upgrade to Terraform 0.13
Signed-off-by: Jakub Sokołowski <jakub@status.im>
This commit is contained in:
parent
cea9813128
commit
797c43e2ad
40
Makefile
40
Makefile
|
@ -1,5 +1,3 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
OS = $(strip $(shell uname -s))
|
||||
ARCH = linux_amd64
|
||||
ifeq ($(OS),Darwin)
|
||||
|
@ -8,40 +6,20 @@ endif
|
|||
|
||||
PLUGIN_DIR = ~/.terraform.d/plugins
|
||||
|
||||
ANSIBLE_PROVIDER_NAME = terraform-provider-ansible
|
||||
ANSIBLE_PROVIDER_VERSION = v1.0.3
|
||||
ANSIBLE_PROVIDER_ARCHIVE = $(ANSIBLE_PROVIDER_NAME)-$(ARCH).zip
|
||||
ANSIBLE_PROVIDER_URL = https://github.com/nbering/terraform-provider-ansible/releases/download/$(ANSIBLE_PROVIDER_VERSION)/$(ANSIBLE_PROVIDER_ARCHIVE)
|
||||
ANSIBLE_PROVIDER_PATH = $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVIDER_NAME)_$(ANSIBLE_PROVIDER_VERSION)
|
||||
|
||||
ANSIBLE_PROVISIO_NAME = terraform-provisioner-ansible
|
||||
ANSIBLE_PROVISIO_VERSION = v2.3.0
|
||||
ANSIBLE_PROVISIO_ARCHIVE = $(ANSIBLE_PROVISIO_NAME)-$(subst _,-,$(ARCH))_$(ANSIBLE_PROVISIO_VERSION)
|
||||
ANSIBLE_PROVISIO_URL = https://github.com/radekg/terraform-provisioner-ansible/releases/download/$(ANSIBLE_PROVISIO_VERSION)/$(ANSIBLE_PROVISIO_ARCHIVE)
|
||||
ANSIBLE_PROVISIO_PATH = $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION)
|
||||
|
||||
all: requirements plugins secrets init-terraform
|
||||
all: requirements plugins init-terraform
|
||||
@echo "Success!"
|
||||
|
||||
plugins: install-ansible-provider install-ansible-provisioner
|
||||
plugins: install-ansible-provisioner
|
||||
|
||||
requirements:
|
||||
ansible-galaxy install --ignore-errors --force -r ansible/requirements.yml
|
||||
|
||||
check-unzip:
|
||||
ifeq (, $(shell which unzip))
|
||||
$(error "No unzip in PATH, consider doing apt install unzip")
|
||||
endif
|
||||
|
||||
install-ansible-provider: check-unzip
|
||||
@if [ ! -e $(ANSIBLE_PROVIDER_PATH) ]; then \
|
||||
mkdir -p $(PLUGIN_DIR); \
|
||||
wget $(ANSIBLE_PROVIDER_URL) -P $(PLUGIN_DIR); \
|
||||
unzip -o $(PLUGIN_DIR)/$(ANSIBLE_PROVIDER_ARCHIVE) -d $(PLUGIN_DIR); \
|
||||
else \
|
||||
echo "Already installed: $(ANSIBLE_PROVIDER_PATH)"; \
|
||||
fi
|
||||
|
||||
install-ansible-provisioner:
|
||||
@if [ ! -e $(ANSIBLE_PROVISIO_PATH) ]; then \
|
||||
mkdir -p $(PLUGIN_DIR); \
|
||||
|
@ -54,19 +32,5 @@ install-ansible-provisioner:
|
|||
init-terraform:
|
||||
terraform init -upgrade=true
|
||||
|
||||
secrets:
|
||||
echo "Saving secrets to: terraform.tfvars"
|
||||
@echo -e "\
|
||||
# secrets extracted from password-store\n\
|
||||
aws_access_key = \"$(shell pass cloud/AWS/access-key)\"\n\
|
||||
aws_secret_key = \"$(shell pass cloud/AWS/secret-key)\"\n\
|
||||
dap_ps_smtp_user = \"$(shell pass cloud/AWS/ses/smtp-access-key)\"\n\
|
||||
dap_ps_smtp_pass = \"$(shell pass cloud/AWS/ses/smtp-password)\"\n\
|
||||
dap_ps_admin_user = \"$(shell pass service/dev/app/admin-user)\"\n\
|
||||
dap_ps_admin_pass = \"$(shell pass service/dev/app/admin-pass)\"\n\
|
||||
dap_ps_dev_db_uri = \"$(shell pass service/dev/mongodb/uri)\"\n\
|
||||
dap_ps_prod_db_uri = \"$(shell pass service/prod/mongodb/uri)\"\n\
|
||||
" > terraform.tfvars
|
||||
|
||||
cleanup:
|
||||
rm -r $(PLUGIN_DIR)/$(ARCHIVE)
|
||||
|
|
10
dev.tf
10
dev.tf
|
@ -7,10 +7,10 @@ locals {
|
|||
RATE_LIMIT_TIME = 15 /* ms window */
|
||||
RATE_LIMIT_MAX_REQ = 1
|
||||
/* Access */
|
||||
ADMIN_USER = var.dap_ps_admin_user
|
||||
ADMIN_PASSWORD = var.dap_ps_admin_pass
|
||||
ADMIN_USER = data.pass_password.dap_ps_admin_user.password
|
||||
ADMIN_PASSWORD = data.pass_password.dap_ps_admin_pass.password
|
||||
/* Database */
|
||||
DB_CONNECTION = var.dap_ps_dev_db_uri
|
||||
DB_CONNECTION = data.pass_password.dap_ps_dev_db_uri.password
|
||||
/* Blockchain */
|
||||
BLOCKCHAIN_CONNECTION_POINT = "wss://ropsten.infura.io/ws/v3/8675214b97b44e96b70d05326c61fd6a"
|
||||
DISCOVER_CONTRACT = "0x9fb115BC152aE21ECDc81c73843673fa38e4D2dB"
|
||||
|
@ -19,8 +19,8 @@ locals {
|
|||
IPFS_PORT = 443
|
||||
IPFS_PROTOCOL = "https"
|
||||
/* Email */
|
||||
EMAIL_USER = var.dap_ps_smtp_user
|
||||
EMAIL_PASSWORD = var.dap_ps_smtp_pass
|
||||
EMAIL_USER = data.pass_password.dap_ps_smtp_user.password
|
||||
EMAIL_PASSWORD = data.pass_password.dap_ps_smtp_pass.password
|
||||
EMAIL_HOST = "email-smtp.us-east-1.amazonaws.com"
|
||||
EMAIL_PORT = 465
|
||||
EMAIL_TLS = "true"
|
||||
|
|
4
main.tf
4
main.tf
|
@ -2,8 +2,8 @@
|
|||
|
||||
provider "aws" {
|
||||
region = "us-east-1"
|
||||
access_key = var.aws_access_key
|
||||
secret_key = var.aws_secret_key
|
||||
access_key = data.pass_password.aws_access_key.password
|
||||
secret_key = data.pass_password.aws_secret_key.password
|
||||
}
|
||||
|
||||
/* DATA -----------------------------------------*/
|
||||
|
|
|
@ -8,7 +8,7 @@ data "aws_availability_zones" "available" {
|
|||
}
|
||||
|
||||
module "vpc" {
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=0.8.1"
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=0.17.0"
|
||||
|
||||
namespace = ""
|
||||
stage = var.stage
|
||||
|
@ -17,7 +17,7 @@ module "vpc" {
|
|||
}
|
||||
|
||||
module "subnets" {
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=0.18.1"
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=0.30.0"
|
||||
|
||||
availability_zones = slice(data.aws_availability_zones.available.names, 0, var.max_availability_zones)
|
||||
namespace = ""
|
||||
|
@ -31,7 +31,7 @@ module "subnets" {
|
|||
}
|
||||
|
||||
module "eb_application" {
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-elastic-beanstalk-application.git?ref=0.4.0"
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-elastic-beanstalk-application.git?ref=0.7.1"
|
||||
|
||||
name = local.app_name
|
||||
description = "${local.fqdn} application"
|
||||
|
@ -40,7 +40,7 @@ module "eb_application" {
|
|||
}
|
||||
|
||||
module "eb_environment" {
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-elastic-beanstalk-environment.git?ref=0.17.0"
|
||||
source = "git::https://github.com/cloudposse/terraform-aws-elastic-beanstalk-environment.git?ref=0.30.0"
|
||||
|
||||
description = "Dapp Discovery Store - ${local.fqdn}"
|
||||
name = local.app_name
|
||||
|
|
|
@ -1,3 +1,9 @@
|
|||
terraform {
|
||||
required_version = ">= 0.12"
|
||||
required_version = "~> 0.13.3"
|
||||
required_providers {
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "= 2.46.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -102,7 +102,7 @@ resource "aws_route53_record" "main" {
|
|||
type = "A"
|
||||
ttl = 600
|
||||
records = [aws_instance.main[count.index].public_ip]
|
||||
count = length(aws_instance.main)
|
||||
count = var.host_count
|
||||
}
|
||||
|
||||
|
||||
|
@ -110,7 +110,7 @@ resource "aws_route53_record" "main" {
|
|||
resource "ansible_host" "main" {
|
||||
inventory_hostname = aws_instance.main[count.index].tags.Name
|
||||
groups = local.groups
|
||||
count = length(aws_instance.main)
|
||||
count = var.host_count
|
||||
|
||||
vars = {
|
||||
ansible_host = aws_instance.main[count.index].public_ip
|
||||
|
|
|
@ -0,0 +1,13 @@
|
|||
terraform {
|
||||
required_version = "~> 0.13.3"
|
||||
required_providers {
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "= 2.46.0"
|
||||
}
|
||||
ansible = {
|
||||
source = "nbering/ansible"
|
||||
version = " = 1.0.4"
|
||||
}
|
||||
}
|
||||
}
|
10
prod.tf
10
prod.tf
|
@ -7,10 +7,10 @@ locals {
|
|||
RATE_LIMIT_TIME = 15 /* ms window */
|
||||
RATE_LIMIT_MAX_REQ = 1
|
||||
/* Access */
|
||||
ADMIN_USER = var.dap_ps_admin_user
|
||||
ADMIN_PASSWORD = var.dap_ps_admin_pass
|
||||
ADMIN_USER = data.pass_password.dap_ps_admin_user.password
|
||||
ADMIN_PASSWORD = data.pass_password.dap_ps_admin_pass.password
|
||||
/* Database */
|
||||
DB_CONNECTION = var.dap_ps_prod_db_uri
|
||||
DB_CONNECTION = data.pass_password.dap_ps_prod_db_uri.password
|
||||
/* Blockchain */
|
||||
BLOCKCHAIN_CONNECTION_POINT = "wss://mainnet.infura.io/v3/8675214b97b44e96b70d05326c61fd6a"
|
||||
DISCOVER_CONTRACT = "0x5bCF2767F86f14eDd82053bfBfd5069F68C2C5F8"
|
||||
|
@ -19,8 +19,8 @@ locals {
|
|||
IPFS_PORT = 443
|
||||
IPFS_PROTOCOL = "https"
|
||||
/* Email */
|
||||
EMAIL_USER = var.dap_ps_smtp_user
|
||||
EMAIL_PASSWORD = var.dap_ps_smtp_pass
|
||||
EMAIL_USER = data.pass_password.dap_ps_smtp_user.password
|
||||
EMAIL_PASSWORD = data.pass_password.dap_ps_smtp_pass.password
|
||||
EMAIL_HOST = "email-smtp.us-east-1.amazonaws.com"
|
||||
EMAIL_PORT = 465
|
||||
EMAIL_TLS = "true"
|
||||
|
|
|
@ -0,0 +1,44 @@
|
|||
# Uses PASSWORD_STORE_DIR environment variable
|
||||
provider "pass" { refresh_store = false }
|
||||
|
||||
/* Access key for the AWS API. */
|
||||
data "pass_password" "aws_access_key" {
|
||||
path = "cloud/AWS/access-key"
|
||||
}
|
||||
|
||||
/* Secret key for the AWS API. */
|
||||
data "pass_password" "aws_secret_key" {
|
||||
path = "cloud/AWS/secret-key"
|
||||
}
|
||||
|
||||
/* Name of admin user for Dapp Store application. */
|
||||
data "pass_password" "dap_ps_admin_user" {
|
||||
path = "service/dev/app/admin-user"
|
||||
}
|
||||
|
||||
/* Password for admin user for Dapp Store application. */
|
||||
data "pass_password" "dap_ps_admin_pass" {
|
||||
path = "service/dev/app/admin-pass"
|
||||
}
|
||||
|
||||
/* User for accessing AWS SES SMTP endpoint. */
|
||||
data "pass_password" "dap_ps_smtp_user" {
|
||||
path = "cloud/AWS/ses/smtp-access-key"
|
||||
}
|
||||
|
||||
/* Password for accessing AWS SES SMTP endpoint. */
|
||||
data "pass_password" "dap_ps_smtp_pass" {
|
||||
path = "cloud/AWS/ses/smtp-password"
|
||||
}
|
||||
|
||||
/* An URI for DEV MongoDB database including auth information.
|
||||
* https://docs.mongodb.com/manual/reference/connection-string/ */
|
||||
data "pass_password" "dap_ps_dev_db_uri" {
|
||||
path = "service/dev/mongodb/uri"
|
||||
}
|
||||
|
||||
/* An URI for PROD MongoDB database including auth information.
|
||||
* https://docs.mongodb.com/manual/reference/connection-string/ */
|
||||
data "pass_password" "dap_ps_prod_db_uri" {
|
||||
path = "service/prod/mongodb/uri"
|
||||
}
|
37
variables.tf
37
variables.tf
|
@ -1,13 +1,3 @@
|
|||
/* REQUIRED -------------------------------------*/
|
||||
|
||||
variable "aws_access_key" {
|
||||
description = "Access key for the AWS API."
|
||||
}
|
||||
|
||||
variable "aws_secret_key" {
|
||||
description = "Secret key for the AWS API."
|
||||
}
|
||||
|
||||
/* GENERAL --------------------------------------*/
|
||||
|
||||
variable "hosts_subdomain" {
|
||||
|
@ -55,32 +45,6 @@ variable "dap_ps_app_bucket_name" {
|
|||
default = "dev-dap-ps-app"
|
||||
}
|
||||
|
||||
variable "dap_ps_admin_user" {
|
||||
description = "Name of admin user for Dapp Store application."
|
||||
}
|
||||
|
||||
variable "dap_ps_admin_pass" {
|
||||
description = "Password for admin user for Dapp Store application."
|
||||
}
|
||||
|
||||
variable "dap_ps_smtp_user" {
|
||||
description = "User for accessing AWS SES SMTP endpoint."
|
||||
}
|
||||
|
||||
variable "dap_ps_smtp_pass" {
|
||||
description = "Password for accessing AWS SES SMTP endpoint."
|
||||
}
|
||||
|
||||
variable "dap_ps_dev_db_uri" {
|
||||
description = "An URI for DEV MongoDB database including auth information."
|
||||
/* https://docs.mongodb.com/manual/reference/connection-string/ */
|
||||
}
|
||||
|
||||
variable "dap_ps_prod_db_uri" {
|
||||
description = "An URI for PROD MongoDB database including auth information."
|
||||
/* https://docs.mongodb.com/manual/reference/connection-string/ */
|
||||
}
|
||||
|
||||
/* SES FORWARDER --------------------------------*/
|
||||
|
||||
variable "ses_forwarder_bucket_name" {
|
||||
|
@ -92,4 +56,3 @@ variable "ses_forwarder_admin_account_arn" {
|
|||
description = "Name of bucket to use for storing forwarded emails"
|
||||
default = "arn:aws:iam::760668534108:user/jakubgs"
|
||||
}
|
||||
|
||||
|
|
18
versions.tf
18
versions.tf
|
@ -1,7 +1,21 @@
|
|||
|
||||
terraform {
|
||||
required_version = ">= 0.12"
|
||||
required_version = "~> 0.13.3"
|
||||
required_providers {
|
||||
aws = "= 2.44.0"
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "= 2.46.0"
|
||||
}
|
||||
ansible = {
|
||||
source = "nbering/ansible"
|
||||
version = " = 1.0.4"
|
||||
}
|
||||
pass = {
|
||||
source = "camptocamp/pass"
|
||||
version = " = 1.4.0"
|
||||
}
|
||||
archive = {
|
||||
source = "hashicorp/archive"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue