change network routing and add s3

01-network.tf

@@ -1,5 +1,5 @@
 // ------- project 1 - landingzone ------------
-
+// This file defines the network setup for the first project landingzone.
 resource "stackit_network" "wan_network" {
   project_id          = module.project.project_info["project1"].project_id
   name                = "wan_network"
@@ -14,7 +14,7 @@ resource "stackit_network" "lan_network1" {
   name               = "lan_network1"
   ipv4_prefix_length = 24
   ipv4_prefix        = "10.220.1.0/24"
-  routed              = false
+  routed              = true
 }
 
 resource "stackit_network" "lan_network2" {
@@ -22,7 +22,7 @@ resource "stackit_network" "lan_network2" {
   name               = "lan_network2"
   ipv4_prefix_length = 24
   ipv4_prefix        = "10.220.2.0/24"
-  routed              = false
+  routed              = true
 }
 
 resource "stackit_network" "lan_network3" {
@@ -64,13 +64,14 @@ resource "stackit_network_interface" "lan3" {
 }
 
 # ---------- project 2 core ------------------
+// This file defines the network setup for the second project (core).
 
 resource "stackit_network" "p2_lan_network1" {
   project_id         = module.project.project_info["project2"].project_id
   name               = "p2_lan_network"
   ipv4_prefix_length = 24
   ipv4_prefix        = "10.220.5.0/24"
-  routed              = false
+  routed              = true
 }
 
 resource "stackit_network_interface" "p2_lan1" {
@@ -81,15 +82,39 @@ resource "stackit_network_interface" "p2_lan1" {
   security_group_ids = [ stackit_security_group.example.security_group_id ]
 }
 
+resource "stackit_network" "p2_wan_network1" {
+  project_id         = module.project.project_info["project2"].project_id
+  name               = "wan"
+  ipv4_prefix_length = 24
+  ipv4_prefix        = "10.220.6.0/24"
+  routed              = true
+}
 
+resource "stackit_network_interface" "p2_wan_interface1" {
+  project_id         = module.project.project_info["project2"].project_id
+  network_id         = stackit_network.p2_wan_network1.network_id
+  security           = false
+  name              = "wan_if"
+}
+
+
+// ---------- public IPs ------------------
+// This file defines the public IPs for the projects.
 resource "stackit_public_ip" "wan_ip" {
   project_id           = module.project.project_info["project1"].project_id
   network_interface_id = stackit_network_interface.wan.network_interface_id
 }
 
+resource "stackit_public_ip" "wan_server" {
+  project_id           = module.project.project_info["project2"].project_id
+  network_interface_id = stackit_network_interface.p2_wan_interface1.network_interface_id
+}
+
+// Output the public IPs for both projects
 output "public_ips" {
   value = {
     "wan_ip"   = stackit_public_ip.wan_ip.ip
+    "wan_server"   = stackit_public_ip.wan_server.ip
   }
 }
 

03-pfSense-appliance.tf

@@ -1,3 +1,4 @@
+// This file is part of the STACKIT Terraform module for deploying a pfSense appliance.
 resource "stackit_volume" "pfsense_vol" {
   project_id        = module.project.project_info["project1"].project_id
   name              = "pfsense-2.7.2-root"

04-attachment.tf

@@ -1,3 +1,5 @@
+
+// Attach network interfaces to the pfSense server without recreating the server
 resource "stackit_server_network_interface_attach" "nic-attachment-lan1" {
   project_id           = module.project.project_info["project1"].project_id
   server_id            = stackit_server.pfsense_appliance.server_id

05-server.tf

@@ -1,3 +1,4 @@
+// create the server in the second project (core)
 resource "stackit_volume" "example_vol" {
   project_id        = module.project.project_info["project2"].project_id
   name              = "example_root"
@@ -19,12 +20,12 @@ resource "stackit_server" "dev_server" {
   }
   availability_zone = var.region_az1
   machine_type      = var.flavor
-  network_interfaces = [stackit_network_interface.p2_lan1.network_interface_id]
+  network_interfaces = [stackit_network_interface.p2_wan_interface1.network_interface_id, stackit_network_interface.p2_lan1.network_interface_id ]
   keypair_name = stackit_key_pair.keypair.name
 }
 
 data "stackit_image" "debian" {
   project_id = module.project.project_info["project2"].project_id
-  image_id   = "d1151962-f2cd-45e6-9c67-185c5055c7e0"
+  image_id   = "d1151962-f2cd-45e6-9c67-185c5055c7e0" // Debian 12 (Bookworm) x86_64
 }
 

06-security-group.tf

@@ -1,3 +1,5 @@
+
+// Security Group and Security Group Rules
 resource "stackit_security_group" "example" {
   project_id = module.project.project_info["project2"].project_id
   name       = "test"

80-keypair.tf

@@ -1,5 +1,6 @@
+// keypair adding to the server
 resource "stackit_key_pair" "keypair" {
-  name       = "msodan2"
+  name       = "pubkeyforauth"
   public_key = chomp(file("/Users/sodan/.ssh/id_ed25519.pub"))
 }
 

99-variables.tf

@@ -1,4 +1,4 @@
-# -- network variables
+# --  variables
 variable "organization_id" {
   default = "03a34540-3c1a-4794-b2c6-7111ecf824ef"
 }

project/01-sna.tf

@@ -1,25 +1,27 @@
-resource "time_sleep" "wait_before_destroy" {
+/* resource "time_sleep" "wait_before_destroy" {
   destroy_duration = "60s"
 }
+*/
 
 resource "stackit_network_area" "sna" {
   organization_id = var.organization_id
-  name            = "landingzone_sna"
+  name            = "project_sna"
   network_ranges = [
     {
       prefix = "10.220.0.0/16"
     }
   ]
   transfer_network = "172.16.9.0/24"
-  depends_on = [time_sleep.wait_before_destroy]
+  //depends_on = [time_sleep.wait_before_destroy]
 }
 
-resource "stackit_network_area_route" "sna_route1" {
+/* resource "stackit_network_area_route" "sna_route1" {
   organization_id = var.organization_id
   network_area_id = stackit_network_area.sna.network_area_id
-  prefix          = "10.220.5.0/24"
+  prefix          = "10.220.99.0/24"
   next_hop        = "10.220.0.0"
   labels = {
     "key" = "value"
   }
 }
+*/

project/99-variables.tf

@@ -1,4 +1,4 @@
-# -- network variables
+# -- variables
 variable "organization_id" {
   default = "03a34540-3c1a-4794-b2c6-7111ecf824ef"
 }