From efbd7a24e89693079661b2dbf5709be5d8562adc Mon Sep 17 00:00:00 2001
From: Dmitry Dunaev <dmitry@opsfleet.com>
Date: Mon, 19 Dec 2022 18:02:50 +0100
Subject: [PATCH] [WIFI-10965] Add: second managed freeradius server

Signed-off-by: Dmitry Dunaev <dmitry@opsfleet.com>
---
 .../cloudsdk_cicd/ansible/freeradius.yml      |  2 +-
 .../cloudsdk_cicd/ansible/hosts.yml           | 12 +++--
 .../cloudsdk_cicd/instance_freeradius.tf      | 48 ++++++++++++++++---
 .../templates/ansible_inventory.yml.tpl       | 12 +++--
 4 files changed, 60 insertions(+), 14 deletions(-)

diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/ansible/freeradius.yml b/terraform/wifi-289708231103/cloudsdk_cicd/ansible/freeradius.yml
index d1cdfd1..a188182 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/ansible/freeradius.yml
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/ansible/freeradius.yml
@@ -1,4 +1,4 @@
-- hosts: freeradius_qa
+- hosts: managed_freeradius
   become: true
   gather_facts: true
   roles:
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/ansible/hosts.yml b/terraform/wifi-289708231103/cloudsdk_cicd/ansible/hosts.yml
index f5c3389..160bf97 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/ansible/hosts.yml
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/ansible/hosts.yml
@@ -1,8 +1,14 @@
 all:
+  children:
+    managed_freeradius:
+      hosts:
+        freeradius:
+          ansible_host: 18.189.85.200
+          ansible_user: ubuntu
+        freeradius_proxy:
+          ansible_host: 3.129.115.170
+          ansible_user: ubuntu
   hosts:
-    freeradius:
-      ansible_host: 18.189.85.200
-      ansible_user: ubuntu
     freeradius_qa:
       ansible_host: 3.20.165.131
       ansible_user: ubuntu
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/instance_freeradius.tf b/terraform/wifi-289708231103/cloudsdk_cicd/instance_freeradius.tf
index fc3f718..8951d97 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/instance_freeradius.tf
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/instance_freeradius.tf
@@ -66,20 +66,54 @@ output "wlan_freeradius_qa_instance" {
   value = aws_eip.wlan_freeradius_qa.public_ip
 }
 
+# This instance is required for OWGW radius proxy testing and was created for WIFI-10965 task
+resource "aws_instance" "wlan_freeradius_proxy" {
+  ami                    = "ami-00399ec92321828f5" # Ubuntu 20.04 amd64
+  instance_type          = "t2.micro"
+  subnet_id              = module.vpc_main.public_subnets[1]
+  vpc_security_group_ids = [aws_security_group.wlan.id]
+  key_name               = aws_key_pair.dunaev_wifi_3714.id
+
+  lifecycle {
+    ignore_changes = [ami]
+  }
+
+  root_block_device {
+    delete_on_termination = true
+  }
+
+  tags = merge({
+    "Name" : "${var.org}-${var.project}-${var.env} FreeRADIUS server for OWGW radius proxy (WIFI-10965)"
+  }, local.common_tags)
+}
+
+resource "aws_eip" "wlan_freeradius_proxy" {
+  vpc      = true
+  instance = aws_instance.wlan_freeradius_proxy.id
+  tags     = local.common_tags
+}
+
+output "wlan_freeradius_instance_proxy" {
+  value = aws_eip.wlan_freeradius_proxy.public_ip
+}
+
+# Generated Ansible hosts file
 resource "null_resource" "ansible_inventory_generate" {
   triggers = {
-    freeradius_instance_arn    = aws_instance.wlan_freeradius.arn
-    freeradius_eip_id          = aws_eip.wlan_freeradius.id
-    freeradius_qa_instance_arn = aws_instance.wlan_freeradius_qa.arn
-    freeradius_qa_eip_id       = aws_eip.wlan_freeradius_qa.id
-    demo_instance_arn          = aws_instance.wlan_demo.arn
-    demo_eip_id                = aws_eip.wlan_demo.id
+    freeradius_instance_arn       = aws_instance.wlan_freeradius.arn
+    freeradius_eip_id             = aws_eip.wlan_freeradius.id
+    freeradius_qa_instance_arn    = aws_instance.wlan_freeradius_qa.arn
+    freeradius_qa_eip_id          = aws_eip.wlan_freeradius_qa.id
+    demo_instance_arn             = aws_instance.wlan_demo.arn
+    demo_eip_id                   = aws_eip.wlan_demo.id
+    freeradius_proxy_instance_arn = aws_instance.wlan_freeradius.arn
+    freeradius_proxy_eip_id       = aws_eip.wlan_freeradius.id
   }
 
   # Generate Ansible inventory file
   provisioner "local-exec" {
     command = <<-EOA
-    echo "${templatefile("${path.module}/templates/ansible_inventory.yml.tpl", { freeradius_eip = aws_eip.wlan_freeradius, freeradius_eip_qa = aws_eip.wlan_freeradius_qa, demo_eip = aws_eip.wlan_demo })}" > ansible/hosts.yml
+    echo "${templatefile("${path.module}/templates/ansible_inventory.yml.tpl", { freeradius_eip = aws_eip.wlan_freeradius, freeradius_eip_qa = aws_eip.wlan_freeradius_qa, demo_eip = aws_eip.wlan_demo, freeradius_proxy_eip = aws_eip.wlan_freeradius_proxy })}" > ansible/hosts.yml
     EOA
   }
 }
diff --git a/terraform/wifi-289708231103/cloudsdk_cicd/templates/ansible_inventory.yml.tpl b/terraform/wifi-289708231103/cloudsdk_cicd/templates/ansible_inventory.yml.tpl
index 3091aa6..b8b0714 100644
--- a/terraform/wifi-289708231103/cloudsdk_cicd/templates/ansible_inventory.yml.tpl
+++ b/terraform/wifi-289708231103/cloudsdk_cicd/templates/ansible_inventory.yml.tpl
@@ -1,8 +1,14 @@
 all:
+  children:
+    managed_freeradius:
+      hosts:
+        freeradius:
+          ansible_host: ${freeradius_eip.public_ip}
+          ansible_user: ubuntu
+        freeradius_proxy:
+          ansible_host: ${freeradius_proxy_eip.public_ip}
+          ansible_user: ubuntu
   hosts:
-    freeradius:
-      ansible_host: ${freeradius_eip.public_ip}
-      ansible_user: ubuntu
     freeradius_qa:
       ansible_host: ${freeradius_eip_qa.public_ip}
       ansible_user: ubuntu