terraform-paloalto-ha/01-network.tf

resource "stackit_network" "mgmt_network" {
  project_id          = module.project.project_info["project_id"]
  name                = "mgmt_network"
  ipv4_nameservers    = ["1.1.1.1", "8.8.8.8"]
  ipv4_prefix         = "10.220.129.0/24"
  routed              = true
}

resource "stackit_network" "ha_network" {
  project_id         = module.project.project_info["project_id"]
  name               = "ha_network"
  ipv4_prefix        = "10.220.254.0/24"
  routed              = false
}

resource "stackit_network" "wan_network" {
  project_id          = module.project.project_info["project_id"]
  name                = "wan_network"
  ipv4_nameservers    = ["1.1.1.1", "8.8.8.8"]
  ipv4_prefix         = "10.220.131.0/24"
  routed              = true
}


resource "stackit_network" "lan_network1" {
  project_id         = module.project.project_info["project_id"]
  name               = "lan_network1"
  ipv4_prefix        = "10.220.1.0/24"
  routed              = false
}

resource "stackit_network" "lan_network2" {
  project_id         = module.project.project_info["project_id"]
  name               = "lan_network2"
  ipv4_prefix        = "10.220.2.0/24"
  routed              = false
}

resource "stackit_network_interface" "mgmt" {
  project_id        = module.project.project_info["project_id"]
  network_id        = stackit_network.mgmt_network.network_id
  security          = false
  name              = "MGMT"
  ipv4              = "10.220.129.17"
}

resource "stackit_network_interface" "ha" {
  project_id         = module.project.project_info["project_id"]
  network_id         = stackit_network.ha_network.network_id
  security           = false
  name              = "HA"
  ipv4              = "10.220.254.100"
}
resource "stackit_network_interface" "wan" {
  project_id        = module.project.project_info["project_id"]
  network_id        = stackit_network.wan_network.network_id
  security          = true
  name              = "MGMT"
  ipv4              = "10.220.131.10"
  allowed_addresses  = ["10.220.131.30/32", "0.0.0.0/0"]
  security_group_ids = [stackit_security_group.paloalto.security_group_id]

}

resource "stackit_network_interface" "mgmt2" {
  project_id        = module.project.project_info["project_id"]
  network_id        = stackit_network.mgmt_network.network_id
  security          = false
  name              = "MGMT2"
  ipv4              = "10.220.129.18"
}

resource "stackit_network_interface" "ha2" {
  project_id         = module.project.project_info["project_id"]
  network_id         = stackit_network.ha_network.network_id
  security           = false
  name              = "HA2"
  ipv4              = "10.220.254.200"
}
resource "stackit_network_interface" "wan2" {
  project_id        = module.project.project_info["project_id"]
  network_id        = stackit_network.wan_network.network_id
  security          = true
  name              = "WAN2"
  allowed_addresses  = ["10.220.131.30/32", "0.0.0.0/0"]
  security_group_ids = [stackit_security_group.paloalto.security_group_id]
}

resource "stackit_network_interface" "vip" {
  project_id        = module.project.project_info["project_id"]
  network_id        = stackit_network.wan_network.network_id
  security          = false
  name              = "VIP"
  ipv4              = "10.220.131.30"
}

resource "stackit_network_interface" "lan1" {
  project_id         = module.project.project_info["project_id"]
  network_id         = stackit_network.lan_network1.network_id
  security           = false
  name              = "LAN1"
}
resource "stackit_network_interface" "lan1_2" {
  project_id         = module.project.project_info["project_id"]
  network_id         = stackit_network.lan_network1.network_id
  security           = false
  name              = "LAN1"
}

resource "stackit_network_interface" "lan2" {
  project_id         = module.project.project_info["project_id"]
  network_id         = stackit_network.lan_network2.network_id
  security           = false
  name              = "LAN2"
}
resource "stackit_network_interface" "lan2_2" {
  project_id         = module.project.project_info["project_id"]
  network_id         = stackit_network.lan_network2.network_id
  security           = false
  name              = "LAN2"
}

resource "stackit_public_ip" "mgmt_ip" {
  project_id           = module.project.project_info["project_id"]
  network_interface_id = stackit_network_interface.mgmt.network_interface_id
}

resource "stackit_public_ip" "wan_ip" {
  project_id           = module.project.project_info["project_id"]
  network_interface_id = stackit_network_interface.wan.network_interface_id
}


resource "stackit_public_ip" "mgmt2_ip" {
  project_id           = module.project.project_info["project_id"]
  network_interface_id = stackit_network_interface.mgmt2.network_interface_id
}

resource "stackit_public_ip" "wan2_ip" {
  project_id           = module.project.project_info["project_id"]
  network_interface_id = stackit_network_interface.wan2.network_interface_id
}

resource "stackit_public_ip" "vip_ip" {
  project_id           = module.project.project_info["project_id"]
  network_interface_id = stackit_network_interface.vip.network_interface_id
}

output "public_ips" {
  value = {
    "mgmt_ip"  = stackit_public_ip.mgmt_ip.ip
    "wan_ip"   = stackit_public_ip.wan_ip.ip
    "mgmt2_ip" = stackit_public_ip.mgmt2_ip.ip
    "wan2_ip"  = stackit_public_ip.wan2_ip.ip
    "VIP"      = stackit_public_ip.vip_ip.ip
  }
}