Page MenuHomePhabricator
Files F2897376

D12277.diff
No OneTemporary
Actions

D12277.diff
View Options

diff --git a/scripts/terraform_pre_commit.sh b/scripts/terraform_pre_commit.sh
--- a/scripts/terraform_pre_commit.sh
+++ b/scripts/terraform_pre_commit.sh
@@ -6,7 +6,7 @@
echo "Formatting terraform..."
terraform fmt -recursive
-for cfg in dev remote; do
+for cfg in dev remote self-host; do
pushd "$cfg" >/dev/null
echo "Validating '$cfg' terraform configuration..."
terraform validate
diff --git a/services/terraform/self-host/.gitignore b/services/terraform/self-host/.gitignore
new file mode 100644
--- /dev/null
+++ b/services/terraform/self-host/.gitignore
@@ -0,0 +1,35 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+.terraform.lock.hcl
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
diff --git a/services/terraform/self-host/aws_vpc.tf b/services/terraform/self-host/aws_vpc.tf
new file mode 100644
--- /dev/null
+++ b/services/terraform/self-host/aws_vpc.tf
@@ -0,0 +1,46 @@
+# VPC
+resource "aws_vpc" "default" {
+ cidr_block = "172.31.0.0/16"
+ enable_dns_support = true
+ enable_dns_hostnames = true
+}
+
+# Public Subnets
+resource "aws_subnet" "public_a" {
+ vpc_id = aws_vpc.default.id
+ cidr_block = "172.31.0.0/20"
+ availability_zone = "us-east-2a"
+ map_public_ip_on_launch = true
+}
+
+resource "aws_subnet" "public_b" {
+ vpc_id = aws_vpc.default.id
+ cidr_block = "172.31.16.0/20"
+ availability_zone = "us-east-2b"
+ map_public_ip_on_launch = true
+}
+
+# Internet Gateway
+resource "aws_internet_gateway" "default" {
+ vpc_id = aws_vpc.default.id
+}
+
+# Route Table for Internet Gateway
+resource "aws_route_table" "public_igw_route_table" {
+ vpc_id = aws_vpc.default.id
+
+ route {
+ cidr_block = "0.0.0.0/0"
+ gateway_id = aws_internet_gateway.default.id
+ }
+}
+
+resource "aws_route_table_association" "public_a_igw_route_association" {
+ subnet_id = aws_subnet.public_a.id
+ route_table_id = aws_route_table.public_igw_route_table.id
+}
+
+resource "aws_route_table_association" "public_b_igw_route_association" {
+ subnet_id = aws_subnet.public_b.id
+ route_table_id = aws_route_table.public_igw_route_table.id
+}
diff --git a/services/terraform/self-host/main.tf b/services/terraform/self-host/main.tf
new file mode 100644
--- /dev/null
+++ b/services/terraform/self-host/main.tf
@@ -0,0 +1,18 @@
+terraform {
+ backend "s3" {
+ region = "us-east-2"
+ key = "terraform.tfstate"
+ bucket = "self-host-keyserver-terraform"
+ encrypt = true
+ }
+}
+
+provider "aws" {
+ region = "us-east-2"
+
+ default_tags {
+ tags = {
+ managed_by = "terraform"
+ }
+ }
+}
diff --git a/services/terraform/self-host/providers.tf b/services/terraform/self-host/providers.tf
new file mode 100644
--- /dev/null
+++ b/services/terraform/self-host/providers.tf
@@ -0,0 +1,8 @@
+terraform {
+ required_providers {
+ aws = {
+ source = "hashicorp/aws"
+ version = "~> 5.7.0"
+ }
+ }
+}

File Metadata

Mime Type
text/plain
Expires
Sat, Oct 5, 11:12 PM (21 h, 42 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2246785
Default Alt Text
D12277.diff (3 KB)

Event Timeline