change VPC CIDR block to use 172.16.1.0/24

Signed-off-by: Jakub Sokołowski <jakub@status.im>
2020-01-29 16:40:23 +01:00 · 2020-01-29 16:40:23 +01:00 · 53509bd24e
parent 52321e8ca3
commit 53509bd24e
2 changed files with 16 additions and 2 deletions
--- a/modules/aws-vpc/main.tf
+++ b/modules/aws-vpc/main.tf
@ -1,6 +1,6 @@
 /* The VPN allows us to limit certain traffic to just local network */
 resource "aws_vpc" "main" {
-  cidr_block       = "10.0.0.0/16"
+  cidr_block       = var.vpc_cidr_block
  instance_tenancy = "default"

  enable_dns_support   = true
@ -14,7 +14,7 @@ resource "aws_vpc" "main" {
 /* A VPN can't exist by itself, a subnet is necessary to add instances */
 resource "aws_subnet" "main" {
  vpc_id     = aws_vpc.main.id
-  cidr_block = "10.0.1.0/24"
+  cidr_block = var.subnet_cidr_block

  /* Needs to be the same as the instances zone */
  availability_zone = var.zone
--- a/modules/aws-vpc/variables.tf
+++ b/modules/aws-vpc/variables.tf
@ -6,6 +6,20 @@ variable "zone" {
  default     = "eu-central-1a"
 }

+variable "vpc_cidr_block" {
+  description = "IPv4 address space from Classless Inter-Domain Routing for VPC."
+  type        = string
+  default     = "172.20.0.0/16"
+  # WARNING: We can't use 10.0.0.0/8 here because Tinc VPN already does.
+  # Details: https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html
+}
+
+variable "subnet_cidr_block" {
+  description = "Subnet of the VPC CIDR block address space."
+  type        = string
+  default     = "172.20.1.0/24"
+}
+
 /* FIREWALL--------------------------------------*/

 variable "open_tcp_ports" {