dap-ps
/
infra-dapps
mirror of https://github.com/dap-ps/infra-dapps.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

move dev environment to it's own tf module 

Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
Jakub Sokołowski 2019-07-25 12:53:20 -04:00
parent 0a4d495d7c
commit cf4d933702
No known key found for this signature in database
GPG Key ID: 4EF064D0E6D63020
5 changed files with 50 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
dns.tf
View File

@ -37,13 +37,3 @@ resource "gandi_zonerecord" "dap_ps_site" {
"185.199.111.153", "185.199.111.153",
] ]
} }
/* DEV SITE -------------------------------------*/
resource "gandi_zonerecord" "dev_dap_ps_site" {
zone = "${gandi_zone.dap_ps_zone.id}"
name = "dev"
type = "CNAME"
ttl = 3600
values = ["${aws_elastic_beanstalk_environment.dev_dap_ps.cname}."]
}

10
main.tf
View File

@ -41,3 +41,13 @@ resource "aws_s3_bucket" "tf-state" {
prevent_destroy = true prevent_destroy = true
} }
} }
/* ENVIRONMENTS ---------------------------------*/
module "dev" {
source = "./modules/dev"
name = "dev-dap-ps"
gandi_zone_id = "${gandi_zone.dap_ps_zone.id}"
dns_domain = "dap.ps"
dns_entry = "dev"
}

24
dev.tf → modules/dev/main.tf
View File

@ -1,15 +1,11 @@
locals {
name = "dev-dap-ps"
}
/* ACCESS ---------------------------------------*/ /* ACCESS ---------------------------------------*/
resource "aws_iam_group" "deploy" { resource "aws_iam_group" "deploy" {
name = "${local.name}-deploy" name = "${var.name}-deploy"
} }
resource "aws_iam_user" "deploy" { resource "aws_iam_user" "deploy" {
name = "${local.name}-deploy" name = "${var.name}-deploy"
tags = { tags = {
Description = "User for deploying the dap.ps Elastic Beanstalk app" Description = "User for deploying the dap.ps Elastic Beanstalk app"
} }
@ -45,12 +41,12 @@ output "deploy_secret_key" {
/* ROLES ----------------------------------------*/ /* ROLES ----------------------------------------*/
resource "aws_iam_instance_profile" "main" { resource "aws_iam_instance_profile" "main" {
name = "${local.name}" name = "${var.name}"
role = "${aws_iam_role.main.name}" role = "${aws_iam_role.main.name}"
} }
resource "aws_iam_role" "main" { resource "aws_iam_role" "main" {
name = "${local.name}" name = "${var.name}"
assume_role_policy = <<EOF assume_role_policy = <<EOF
{ {
@ -70,7 +66,7 @@ EOF
} }
resource "aws_iam_policy_attachment" "AWSElasticBeanstalkWebTier" { resource "aws_iam_policy_attachment" "AWSElasticBeanstalkWebTier" {
name = "${local.name}-AWSElasticBeanstalkWebTier" name = "${var.name}-AWSElasticBeanstalkWebTier"
roles = ["${aws_iam_role.main.name}"] roles = ["${aws_iam_role.main.name}"]
policy_arn ="arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier" policy_arn ="arn:aws:iam::aws:policy/AWSElasticBeanstalkWebTier"
} }
@ -93,3 +89,13 @@ resource "aws_elastic_beanstalk_environment" "dev_dap_ps" {
value = "${aws_iam_instance_profile.main.name}" value = "${aws_iam_instance_profile.main.name}"
} }
} }
/* DNS ------------------------------------------*/
resource "gandi_zonerecord" "dev_dap_ps_site" {
zone = "${var.gandi_zone_id}"
name = "${var.dns_entry}"
type = "CNAME"
ttl = 3600
values = ["${aws_elastic_beanstalk_environment.dev_dap_ps.cname}."]
}

10
modules/dev/outputs.tf Normal file
View File

@ -0,0 +1,10 @@
/**
* Uncomment this if you want to extract the secret again.
* For details see: https://www.terraform.io/docs/providers/aws/r/iam_access_key.html
output "deploy_access_key" {
value = "${aws_iam_access_key.deploy.id}"
}
output "deploy_secret_key" {
value = "${aws_iam_access_key.deploy.encrypted_secret}"
}
*/

15
modules/dev/variables.tf Normal file
View File

@ -0,0 +1,15 @@
variable "name" {
description = "Name of this environment to be used in all resources."
}
variable "gandi_zone_id" {
description = "ID of the zone in Gandi DNS registrar."
}
variable "dns_domain" {
description = "Name of domain for this environment."
}
variable "dns_entry" {
description = "Name of DNS entry for this environment."
}