status-im/infra-waku
2
0
Fork 0
mirror of https://github.com/status-im/infra-waku.git synced 2025-02-20 08:38:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

terraform: create hosts

Browse Source
This commit is contained in:
Anton Iakimov 2023-10-05 18:14:47 +02:00
parent 57c2ed1685
commit bc0219d389
No known key found for this signature in database
GPG Key ID: DEA1FE58DD8BF7FA
5 changed files with 75 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
ansible/group_vars/all.yml
View File

@ -4,6 +4,9 @@ bootstrap__root_pass: '{{lookup("bitwarden", "root-pass")}}'
# Consul # Consul
bootstrap__consul_encryption_key: '{{lookup("bitwarden", "consul/cluster", field="encryption-key")}}' bootstrap__consul_encryption_key: '{{lookup("bitwarden", "consul/cluster", field="encryption-key")}}'
bootstarp__consul_agent_acl_token: '{{lookup("bitwarden", "consul/acl-tokens", field="agent-default")}}' bootstarp__consul_agent_acl_token: '{{lookup("bitwarden", "consul/acl-tokens", field="agent-default")}}'
bootstrap__consul_certs_ca_crt: '{{lookup("bitwarden", "consul/certs", file="ca.pem")}}'
bootstrap__consul_certs_client_crt: '{{lookup("bitwarden", "consul/certs", file="client.pem")}}'
bootstrap__consul_certs_client_key: '{{lookup("bitwarden", "consul/certs", file="client-key.pem")}}'
# SSHGuard # SSHGuard
bootstrap__sshguard_whitelist_extra: ['{{lookup("bitwarden", "sshguard/whitelist", field="jakubgs-home")}}'] bootstrap__sshguard_whitelist_extra: ['{{lookup("bitwarden", "sshguard/whitelist", field="jakubgs-home")}}']
# Wireguard # Wireguard

26
ansible/inventory/test Normal file
View File

@ -0,0 +1,26 @@
# NOTE: This file is generated by terraform.py
# For emergency use when Consul fails
[all]
node-01.ac-cn-hongkong-c.waku.test hostname=node-01.ac-cn-hongkong-c.waku.test ansible_host=8.218.219.107 env=waku stage=test data_center=ac-cn-hongkong-c region=cn-hongkong-c dns_entry=node-01.ac-cn-hongkong-c.waku.test.statusim.net
node-01.do-ams3.waku.test hostname=node-01.do-ams3.waku.test ansible_host=178.128.141.171 env=waku stage=test data_center=do-ams3 region=ams3 dns_entry=node-01.do-ams3.waku.test.statusim.net
node-01.gc-us-central1-a.waku.test hostname=node-01.gc-us-central1-a.waku.test ansible_host=34.16.1.67 env=waku stage=test data_center=gc-us-central1-a region=us-central1-a dns_entry=node-01.gc-us-central1-a.waku.test.statusim.net
[ac-cn-hongkong-c]
node-01.ac-cn-hongkong-c.waku.test
[do-ams3]
node-01.do-ams3.waku.test
[gc-us-central1-a]
node-01.gc-us-central1-a.waku.test
[waku]
node-01.ac-cn-hongkong-c.waku.test
node-01.do-ams3.waku.test
node-01.gc-us-central1-a.waku.test
[waku.test]
node-01.ac-cn-hongkong-c.waku.test
node-01.do-ams3.waku.test
node-01.gc-us-central1-a.waku.test

6
ansible/requirements.yml
View File

@ -1,30 +1,24 @@
--- ---
- name: infra-role-bootstrap-linux - name: infra-role-bootstrap-linux
src: git@github.com:status-im/infra-role-bootstrap-linux.git src: git@github.com:status-im/infra-role-bootstrap-linux.git
version: 50eda0808cceaaad2a5c5cdb4493935f2e3a637d
scm: git scm: git
- name: infra-role-wireguard - name: infra-role-wireguard
src: git@github.com:status-im/infra-role-wireguard.git src: git@github.com:status-im/infra-role-wireguard.git
version: b711bbabd2dc3d9ce8b1c3a6e5bc785901db9d09
scm: git scm: git
- name: open-ports - name: open-ports
src: git@github.com:status-im/infra-role-open-ports.git src: git@github.com:status-im/infra-role-open-ports.git
version: 24dc30dbdf85e6758cb6924074b2f7a0f4541524
scm: git scm: git
- name: swap-file - name: swap-file
src: git@github.com:status-im/infra-role-swap-file.git src: git@github.com:status-im/infra-role-swap-file.git
version: 3fb0fb8d313ab388df1b38d516e2ff88b72a2cf7
scm: git scm: git
- name: consul-service - name: consul-service
src: git@github.com:status-im/infra-role-consul-service.git src: git@github.com:status-im/infra-role-consul-service.git
version: 2b3d4e53856d6cc91ae5c5a342fd12f2bb96aa88
scm: git scm: git
- name: systemd-timer - name: systemd-timer
src: git@github.com:status-im/infra-role-systemd-timer.git src: git@github.com:status-im/infra-role-systemd-timer.git
version: c6bbc3d1b4b0ba603d82fa06cd17297d12523182
scm: git scm: git

35
hosts.tf Normal file
View File

@ -0,0 +1,35 @@
module "hosts" {
source = "github.com/status-im/infra-tf-multi-provider"
/* node type */
group = "waku"
env = "waku"
stage = terraform.workspace
domain = var.domain
/* scaling */
host_count = local.ws["hosts_count"]
/* instance sizes */
do_type = local.ws["do_type"] /* DigitalOcean */
ac_type = local.ws["ac_type"] /* Alibaba Cloud */
gc_type = local.ws["gc_type"] /* Google Cloud */
/* data volumes */
ac_data_vol_size = local.ws["data_vol_size"]
do_data_vol_size = local.ws["data_vol_size"]
gc_data_vol_size = local.ws["data_vol_size"]
/* firewall */
open_tcp_ports = [
"80", /* certbot */
"443", /* p2p websockify */
"8000", /* p2p websocket */
"30303", /* p2p main */
/* only on node-01.gc-us-central1-a.wakuv2.prod */
"9000", /* chat2bridge */
]
open_udp_ports = [
"9000", /* discovery v5 */
]
}

10
workspaces.tf
View File

@ -10,15 +10,23 @@ locals {
env = { env = {
defaults = { defaults = {
/* Default settings for all fleets/workspaces. */ /* Default settings for all fleets/workspaces. */
hosts_count = 1 /* number of hosts in each DC */
do_type = "s-1vcpu-2gb" /* DigitalOcean */
ac_type = "ecs.t5-lc1m2.small" /* Alibaba Cloud */
gc_type = "g1-small" /* Google Cloud */
data_vol_size = 40
} }
# Inherits defaults.
test = { test = {
/* Settings specific to the test fleet/workspace. */ /* Settings specific to the test fleet/workspace. */
} }
} }
} }
/* Makes fleet settings available under local.ws. */
locals { locals {
ws = merge(local.env["defaults"], local.env[terraform.workspace]) ws = merge(local.env["defaults"], local.env[terraform.workspace])
} }