fix: allow passing an IPv6 prefix (#10)

The IPv6 support we have added in #5 is broken. IPv6 must be configured on the VM instances directly. To do so, we allow passing an IPv6 prefix id that the individual VMs can then allocate from.

Author: thomaseizinger

main.tf

@@ -30,12 +30,18 @@ resource "azurerm_orchestrated_virtual_machine_scale_set" "firezone" {
     }
 
     dynamic "ip_configuration" {
-      for_each = var.private_subnet_ipv6 != null ? [1] : []
+      for_each = var.public_ipv6_prefix != null ? [1] : []
       content {
         name      = "internal-ipv6"
         primary   = false
-        subnet_id = var.private_subnet_ipv6
+        subnet_id = var.private_subnet
         version   = "IPv6"
+        public_ip_address {
+          name                = "public-ipv6"
+          version             = "IPv6"
+          public_ip_prefix_id = var.public_ipv6_prefix
+          sku_name            = "Standard_Regional"
+        }
       }
     }
   }

variables.tf

@@ -73,12 +73,12 @@ variable "firezone_api_url" {
 }
 
 variable "private_subnet" {
-  description = "The private IPv4 subnet ID"
+  description = "The private subnet ID"
   type        = string
 }
 
-variable "private_subnet_ipv6" {
-  description = "The private IPv6 subnet ID"
+variable "public_ipv6_prefix" {
+  description = "The public IPv6 prefix to use"
   type        = string
   default     = null
 }