wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-04-22 17:17:14 +02:00
Code Issues Projects Releases Wiki Activity
algo/roles/cloud-azure/files/deployment.json
Peter Gardfjäll 9ef093976b
Make Azure OS disk type configurable and default to a cheaper type (#14533) 
* add azure option for osDiskType

* azure: change default image to minimal ubuntu
2022-10-30 13:35:44 +03:00

225 lines
6.7 KiB
JSON
Raw Permalink Blame History

{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json",
"contentVersion": "1.0.0.0",
"parameters": {
"sshKeyData": {
"type": "string"
},
"WireGuardPort": {
"type": "int"
},
"vmSize": {
"type": "string"
},
"imageReferencePublisher": {
"type": "string"
},
"imageReferenceOffer": {
"type": "string"
},
"imageReferenceSku": {
"type": "string"
},
"imageReferenceVersion": {
"type": "string"
},
"osDiskType": {
"type": "string"
},
"SshPort": {
"type": "int"
},
"UserData": {
"type": "string"
}
},
"variables": {
"vnetID": "[resourceId('Microsoft.Network/virtualNetworks', resourceGroup().name)]",
"subnet1Ref": "[concat(variables('vnetID'),'/subnets/', resourceGroup().name)]"
},
"resources": [
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkSecurityGroups",
"name": "[resourceGroup().name]",
"location": "[resourceGroup().location]",
"properties": {
"securityRules": [
{
"name": "AllowSSH",
"properties": {
"description": "Allow SSH",
"protocol": "Tcp",
"sourcePortRange": "*",
"destinationPortRange": "[parameters('SshPort')]",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 100,
"direction": "Inbound"
}
},
{
"name": "AllowIPSEC500",
"properties": {
"description": "Allow UDP to port 500",
"protocol": "Udp",
"sourcePortRange": "*",
"destinationPortRange": "500",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 110,
"direction": "Inbound"
}
},
{
"name": "AllowIPSEC4500",
"properties": {
"description": "Allow UDP to port 4500",
"protocol": "Udp",
"sourcePortRange": "*",
"destinationPortRange": "4500",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 120,
"direction": "Inbound"
}
},
{
"name": "AllowWireGuard",
"properties": {
"description": "Locks inbound down to ssh default port 22.",
"protocol": "Udp",
"sourcePortRange": "*",
"destinationPortRange": "[parameters('WireGuardPort')]",
"sourceAddressPrefix": "*",
"destinationAddressPrefix": "*",
"access": "Allow",
"priority": 130,
"direction": "Inbound"
}
}
]
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/publicIPAddresses",
"name": "[resourceGroup().name]",
"location": "[resourceGroup().location]",
"properties": {
"publicIPAllocationMethod": "Static"
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/virtualNetworks",
"name": "[resourceGroup().name]",
"location": "[resourceGroup().location]",
"properties": {
"addressSpace": {
"addressPrefixes": [
"10.10.0.0/16"
]
},
"subnets": [
{
"name": "[resourceGroup().name]",
"properties": {
"addressPrefix": "10.10.0.0/24"
}
}
]
}
},
{
"apiVersion": "2015-06-15",
"type": "Microsoft.Network/networkInterfaces",
"name": "[resourceGroup().name]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/networkSecurityGroups/', resourceGroup().name)]",
"[concat('Microsoft.Network/publicIPAddresses/', resourceGroup().name)]",
"[concat('Microsoft.Network/virtualNetworks/', resourceGroup().name)]"
],
"properties": {
"networkSecurityGroup": {
"id": "[resourceId('Microsoft.Network/networkSecurityGroups', resourceGroup().name)]"
},
"ipConfigurations": [
{
"name": "ipconfig1",
"properties": {
"privateIPAllocationMethod": "Dynamic",
"publicIPAddress": {
"id": "[resourceId('Microsoft.Network/publicIPAddresses', resourceGroup().name)]"
},
"subnet": {
"id": "[variables('subnet1Ref')]"
}
}
}
]
}
},
{
"apiVersion": "2016-04-30-preview",
"type": "Microsoft.Compute/virtualMachines",
"name": "[resourceGroup().name]",
"location": "[resourceGroup().location]",
"dependsOn": [
"[concat('Microsoft.Network/networkInterfaces/', resourceGroup().name)]"
],
"properties": {
"hardwareProfile": {
"vmSize": "[parameters('vmSize')]"
},
"osProfile": {
"computerName": "[resourceGroup().name]",
"customData": "[parameters('UserData')]",
"adminUsername": "algo",
"linuxConfiguration": {
"disablePasswordAuthentication": true,
"ssh": {
"publicKeys": [
{
"path": "/home/algo/.ssh/authorized_keys",
"keyData": "[parameters('sshKeyData')]"
}
]
}
}
},
"storageProfile": {
"imageReference": {
"publisher": "[parameters('imageReferencePublisher')]",
"offer": "[parameters('imageReferenceOffer')]",
"sku": "[parameters('imageReferenceSku')]",
"version": "[parameters('imageReferenceVersion')]"
},
"osDisk": {
"createOption": "FromImage",
"managedDisk": {
"storageAccountType": "[parameters('osDiskType')]"
}
}
},
"networkProfile": {
"networkInterfaces": [
{
"id": "[resourceId('Microsoft.Network/networkInterfaces', resourceGroup().name)]"
}
]
}
}
}
],
"outputs": {
"publicIPAddresses": {
"type": "string",
"value": "[reference(resourceId('Microsoft.Network/publicIPAddresses',resourceGroup().name),providers('Microsoft.Network', 'publicIPAddresses').apiVersions[0]).ipAddress]",
}
}
}
Reference in a new issue View git blame Copy permalink