sophos-iaas-review/06-sophos-appliance2.tf

# -----------------------------------------------------------------------------
# Volumes Sophos 2
# -----------------------------------------------------------------------------
resource "stackit_volume" "sophos_primary_vol2" {
  project_id        = var.project_id
  name              = "sophos-primary-disk2"
  availability_zone = var.default_az
  size              = 150 
  performance_class = "storage_premium_perf4"
  source = {
    id    = stackit_image.sophos_primary_image.image_id
    type  = "image"
  }
}

resource "stackit_volume" "sophos_data_vol2" {
  project_id        = var.project_id
  name              = "sophos-data-disk2"
  availability_zone = var.default_az
  size              = 100 
  performance_class = "storage_premium_perf4"
  source = {
    id    = stackit_image.sophos_secondary_image.image_id
    type  = "image"
  }
}

# -----------------------------------------------------------------------------
# Sophos VM 2 
# -----------------------------------------------------------------------------

resource "stackit_server" "sophos_appliance2" {
  project_id      = var.project_id
  name            = "Sophos-Appliance2"
  boot_volume = {
    source_type   = "volume"
    source_id     = stackit_volume.sophos_primary_vol2.volume_id
  }
  availability_zone = var.default_az
  machine_type      = var.flavor
}

resource "stackit_server_volume_attach" "sophos_data_attachment2" {
  project_id   = var.project_id
  server_id    = stackit_server.sophos_appliance2.server_id 
  volume_id    = stackit_volume.sophos_data_vol2.volume_id
  depends_on = [ stackit_server.sophos_appliance2 ] 
}

# -----------------------------------------------------------------------------
# Interfaces Sophos 2
# -----------------------------------------------------------------------------

resource "stackit_network_interface" "nic_mgmt_sophos2" {
  project_id = var.project_id
  network_id = stackit_network.sophos_mgmt_net.network_id
  name       = "nic_mgmt_sophos2"
  security   = false
  ipv4       = var.sophos2_mgmt_ip
}

resource "stackit_network_interface" "nic_wan_sophos2" {
  project_id         = var.project_id
  network_id         = stackit_network.sophos_wan_net.network_id
  security           = true
  name               = "nic_wan_sophos2"
  allowed_addresses  = ["${stackit_network_interface.vip.ipv4}/32", "0.0.0.0/0"]
  security_group_ids = [stackit_security_group.sophos.security_group_id]
  ipv4               = var.sophos2_wan_ip
}

resource "stackit_network_interface" "nic_lan_sophos2" {
  project_id = var.project_id
  network_id = stackit_network.sophos_lan_net.network_id
  security   = false
  name       = "nic_lan_sophos2"
  ipv4       = var.sophos2_lan_ip
}

resource "stackit_network_interface" "nic_sync_sophos2" {
  project_id = var.project_id
  network_id = stackit_network.sophos_sync_net.network_id
  security   = false
  #security_group_ids = [ stackit_security_group.sophos.security_group_id ]
  name       = "nic_sync_sophos2"
}

# -----------------------------------------------------------------------------
# Interface Attachements 2
# -----------------------------------------------------------------------------

resource "stackit_server_network_interface_attach" "nic-attachment-mgmt2" {
  project_id           = var.project_id
  server_id            = stackit_server.sophos_appliance2.server_id
  network_interface_id = stackit_network_interface.nic_mgmt_sophos2.network_interface_id
}

resource "stackit_server_network_interface_attach" "nic-attachment-wan2" {
  project_id           = var.project_id
  server_id            = stackit_server.sophos_appliance2.server_id
  network_interface_id = stackit_network_interface.nic_wan_sophos2.network_interface_id
  depends_on           = [stackit_server_network_interface_attach.nic-attachment-mgmt2]
}

resource "stackit_server_network_interface_attach" "nic-attachment-lan2" {
  project_id           = var.project_id
  server_id            = stackit_server.sophos_appliance2.server_id
  network_interface_id = stackit_network_interface.nic_lan_sophos2.network_interface_id
  depends_on           = [stackit_server_network_interface_attach.nic-attachment-wan2]
}

resource "stackit_server_network_interface_attach" "nic-attachment-sync2" {
  project_id           = var.project_id
  server_id            = stackit_server.sophos_appliance2.server_id
  network_interface_id = stackit_network_interface.nic_sync_sophos2.network_interface_id
  depends_on           = [stackit_server_network_interface_attach.nic-attachment-lan2]
}