426f-4bc3-b97d-6014e5175840","port_range_max":22,"port_range_min":22,"protocol":"tcp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"10b14eb0-1f77-43c0-9e03-f07be661d7de","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_v2","name":"allow_ssh_and_ping","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"all_tags":[],"delete_default_rules":null,"description":"Security group to allow SSH and ping","id":"10b14eb0-1f77-43c0-9e03-f07be661d7de","name":"allow_ssh_and_ping","region":"","tags":null,"tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ=="}]}],"check_results":null}

ISEN/Cloud Computing/CIPA4/TP Terraform/102/demo-flask.tf

@@ -0,0 +1,50 @@
+resource "openstack_compute_instance_v2" "demo-flask" {
+  name        = "demo-flask"
+  image_name  = "Debian 13"
+  flavor_name = "small"
+  key_pair    = "isen"
+  network {
+    name = "public"
+  }
+  security_groups = [openstack_networking_secgroup_v2.allow_ssh_and_ping.id]
+  user_data = file("install-demo-flask.sh")
+}
+
+resource "openstack_networking_secgroup_v2" "allow_ssh_and_ping" {
+  name        = "allow_ssh_and_ping"
+  description = "Security group to allow SSH and ping"
+
+
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_ssh" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 22
+  port_range_max    = 22
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_ping" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "icmp"
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_flask_8080" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 8080
+  port_range_max    = 8080
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+output "demo-flask-url" {
+  value = "${format("http://%s", openstack_compute_instance_v2.demo-flask.access_ip_v4)}:8080"
+}

ISEN/Cloud Computing/CIPA4/TP Terraform/102/install-demo-flask.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+apt-get update
+apt-get -y install python3-pip git python3-venv
+git clone https://github.com/arnaudmorin/demo-flask /opt/demo-flask
+python3 -m venv /opt/demo-flask-venv
+/opt/demo-flask-venv/bin/pip install -r /opt/demo-flask/requirements.txt
+sed -i -r 's|^python3|/opt/demo-flask-venv/bin/python|' /opt/demo-flask/start.sh
+cp /opt/demo-flask/demo-flask.service /etc/systemd/system/
+systemctl enable demo-flask.service
+systemctl daemon-reload
+systemctl start demo-flask.service

ISEN/Cloud Computing/CIPA4/TP Terraform/102/provider.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    openstack = {
+      source = "terraform-provider-openstack/openstack"
+      version = "1.46.0"
+    }
+  }
+}
+
+provider "openstack" {
+}

ISEN/Cloud Computing/CIPA4/TP Terraform/102/terraform.tfstate

@@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.11.3","serial":17,"lineage":"2168cc63-698b-628c-35ac-857b12ae879c","outputs":{},"resources":[],"check_results":null}

ISEN/Cloud Computing/CIPA4/TP Terraform/102/terraform.tfstate.backup

@@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.11.3","serial":16,"lineage":"2168cc63-698b-628c-35ac-857b12ae879c","outputs":{"demo-flask-url":{"value":"http://51.91.90.92:8080","type":"string"}},"resources":[{"mode":"managed","type":"openstack_compute_instance_v2","name":"demo-flask","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"access_ip_v4":"51.91.90.92","access_ip_v6":"","admin_pass":null,"all_metadata":{},"all_tags":[],"availability_zone":"nova","availability_zone_hints":null,"block_device":[],"config_drive":null,"flavor_id":"f847fe12-45f5-46ed-bbb6-0610e595298b","flavor_name":"small","floating_ip":null,"force_delete":false,"id":"29830a3b-060a-4216-8f27-48ec3ecb6b6f","image_id":"c8f79c22-0e21-42ce-9797-ceb683b335a2","image_name":"Debian 13","key_pair":"isen","metadata":null,"name":"demo-flask","network":[{"access_network":false,"fixed_ip_v4":"51.91.90.92","fixed_ip_v6":"","floating_ip":"","mac":"fa:16:3e:94:ba:2f","name":"public","port":"","uuid":"09d8416d-7442-4f96-8f87-4d47314feaf6"}],"network_mode":null,"personality":[],"power_state":"active","region":"","scheduler_hints":[],"security_groups":["d38a5d46-450d-4607-b3cc-0c6d6561f68b"],"stop_before_destroy":false,"tags":null,"timeouts":null,"user_data":"25fd7277a5bc61bd8cad2afd025d2e1d356631db","vendor_options":[],"volume":[]},"sensitive_attributes":[[{"type":"get_attr","value":"admin_pass"}]],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxODAwMDAwMDAwMDAwLCJkZWxldGUiOjE4MDAwMDAwMDAwMDAsInVwZGF0ZSI6MTgwMDAwMDAwMDAwMH19","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_flask_8080","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"b510a1ee-61e6-485f-b988-dc006de5fbfe","port_range_max":8080,"port_range_min":8080,"protocol":"tcp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"d38a5d46-450d-4607-b3cc-0c6d6561f68b","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_ping","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"178ccc44-1df4-4ea0-8c97-5e6fff89126f","port_range_max":0,"port_range_min":0,"protocol":"icmp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"d38a5d46-450d-4607-b3cc-0c6d6561f68b","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_rule_v2","name":"allow_ssh","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"description":"","direction":"ingress","ethertype":"IPv4","id":"ca9763d2-d1a2-4921-b950-ca29f66b00c6","port_range_max":22,"port_range_min":22,"protocol":"tcp","region":"","remote_group_id":"","remote_ip_prefix":"0.0.0.0/0","security_group_id":"d38a5d46-450d-4607-b3cc-0c6d6561f68b","tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ==","dependencies":["openstack_networking_secgroup_v2.allow_ssh_and_ping"]}]},{"mode":"managed","type":"openstack_networking_secgroup_v2","name":"allow_ssh_and_ping","provider":"provider[\"registry.opentofu.org/terraform-provider-openstack/openstack\"]","instances":[{"schema_version":0,"attributes":{"all_tags":[],"delete_default_rules":null,"description":"Security group to allow SSH and ping","id":"d38a5d46-450d-4607-b3cc-0c6d6561f68b","name":"allow_ssh_and_ping","region":"","tags":null,"tenant_id":"bc0daf877c1b4147ac5fcaa7419b0a5f","timeouts":null},"sensitive_attributes":[],"private":"eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjo2MDAwMDAwMDAwMDB9fQ=="}]}],"check_results":null}

ISEN/Cloud Computing/CIPA4/TP Terraform/103/install-demo-flask.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+apt-get update
+apt-get -y install python3-pip git python3-venv
+git clone https://github.com/arnaudmorin/demo-flask /opt/demo-flask
+python3 -m venv /opt/demo-flask-venv
+/opt/demo-flask-venv/bin/pip install -r /opt/demo-flask/requirements.txt
+sed -i -r 's|^python3|/opt/demo-flask-venv/bin/python|' /opt/demo-flask/start.sh
+cp /opt/demo-flask/demo-flask.service /etc/systemd/system/
+systemctl enable demo-flask.service
+systemctl daemon-reload
+systemctl start demo-flask.service

ISEN/Cloud Computing/CIPA4/TP Terraform/103/install-nginx.sh.tpl

@@ -0,0 +1,18 @@
+#!/bin/bash
+apt-get update
+apt-get install -y nginx python3-certbot-nginx certbot
+cat <<EOF > /etc/nginx/sites-enabled/default
+server {
+ listen 80;
+ server_name ${frontend}.xip.opensteak.fr;
+ listen [::]:80;
+ access_log /var/log/nginx/reverse-access.log;
+ error_log /var/log/nginx/reverse-error.log;
+ location / { proxy_pass http://${backend}:8080; }
+}
+EOF
+
+systemctl restart nginx
+
+# certbot
+certbot run --agree-tos --register-unsafely-without-email --non-interactive --nginx --redirect --domain ${frontend}.xip.opensteak.fr

ISEN/Cloud Computing/CIPA4/TP Terraform/103/main.tf

@@ -0,0 +1,129 @@
+data "openstack_networking_network_v2" "public" {
+  name = "public"
+}
+
+resource "openstack_networking_network_v2" "private" {
+  name           = "private"
+  admin_state_up = true
+}
+
+resource "openstack_networking_subnet_v2" "private_subnet" {
+  name       = "private_subnet"
+  network_id = openstack_networking_network_v2.private.id
+  cidr       = "192.168.1.0/24"
+  ip_version = 4
+}
+
+resource "openstack_networking_router_v2" "router" {
+  name                = "router"
+  admin_state_up      = true
+  external_network_id = data.openstack_networking_network_v2.public.id
+}
+
+resource "openstack_networking_router_interface_v2" "router_interface" {
+  router_id = openstack_networking_router_v2.router.id
+  subnet_id = openstack_networking_subnet_v2.private_subnet.id
+}
+
+resource "openstack_compute_instance_v2" "demo-flask" {
+  name        = "demo-flask"
+  image_name  = "Debian 13"
+  flavor_name = "small"
+  key_pair    = "isen"
+  network {
+    name = openstack_networking_network_v2.private.name
+  }
+  security_groups = [openstack_networking_secgroup_v2.allow_ssh_and_ping.id]
+  user_data = file("install-demo-flask.sh")
+}
+
+resource "openstack_compute_instance_v2" "nginx-frontend" {
+  name        = "nginx-frontend"
+  image_name  = "Debian 13"
+  flavor_name = "small"
+  key_pair    = "isen"
+  network {
+    name = openstack_networking_network_v2.private.name
+  }
+  security_groups = [openstack_networking_secgroup_v2.allow_web.id]
+  user_data = templatefile("${path.module}/install-nginx.sh.tpl", {
+    frontend = "nginx-frontend"
+    backend  = openstack_compute_instance_v2.demo-flask.access_ip_v4
+  })
+  depends_on = [openstack_compute_instance_v2.demo-flask]
+}
+
+resource "openstack_networking_secgroup_v2" "allow_ssh_and_ping" {
+  name        = "allow_ssh_and_ping"
+  description = "Security group to allow SSH and ping"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_ssh" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 22
+  port_range_max    = 22
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_ping" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "icmp"
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_flask_8080" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 8080
+  port_range_max    = 8080
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_ssh_and_ping.id
+}
+
+resource "openstack_networking_secgroup_v2" "allow_web" {
+  name        = "allow_web"
+  description = "Security group to allow HTTP and HTTPS"
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_http" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 80
+  port_range_max    = 80
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_web.id
+}
+
+resource "openstack_networking_secgroup_rule_v2" "allow_https" {
+  direction         = "ingress"
+  ethertype         = "IPv4"
+  protocol          = "tcp"
+  port_range_min    = 443
+  port_range_max    = 443
+  remote_ip_prefix  = "0.0.0.0/0"
+  security_group_id = openstack_networking_secgroup_v2.allow_web.id
+}
+
+resource "openstack_networking_floatingip_v2" "frontend_fip" {
+  pool = "public"
+}
+
+resource "openstack_compute_floatingip_associate_v2" "frontend_fip_assoc" {
+  floating_ip = openstack_networking_floatingip_v2.frontend_fip.address
+  instance_id = openstack_compute_instance_v2.nginx-frontend.id
+}
+
+output "demo-flask-url" {
+  value = "${format("http://%s", openstack_compute_instance_v2.demo-flask.access_ip_v4)}:8080"
+}
+
+output "nginx-url" {
+  value = "https://${openstack_networking_floatingip_v2.frontend_fip.address}.xip.opensteak.fr"
+}

ISEN/Cloud Computing/CIPA4/TP Terraform/103/provider.tf

@@ -0,0 +1,11 @@
+terraform {
+  required_providers {
+    openstack = {
+      source = "terraform-provider-openstack/openstack"
+      version = "1.46.0"
+    }
+  }
+}
+
+provider "openstack" {
+}

ISEN/Cloud Computing/CIPA4/TP Terraform/103/terraform.tfstate.backup

@@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.11.3","serial":8,"lineage":"8a36cce1-b773-066c-ffec-b231f04cc7f7","outputs":{},"resources":[],"check_results":null}

ISEN/Cloud Computing/CIPA4/TP Terraform/104/install-demo-flask.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+apt-get update
+apt-get -y install python3-pip git python3-venv
+git clone https://github.com/arnaudmorin/demo-flask /opt/demo-flask
+python3 -m venv /opt/demo-flask-venv
+/opt/demo-flask-venv/bin/pip install -r /opt/demo-flask/requirements.txt
+sed -i -r 's|^python3|/opt/demo-flask-venv/bin/python|' /opt/demo-flask/start.sh
+cp /opt/demo-flask/demo-flask.service /etc/systemd/system/
+systemctl enable demo-flask.service
+systemctl daemon-reload
+systemctl start demo-flask.service

ISEN/Cloud Computing/CIPA4/TP Terraform/104/install-nginx.sh.tpl

@@ -0,0 +1,18 @@
+#!/bin/bash
+apt-get update
+apt-get install -y nginx python3-certbot-nginx certbot
+cat <<EOF > /etc/nginx/sites-enabled/default
+server {
+ listen 80;
+ server_name ${frontend}.xip.opensteak.fr;
+ listen [::]:80;
+ access_log /var/log/nginx/reverse-access.log;
+ error_log /var/log/nginx/reverse-error.log;
+ location / { proxy_pass http://${backend}:8080; }
+}
+EOF
+
+systemctl restart nginx
+
+# certbot
+certbot run --agree-tos --register-unsafely-without-email --non-interactive --nginx --redirect --domain ${frontend}.xip.opensteak.fr

ISEN/Cloud Computing/CIPA4/TP Terraform/104/main.tf

@@ -0,0 +1,184 @@
+resource "kubernetes_config_map" "nginx-config" {
+  metadata {
+    name = "nginx-config"
+  }
+
+  data = {
+    "nginx.conf" = <<EOF
+events {}
+
+http {
+  server {
+    listen 80;
+    location / {
+      proxy_pass http://demo-flask:8080;
+    }
+  }
+}
+EOF
+  }
+}
+
+resource "kubernetes_deployment" "demo-flask" {
+  metadata {
+    name = "demo-flask"
+  }
+
+  spec {
+    replicas = 1
+
+    selector {
+      match_labels = {
+        app = "demo-flask"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+          app = "demo-flask"
+        }
+      }
+
+      spec {
+        container {
+          image = "arnaudmorin/demo-flask:latest"
+          name  = "demo-flask"
+
+          port {
+            container_port = 8080
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "demo-flask" {
+  metadata {
+    name = "demo-flask"
+  }
+
+  spec {
+    selector = {
+      app = "demo-flask"
+    }
+
+    port {
+      port        = 8080
+      target_port = 8080
+    }
+
+    type = "ClusterIP"
+  }
+}
+
+resource "kubernetes_deployment" "nginx-frontend" {
+  metadata {
+    name = "nginx-frontend"
+  }
+
+  spec {
+    replicas = 1
+
+    selector {
+      match_labels = {
+        app = "nginx-frontend"
+      }
+    }
+
+    template {
+      metadata {
+        labels = {
+          app = "nginx-frontend"
+        }
+      }
+
+      spec {
+        container {
+          image = "nginx:latest"
+          name  = "nginx"
+
+          port {
+            container_port = 80
+          }
+
+          volume_mount {
+            name       = "nginx-config"
+            mount_path = "/etc/nginx/nginx.conf"
+            sub_path   = "nginx.conf"
+          }
+        }
+
+        volume {
+          name = "nginx-config"
+          config_map {
+            name = "nginx-config"
+          }
+        }
+      }
+    }
+  }
+}
+
+resource "kubernetes_service" "nginx-frontend" {
+  metadata {
+    name = "nginx-frontend"
+  }
+
+  spec {
+    selector = {
+      app = "nginx-frontend"
+    }
+
+    port {
+      port        = 80
+      target_port = 80
+    }
+
+    type = "LoadBalancer"
+  }
+
+  wait_for_load_balancer = false
+}
+
+resource "kubernetes_ingress_v1" "frontend" {
+  metadata {
+    name = "frontend"
+    annotations = {
+      "cert-manager.io/cluster-issuer" = "letsencrypt-prod"
+    }
+  }
+
+  spec {
+    tls {
+      secret_name = "frontend-tls"
+      hosts       = ["135.125.246.84.xip.opensteak.fr"]
+    }
+
+    rule {
+      host = "135.125.246.84.xip.opensteak.fr"
+      http {
+        path {
+          path = "/"
+          backend {
+            service {
+              name = "nginx-frontend"
+              port {
+                number = 80
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
+
+output "demo-flask-url" {
+  value = "http://${kubernetes_service.demo-flask.metadata[0].name}:8080"
+}
+
+output "nginx-url" {
+  value = "https://135.125.246.84.xip.opensteak.fr/"
+}

ISEN/Cloud Computing/CIPA4/TP Terraform/104/provider.tf

@@ -0,0 +1,12 @@
+terraform {
+  required_providers {
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = "~> 2.0"
+    }
+  }
+}
+
+provider "kubernetes" {
+  config_path = "/etc/rancher/k3s/k3s.yaml"
+}

ISEN/Cloud Computing/CIPA4/TP Terraform/104/terraform.tfstate

@@ -0,0 +1 @@
+{"version":4,"terraform_version":"1.11.3","serial":9,"lineage":"1e00b2ad-aaa2-a943-0d6a-6829699d32aa","outputs":{},"resources":[],"check_results":null}