2019-05-28 12:33:58 -04:00
|
|
|
/* DERIVED --------------------------------------*/
|
|
|
|
|
|
|
|
|
|
provider "aws" {
|
|
|
|
|
region = "us-east-1"
|
|
|
|
|
access_key = "${var.aws_access_key}"
|
|
|
|
|
secret_key = "${var.aws_secret_key}"
|
2019-07-29 10:35:40 -04:00
|
|
|
version = "<= 2.20.0"
|
2019-05-28 12:33:58 -04:00
|
|
|
}
|
|
|
|
|
|
2019-05-28 14:51:33 -04:00
|
|
|
provider "gandi" {
|
2019-07-29 16:52:10 -04:00
|
|
|
key = "${var.gandi_api_token}"
|
|
|
|
|
version = "<= 1.0.1"
|
2019-05-28 14:51:33 -04:00
|
|
|
}
|
|
|
|
|
|
2019-05-28 12:33:58 -04:00
|
|
|
/* DATA -----------------------------------------*/
|
|
|
|
|
|
2019-05-28 12:50:35 -04:00
|
|
|
terraform {
|
|
|
|
|
backend "s3" {
|
2019-07-29 16:52:10 -04:00
|
|
|
bucket = "dapps-terraform-state"
|
|
|
|
|
key = "infra-dapps"
|
|
|
|
|
region = "us-east-1"
|
|
|
|
|
encrypt = true
|
2019-05-28 12:50:35 -04:00
|
|
|
}
|
|
|
|
|
}
|
2019-05-28 12:33:58 -04:00
|
|
|
|
|
|
|
|
/* INVENTORY ------------------------------------*/
|
|
|
|
|
|
|
|
|
|
resource "aws_s3_bucket" "tf-state" {
|
|
|
|
|
bucket = "dapps-terraform-state"
|
|
|
|
|
acl = "private"
|
|
|
|
|
|
|
|
|
|
tags = {
|
|
|
|
|
Name = "Terraform State Store"
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-31 11:36:28 -04:00
|
|
|
policy = "${file("files/s3-policy.json")}"
|
2019-05-28 12:33:58 -04:00
|
|
|
|
|
|
|
|
versioning {
|
|
|
|
|
enabled = true
|
|
|
|
|
}
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-05-28 12:33:58 -04:00
|
|
|
lifecycle {
|
|
|
|
|
prevent_destroy = true
|
|
|
|
|
}
|
|
|
|
|
}
|
2019-07-25 12:53:20 -04:00
|
|
|
|
2019-07-25 13:14:50 -04:00
|
|
|
/* Gandi DNS ------------------------------------*/
|
|
|
|
|
|
|
|
|
|
resource "gandi_zone" "dap_ps_zone" {
|
|
|
|
|
name = "${var.public_domain} zone"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "gandi_domainattachment" "dap_ps" {
|
|
|
|
|
domain = "${var.public_domain}"
|
|
|
|
|
zone = "${gandi_zone.dap_ps_zone.id}"
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-25 17:05:05 -04:00
|
|
|
/* ACCESS ---------------------------------------*/
|
|
|
|
|
|
|
|
|
|
resource "aws_key_pair" "admin" {
|
|
|
|
|
key_name = "admin-key"
|
|
|
|
|
public_key = "${file("files/admin.pub")}"
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-25 12:53:20 -04:00
|
|
|
/* ENVIRONMENTS ---------------------------------*/
|
|
|
|
|
|
2019-07-29 16:52:10 -04:00
|
|
|
locals {
|
|
|
|
|
dev_env = {
|
|
|
|
|
/* WARNING EB forces PORT 8081 */
|
|
|
|
|
ENVIRONMENT = "DEV"
|
2019-07-29 11:00:31 -04:00
|
|
|
RATE_LIMIT_TIME = 15
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-07-29 11:00:31 -04:00
|
|
|
/* Access */
|
2019-07-29 16:52:10 -04:00
|
|
|
ADMIN_USER = "${var.dap_ps_admin_user}"
|
|
|
|
|
ADMIN_PASSWORD = "${var.dap_ps_admin_pass}"
|
|
|
|
|
|
2019-07-29 17:10:36 -04:00
|
|
|
/* Database */
|
|
|
|
|
DB_CONNECTION = "${var.dap_ps_db_uri}"
|
|
|
|
|
|
2019-07-29 11:00:31 -04:00
|
|
|
/* BlockChain */
|
2019-07-29 16:52:10 -04:00
|
|
|
BLOCKCHAIN_CONNECTION_POINT = "wss://ropsten.infura.io/ws/v3/8675214b97b44e96b70d05326c61fd6a"
|
|
|
|
|
DISCOVER_CONTRACT = "0x17e7a7330d23fc6a2ab8578a627408f815396662"
|
2019-07-29 11:00:31 -04:00
|
|
|
MAX_REQUESTS_FOR_RATE_LIMIT_TIME = 1
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-07-29 11:00:31 -04:00
|
|
|
/* IPFS */
|
2019-07-29 16:52:10 -04:00
|
|
|
IPFS_HOST = "ipfs.infura.io"
|
|
|
|
|
IPFS_PORT = 5001
|
2019-07-29 11:00:31 -04:00
|
|
|
IPFS_PROTOCOL = "https"
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-07-29 11:00:31 -04:00
|
|
|
/* Email */
|
2019-07-29 16:52:10 -04:00
|
|
|
EMAIL_USER = "${var.dap_ps_smtp_user}"
|
|
|
|
|
EMAIL_PASSWORD = "${var.dap_ps_smtp_pass}"
|
|
|
|
|
EMAIL_HOST = "email-smtp.us-east-1.amazonaws.com"
|
|
|
|
|
EMAIL_PORT = 465
|
|
|
|
|
EMAIL_TLS = "true"
|
|
|
|
|
APPROVER_MAIL = "dapps-approvals@status.im"
|
2019-07-29 11:00:31 -04:00
|
|
|
APPROVE_NOTIFIER_MAIL = "dapps-approvals@status.im"
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-07-29 11:00:31 -04:00
|
|
|
/* CloudWatch TODO */
|
2019-07-29 16:52:10 -04:00
|
|
|
CLOUDWATCH_ACCESS_KEY_ID = "This is for production, if you have logging set up (AWS Cloudwatch)"
|
|
|
|
|
CLOUDWATCH_REGION = "This is for production, if you have logging set up (AWS Cloudwatch)"
|
2019-07-29 11:00:31 -04:00
|
|
|
CLOUDWATCH_SECRET_ACCESS_KEY = "This is for production, if you have logging set up (AWS Cloudwatch)"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-07-25 12:53:20 -04:00
|
|
|
module "dev" {
|
2019-07-26 13:16:09 -04:00
|
|
|
source = "./modules/aws-eb-env"
|
2019-07-25 12:53:20 -04:00
|
|
|
name = "dev-dap-ps"
|
|
|
|
|
gandi_zone_id = "${gandi_zone.dap_ps_zone.id}"
|
|
|
|
|
dns_domain = "dap.ps"
|
2019-07-25 17:05:05 -04:00
|
|
|
stage = "dev"
|
|
|
|
|
stack_name = "${var.stack_name}"
|
|
|
|
|
keypair_name = "${aws_key_pair.admin.key_name}"
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-07-26 17:02:09 -04:00
|
|
|
/* Scaling */
|
|
|
|
|
autoscale_min = 1
|
|
|
|
|
autoscale_max = 2
|
2019-07-29 16:52:10 -04:00
|
|
|
|
2019-07-29 11:00:31 -04:00
|
|
|
/* Environment */
|
2019-07-29 16:52:10 -04:00
|
|
|
env_vars = "${local.dev_env}"
|
2019-07-25 12:53:20 -04:00
|
|
|
}
|
2019-07-25 13:14:50 -04:00
|
|
|
|
2019-07-25 13:16:00 -04:00
|
|
|
module "prod" {
|
|
|
|
|
source = "./modules/prod"
|
|
|
|
|
name = "prod-dap-ps"
|
|
|
|
|
gandi_zone_id = "${gandi_zone.dap_ps_zone.id}"
|
|
|
|
|
dns_domain = "dap.ps"
|
2019-07-29 16:52:10 -04:00
|
|
|
dns_entry = "prod" /* just means use `dap.ps` */
|
2019-07-25 13:16:00 -04:00
|
|
|
}
|
|
|
|
|
|
2019-07-25 13:14:50 -04:00
|
|
|
/* MAIN SITE ------------------------------------*/
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* This is the main site hosted on GitHub:
|
|
|
|
|
* https://github.com/dap-ps/discover
|
|
|
|
|
**/
|
|
|
|
|
resource "gandi_zonerecord" "dap_ps_site" {
|
2019-07-29 16:52:10 -04:00
|
|
|
zone = "${gandi_zone.dap_ps_zone.id}"
|
|
|
|
|
name = "@"
|
|
|
|
|
type = "A"
|
|
|
|
|
ttl = 3600
|
|
|
|
|
|
2019-07-25 13:14:50 -04:00
|
|
|
values = [
|
|
|
|
|
"185.199.108.153",
|
|
|
|
|
"185.199.109.153",
|
|
|
|
|
"185.199.110.153",
|
|
|
|
|
"185.199.111.153",
|
|
|
|
|
]
|
|
|
|
|
}
|
