Page MenuHomePhabricator

D12928.id43025.diff
No OneTemporary

D12928.id43025.diff

diff --git a/.dockerignore b/.dockerignore
--- a/.dockerignore
+++ b/.dockerignore
@@ -45,6 +45,7 @@
services/reports/email-config.json
services/terraform/self-host/*.env
services/terraform/self-host/*.env.*
+services/terraform/remote/*.env
native/cpp/**/build
diff --git a/services/terraform/remote/.gitignore b/services/terraform/remote/.gitignore
--- a/services/terraform/remote/.gitignore
+++ b/services/terraform/remote/.gitignore
@@ -5,6 +5,9 @@
*.tfstate
*.tfstate.*
+# Dotenv
+.env
+
# Crash log files
crash.log
crash.*.log
diff --git a/services/terraform/remote/.terraform.lock.hcl b/services/terraform/remote/.terraform.lock.hcl
--- a/services/terraform/remote/.terraform.lock.hcl
+++ b/services/terraform/remote/.terraform.lock.hcl
@@ -17,6 +17,29 @@
]
}
+provider "registry.terraform.io/germanbrew/dotenv" {
+ version = "1.1.2"
+ constraints = "1.1.2"
+ hashes = [
+ "h1:rbzMuE2/HHDvrVRUaHabvG5c7y2TMfyoBl4ZOpp0mPw=",
+ "zh:179e7f19a66205b74b76d76dffc20287a03c68c76356bc9b894d52bf7702767d",
+ "zh:22f772f4380cb5cde5e3751dc47920c99943aa99f661b123f11bb6022471e976",
+ "zh:269a023043bd1cd4a6e231e9394d27ebf93df5e0a08751b4e18ff1a745e58cf4",
+ "zh:2b41bfbfb615a5ecbc1bfc195262e1dedf0e8d59ddae2995dbc308c2fb0fe62c",
+ "zh:3eeaa46fcf39719ff499b5b7d03dee4b7bfadd5f81549288c4d2640b4e6c3581",
+ "zh:4d428dc138bdebc69eecc53b2a87d7b7bfa485d3d6b7a651c8f1e97bc4408efc",
+ "zh:5870a658b75e8909e60beaacbbe9d42f957596a034af6e0d9e1780f96ee09e13",
+ "zh:7a7eb852fdad76077429b6bc624858df13a7e0571d7f9ee3ad6512b811ca5438",
+ "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
+ "zh:954b97dc6a3d84c637ceb3ab0b0f1b6eacf68200da62871b41c58c2356d2b722",
+ "zh:9ba67c1edfb9f4c83e0532c151fa3c1d13169e467b065d63465712f2050952a3",
+ "zh:a55998a075527c36fb4d8a9224c04b10383c8eabe0b8e9c3283c1e527bd9d2b8",
+ "zh:afa596b5103275ba75dd248bee68349de3ca535a3f8e28d95de8c52e42e438b3",
+ "zh:dc5312c982d3e24eab579f94f5b395b57fd65536369f6bcc8b3fd0f4bc78bdd0",
+ "zh:ea4c5db0d92a6e157ac84e7221da1dc42031d143418d3b719f8c7cbfc2a616d3",
+ ]
+}
+
provider "registry.terraform.io/hashicorp/aws" {
version = "5.7.0"
constraints = ">= 4.67.0, ~> 5.7.0"
@@ -41,6 +64,25 @@
]
}
+provider "registry.terraform.io/hashicorp/null" {
+ version = "3.2.2"
+ hashes = [
+ "h1:IMVAUHKoydFrlPrl9OzasDnw/8ntZFerCC9iXw1rXQY=",
+ "zh:3248aae6a2198f3ec8394218d05bd5e42be59f43a3a7c0b71c66ec0df08b69e7",
+ "zh:32b1aaa1c3013d33c245493f4a65465eab9436b454d250102729321a44c8ab9a",
+ "zh:38eff7e470acb48f66380a73a5c7cdd76cc9b9c9ba9a7249c7991488abe22fe3",
+ "zh:4c2f1faee67af104f5f9e711c4574ff4d298afaa8a420680b0cb55d7bbc65606",
+ "zh:544b33b757c0b954dbb87db83a5ad921edd61f02f1dc86c6186a5ea86465b546",
+ "zh:696cf785090e1e8cf1587499516b0494f47413b43cb99877ad97f5d0de3dc539",
+ "zh:6e301f34757b5d265ae44467d95306d61bef5e41930be1365f5a8dcf80f59452",
+ "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+ "zh:913a929070c819e59e94bb37a2a253c228f83921136ff4a7aa1a178c7cce5422",
+ "zh:aa9015926cd152425dbf86d1abdbc74bfe0e1ba3d26b3db35051d7b9ca9f72ae",
+ "zh:bb04798b016e1e1d49bcc76d62c53b56c88c63d6f2dfe38821afef17c416a0e1",
+ "zh:c23084e1b23577de22603cff752e59128d83cfecc2e6819edadd8cf7a10af11e",
+ ]
+}
+
provider "registry.terraform.io/hashicorp/random" {
version = "3.5.1"
constraints = "3.5.1"
diff --git a/services/terraform/remote/aws_iam.tf b/services/terraform/remote/aws_iam.tf
--- a/services/terraform/remote/aws_iam.tf
+++ b/services/terraform/remote/aws_iam.tf
@@ -70,6 +70,17 @@
}
}
+# Role with allow ecs exec
+resource "aws_iam_role" "ecs_task_role" {
+ name = "ecs-iam_role"
+ description = "Allows to SSH into ECS containers"
+ assume_role_policy = data.aws_iam_policy_document.assume_role_ecs_ec2.json
+
+ managed_policy_arns = [
+ aws_iam_policy.allow_ecs_exec.arn,
+ ]
+}
+
# Allows ECS Exec to SSH into service task containers
resource "aws_iam_policy" "allow_ecs_exec" {
name = "allow-ecs-exec"
diff --git a/services/terraform/remote/providers.tf b/services/terraform/remote/providers.tf
--- a/services/terraform/remote/providers.tf
+++ b/services/terraform/remote/providers.tf
@@ -14,5 +14,10 @@
source = "hashicorp/random"
version = "3.5.1"
}
+
+ dotenv = {
+ source = "germanbrew/dotenv"
+ version = "1.1.2"
+ }
}
}
diff --git a/services/terraform/remote/secrets.json b/services/terraform/remote/secrets.json
--- a/services/terraform/remote/secrets.json
+++ b/services/terraform/remote/secrets.json
@@ -1,28 +1,95 @@
{
"accountIDs": {
- "production": "ENC[AES256_GCM,data:bFvAqsaeaK63a89t,iv:DItiKGCI6RPfkjQPSrUWhddvJQKOTnYEeyzgHfckrXw=,tag:5NTw9AuEXhU9eOKzd2wvtw==,type:str]",
- "staging": "ENC[AES256_GCM,data:qoJZWlb2BusLjLJV,iv:cRt9S8qKZ8qz3q41Xc1o+giTTHA0jWkTLQDFHUHFR2U=,tag:EbZKVX7NkxDmx1s1PIjIeg==,type:str]"
+ "production": "ENC[AES256_GCM,data:kuCCoz7IlxgvWF6W,iv:rOkSJ7i9rJKukhhP4Hkh12iXKCOVZGeErLFbu3mKY+w=,tag:GbsUj/IZt+oQL8Usg3xV5w==,type:str]",
+ "staging": "ENC[AES256_GCM,data:A/SixKIxXzDwgU58,iv:sVMlGpkdHWV/lWc308YkFgrZWZ6DjWOt7UQ/mRHMl6w=,tag:+xB9tswTcrw8tobrOuoSZQ==,type:str]"
},
- "keyserverPublicKey": "ENC[AES256_GCM,data:6QnxnmA21WMjsqFJHgSxh4UkzoR1LMQuoK+F4uj5cxZPqsvverDjf9OfJg==,iv:gScxT+OOcnIrnc32S/Skk1/y15k2yhMVkCjuCUkQ3Y8=,tag:ZzP+7sgxZoJHD/XpMwwxWg==,type:str]",
+ "keyserverPublicKey": "ENC[AES256_GCM,data:nVTl0xKmi2FI0CtzvJpRwrKf7eUiea2R/BFm+SFGO2MESTw/IawXxKwdWQ==,iv:HEDGp/9dLDdQtyVSa5e0dDmkVGVINdgNIl9mh/Kc6fE=,tag:r5nSo3v5m3o0kHsFPO6BvQ==,type:str]",
"emailConfig": {
- "postmarkToken": "ENC[AES256_GCM,data:9LHtrcnsPjSQ9taGbM984vHubERZZxvVrrEu0EmpSxA3fABH,iv:IGvphb6l6sCfeY6liOcmLaVsEtNKO97kSuB3YUMQVAg=,tag:+2F/or6vbv90kD1T1h+ZHA==,type:str]",
- "senderEmail": "ENC[AES256_GCM,data:TtXiJwxtgqSfJw8Lht1o89i0aNwjHLHO70v7SlAUJWJXg2sMoz8Weg==,iv:g9a/QNXyDorilDdh6GQjWmO4iZ8ngYqjMmws8O64T9M=,tag:5QrBdNY011OTvZPr9FVqEg==,type:str]",
+ "postmarkToken": "ENC[AES256_GCM,data:g6ZCrhUZAb61hsqpuLyp00/IOedGHhYhnjs7W3yjAJIhF93C,iv:rtWPRj1CCVJuP+XLKeWFbjFp1sJy/KRZDzo/+ipw/Vk=,tag:kk3JtY0ssqPtuvrMMf5rcg==,type:str]",
+ "senderEmail": "ENC[AES256_GCM,data:vsK91pGmIC3C8LlgQBkFfmyHSeX9k4gFV6mf4bgQGZ7/1e0cJrSzMg==,iv:u1NsWBYVujppzvzoL4YggavTMjTaLJgxwGRtbP6ZA24=,tag:jonR7QWhDwNsfv6J7u/cUQ==,type:str]",
"mailingGroups": {
- "inconsistencyReports": "ENC[AES256_GCM,data:WpfRg05ey0NqXD7xsJM4em2QxwBTZf1A/dhZJmll,iv:nSH3oPSmja6lvEqGLpNrpPqVmMrD8OqAU3gvMIlm68E=,tag:vIi5G+3F3eIoZP6zma7rZw==,type:str]",
- "mediaReports": "ENC[AES256_GCM,data:ayhONEdMxKQgJKtVzkcJUMWy30y/hw==,iv:Cr/vcQ/HObcbSfoKXZ8hiGwSdTETsAoohJCargaWadM=,tag:WCpfrV0SSBM+DoYIahIkpw==,type:str]",
- "errorReports": "ENC[AES256_GCM,data:5IfELwZmEvDgIalp3M4oxh8jgiJKuA==,iv:YCuAsQMiIE+ahatbc+GcJAwfr//aoGsfb6VCUeeXZh0=,tag:06RAnL4s2sFsvBJqH5IZuQ==,type:str]"
+ "inconsistencyReports": "ENC[AES256_GCM,data:hoblOUDXYEvfvsYTd9r87iyTOIRtgVaXl0ioaKM7,iv:HydsVHmutFcH1bM/S9q9cHzJ6Fi7wmBsc0GzIKRstAY=,tag:VDVYjNF/EFALq+sPNtEzEQ==,type:str]",
+ "mediaReports": "ENC[AES256_GCM,data:TLwloRlIOVHUmfIWDiLGtoaMu11mew==,iv:0C02916vp0achsYcwfQbuDYqPFCD7O97K/k1VIRvhjU=,tag:bzfgAWSR9kSJWZuDipp7Tw==,type:str]",
+ "errorReports": "ENC[AES256_GCM,data:5BxNT6CyqlXb4sqo2OaHDBW9nXt23g==,iv:14wasztkciqHKXhuqJW+TMMuWIETwdbMmxUgqxjJ/PM=,tag:7Tx+MKowFRa77pnJi0kSHw==,type:str]"
}
},
"amqpPassword": {
- "production": "ENC[AES256_GCM,data:HGWWEwKhNeIAYqqyzAo=,iv:JwsXBZwyrzvO7KvfmyE2RUmo23n+zXedS0HZpHUgg1U=,tag:CCk7MgUKbwREy9cSdJNtig==,type:str]",
- "staging": "ENC[AES256_GCM,data:DULoLDulN6rSeHVf+g0=,iv:DOPgUu1P+1c6YXYbYona3Q/rCN2X9Gs8sMiOaJgLu1A=,tag:h35i33gOmBgFAtbjFiQgWw==,type:str]"
+ "production": "ENC[AES256_GCM,data:apPbQzb3aI0LS26M4SM=,iv:FM66MLDyFysYnb+5/g7nHnv8SuhPx1l4l2ygYMEaPRE=,tag:njG4Sk1IM4+3CzAROIla4Q==,type:str]",
+ "staging": "ENC[AES256_GCM,data:Mc4lASnc3pBtAV0KfN8=,iv:rtej+MdNEgJQJWrgECdyrbXJZi2PeoW/y4RS+K15HtM=,tag:OaAwbt7xwgJb1lQdedpvnw==,type:str]"
+ },
+ "webappLandingEnvVars": {
+ "COMM_JSONCONFIG_facts_keyserver_url": {
+ "baseDomain": "ENC[AES256_GCM,data:YGf2hGjvvUrsX8pstqzHUSwxOo0=,iv:s6O6K++sMstnGYzFq9780V95xT9OrTpWSQgkfZ886hA=,tag:661Z6NUV1NdQ5x8RoYpl2A==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:iQ==,iv:Yv49ymWtglxyforwMOqgcukp+x5bnQPamaB0JAYTbto=,tag:nlYBbftFYfXlYzadTpHdXw==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:jA==,iv:GMCZzKWhb9WPc5MQ2Ett2xz6+NTHbtMGS44moubFRpI=,tag:3kQIXp5v+unjh4X2kqnjtQ==,type:str]",
+ "https": "ENC[AES256_GCM,data:9/rxwQ==,iv:IlzORxiWlJgJg4MxbxiPzr++Svuf5qfcAVkf6B95ctQ=,tag:sAeeP3GeVT0pKD/5q89eLA==,type:bool]",
+ "proxy": "ENC[AES256_GCM,data:jQwY,iv:lkhOmD8yUf4DZgL4he6zm0KWyseVswSZIxWXKz9vbAg=,tag:xa5dNdPFaxHl+/rGRCRhNw==,type:str]"
+ },
+ "COMM_JSONCONFIG_facts_webapp_url": {
+ "baseDomain": "ENC[AES256_GCM,data:K3KmxQpBtoZWD05BZtPVRXoljuk6,iv:oXkntWzV5TIgL5LYH454kCXbeSLmAfjmfLVWCcZBhd4=,tag:gXFuy8s6lHtApWWo13TUNQ==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:4w==,iv:Fb3oM0UEbShwNtbiPR33zGv9hnQiqfYd7AoaDJSiots=,tag:VfB3QHzWs0c9m3IBcPZjBg==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:MA==,iv:oBwDnDi5ZNTq58hq7CoXaEcmDAltslSBKLu9J9u3hnI=,tag:hlKKlclVcF/fn3OBrUwmiA==,type:str]",
+ "https": "ENC[AES256_GCM,data:+aL6eQ==,iv:aDou9cvd/e+h2uo/9VIt6yJbzhy6roLX/pRk7hASBXU=,tag:2tAo3UN46eFf8CCim5wppw==,type:bool]",
+ "proxy": "ENC[AES256_GCM,data:yaIq,iv:NRg4rnr2EO2UKB48Dq+21aJma9hzGQytzVpnQwwlE2Y=,tag:6gCH6plpKY39hHE67uzOMw==,type:str]"
+ },
+ "COMM_JSONCONFIG_facts_landing_url": {
+ "baseDomain": "ENC[AES256_GCM,data:Fsbo2xE3gTxvzsHT7P0scUisJnWM,iv:h3EDy1KaHsrPUhx3HV8oV+HSeU9149okPXqTAOjZ6kA=,tag:v3dYtMKuFLEj6+Gq4YSzaw==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:Sg==,iv:TqbENv4Y3kFjGLhDnq3NUqhG1eSzHt6965OmspVE58k=,tag:ukmGtMYK//SIcJLnFFtndw==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:iQ==,iv:vcrFHIQLa/7YB5MPW6hzCekelHUQprFlhrlaBaDgwdc=,tag:uzSdJjQWZm2FnmiexUM0og==,type:str]",
+ "https": "ENC[AES256_GCM,data:1mF6Sw==,iv:GWKdreVvZCD/9gMoEdbYlHL4HXsMJaT2zSopLvxrUuw=,tag:xeMk+AOcHPm7APhalOHwkw==,type:bool]"
+ },
+ "COMM_JSONCONFIG_secrets_alchemy": {
+ "key": "ENC[AES256_GCM,data:OJh3fnTACBGOQ6qrk7FcbbB5hy3ECsNxNAs6t0aHtjo=,iv:+DBjvhSKRn/QWrEfVJ3vtVmv3dxZH3NzZi1d1HQ+X8Q=,tag:pzo6qQF8JxYe0FPgQxideA==,type:str]"
+ },
+ "COMM_JSONCONFIG_secrets_walletconnect": {
+ "key": "ENC[AES256_GCM,data:cR5TVGZDKZng4nvbHzpwk+Nj0U3t8j54FLrn35Ckf9k=,iv:BI0ftkm6pzL/46GAA4BOOFPNcbqlsn6mr4z2lsHSjm4=,tag:1CReGDvhibkCsyLC3JnYKQ==,type:str]"
+ },
+ "COMM_JSONCONFIG_secrets_geoip_license": {
+ "key": "ENC[AES256_GCM,data:GAvcKVvU7bWUe8+idx7zNA==,iv:mHIS+xV7jDF+Dc89Hu/fwKZ7e9rodc5Za4qmKSbVekc=,tag:1rQuAnoxmhST7csMlkbQZg==,type:str]"
+ },
+ "COMM_JSONCONFIG_secrets_postmark": {
+ "apiToken": "ENC[AES256_GCM,data:aK4jAHXCjmPSLSVFoRDr9WJoy3po+IoBWxJFbr/nXW1+b18W,iv:QzDmUACPb2+TGBxi2DNt55V+eJmFOH5062siLoLDbEo=,tag:Jz7xJ8o1QzeLDulj6zHA7g==,type:str]"
+ },
+ "COMM_JSONCONFIG_secrets_neynar": {
+ "key": "ENC[AES256_GCM,data:+QpwbD+gcc9lfXT73eXAYpsJmaPkiEunRjulCwY+EVZah8jQ,iv:O0LwzvTh5R1EavIf4hujkTrXur6z8Ym+4HownchsCqE=,tag:mRGGOpPW7P5ljHwkcoGriw==,type:str]"
+ }
+ },
+ "webappLandingStagingEnvVars": {
+ "COMM_JSONCONFIG_facts_webapp_url": {
+ "baseDomain": "ENC[AES256_GCM,data:3far99kHAl0T66Bh7+MjK9hBFW+K,iv:PqnT5xPXsISW9zGA7r9vjs0Qu5bjnhxTJ9+GIf31Neo=,tag:pUxNSE8UGWvJBrNB5wTZ1Q==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:8g==,iv:GV11qLKNvb69oOvPomesLNGlBGv+oDom4WXeH3fs3/I=,tag:kZ8VT0osJ9l0GtAxh+DLQQ==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:3g==,iv:E6ohwF2ybKUYZv+jmSakv5F2CGZwRb2v0nLV2KjJMJ0=,tag:iFA2MCj33SkoSzvCqKCqCg==,type:str]",
+ "https": "ENC[AES256_GCM,data:VdNVtA==,iv:9JpBIx7mwriQsyQng3lMc1mhccp21fR1Cdw7vFXRuA0=,tag:hKDCTzaHdx42uu42HkOFzQ==,type:bool]",
+ "proxy": "ENC[AES256_GCM,data:pckR,iv:wyPFiqH4SvFIWeeBbbg7hrnF9JAAOCxFIhNHNwMQ2jQ=,tag:PilhWu9g5x2EeMk35eWPJg==,type:str]"
+ },
+ "COMM_JSONCONFIG_facts_landing_url": {
+ "baseDomain": "ENC[AES256_GCM,data:fz4xtBjtoQqNje2tFnyvqVKBy64q,iv:pJHBTWHzd6ZxcF9UdCUQey1rjsmLoX6bKBFW9ij5Nss=,tag:od835wpIyq4q09XSin9nBA==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:sg==,iv:Yi2Cd9LeWJpdQpcYoTi8MC3yUVgEKy35l93m+5G4t9s=,tag:fUpQZIwQINvZJREJvZxuVA==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:lQ==,iv:83pO4fpEtG/ShQthGrlog+NywZdkMItztSH4vL4zr3k=,tag:unlLT0kZwqfmJuNYdpeLJA==,type:str]",
+ "https": "ENC[AES256_GCM,data:xovX0Q==,iv:jE2OGF+xZZkG4W58Wtnfm8jqjGpVLmzQtNnNwAi96ao=,tag:1YkSq2kRr5is1muQom/Bsg==,type:bool]"
+ }
+ },
+ "webappLandingProdEnvVars": {
+ "COMM_JSONCONFIG_facts_webapp_url": {
+ "baseDomain": "ENC[AES256_GCM,data:X6fasqy0avZp+41kjH3Gr9HdDX8=,iv:rLPcJ3oXCGnm+rjJ+16sFh3+fEq4nQMzMV4L6Cx0Z1k=,tag:MNKo9gAojKPXKEl818hvTQ==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:dw==,iv:iOAya1UQl4IZtVfD5i0LGpo+xEdwaAHL3dmPVWpR9g8=,tag:es1DIuRC+BCY71gPCzPgKw==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:EA==,iv:7QyNHb6o6kSodvZBRNo7EoNXKZnol7330abxYeycdmU=,tag:+ORALMoe6qWy7GaQ7Gfy1w==,type:str]",
+ "https": "ENC[AES256_GCM,data:r+zk6g==,iv:OajjkuSLoP0pdIXBxCvQO5KAt89XdKOEXaZZxPgi/Zc=,tag:fq5gV/RZVcp558niDTv0rA==,type:bool]",
+ "proxy": "ENC[AES256_GCM,data:X8+T,iv:WyfpPRMYiif5H856RBNBklHJduU/jHMpR3L9jb6mZ1I=,tag:D7g5PtCYI4JPgw736phmpQ==,type:str]"
+ },
+ "COMM_JSONCONFIG_facts_landing_url": {
+ "baseDomain": "ENC[AES256_GCM,data:SQPXRiazlhAhX+rcXW8OOA==,iv:U7xS/5tsT9ojDegFLztnVeF0S2pp350TMGYxDjvpXJs=,tag:kI0wjoDjRLyYST7Is4RADA==,type:str]",
+ "basePath": "ENC[AES256_GCM,data:fg==,iv:j1ROfswvTTiy8bDrSps6shRvtt5mMQV+Z+3UPmir2GE=,tag:H2DJYu0XRXSPKc6udFvuTQ==,type:str]",
+ "baseRoutePath": "ENC[AES256_GCM,data:iA==,iv:uv5fqM5pWdVkRSEx+oaCPsW8ipV2zU4FrrlVWDIFb9M=,tag:+s+Nk20NsYpFWLCiRzBUqA==,type:str]",
+ "https": "ENC[AES256_GCM,data:jcHJLg==,iv:KK7anHrp5IR65O8Y7Pp6U5TQJCqQ2Z2rl7jwT5VPvIs=,tag:8j+TBZRWyKQXGU9/lORPEA==,type:bool]"
+ }
},
"sops": {
"kms": [
{
"arn": "arn:aws:kms:us-east-2:319076408221:key/2e54d528-50a2-489c-a4d7-d50c7c9f8303",
- "created_at": "2023-07-29T15:16:43Z",
- "enc": "AQICAHj+McP79InpW8dFM/rPPvaCljIlb0zq8qoMY/a2UlUSewFFXrO432X6dWZfZHFVsgoGAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQM0LAEze794jBZIKO/AgEQgDuVcwyViTDZoLwGj5icgKlABQFeUofitRD9e19i3Q+0ZyT7sSQ/4t2GuxvVo4cVEIkHCgTNH2RXLoqzPA==",
+ "created_at": "2024-08-01T16:22:06Z",
+ "enc": "AQICAHj+McP79InpW8dFM/rPPvaCljIlb0zq8qoMY/a2UlUSewGNNTDHmzVW5Awp7cm2AzUQAAAAfjB8BgkqhkiG9w0BBwagbzBtAgEAMGgGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMmElf2gcK2+5OM5nQAgEQgDvMwce1O589MVHM9smF0wZXHMq5WXxHpcv5+1D0ogdB9z0l81+bvMF7iNnl3+bfAFF1m68T0XxjbzkcEA==",
"aws_profile": ""
}
],
@@ -30,10 +97,10 @@
"azure_kv": null,
"hc_vault": null,
"age": null,
- "lastmodified": "2023-09-12T09:29:09Z",
- "mac": "ENC[AES256_GCM,data:q0leMf7J7MBHoQQ6h82eT4xUsIHC6j1DKolRYn/USJsZ4+rt2EEICzD7J8tLUIzv2IqHnTV9hYMt+8Q0qAfOl87Z8VI0TwzXiAx3b2pdAfCheozz6vE1F/94XVz8S6v/YZpVGT9u1lwPISdXYfd/7QqK3u8hZJM/PVVn5djNcj8=,iv:pb1Ii6BfZMgz6S3R+xEehycArHeBz2wzNHJLms9Jby0=,tag:s8sCtTexTs7Qb6magRWzSw==,type:str]",
+ "lastmodified": "2024-08-01T16:22:06Z",
+ "mac": "ENC[AES256_GCM,data:bmtRZOKvD2AQ7NuGIhzQxCempkFafvZNdPp+vpqk6KbYujy34EtmVY3icjAbnf4alY9NLLmKMa2h7uomLvsFSbUEao/6/5cKeC9lgS/jCf0WOEY7QsXZSmyk7J/dmHNGgz4lx7Rx2t7D/bH0EHbGOsuBkR/6pJGcFtsJI9vrIFg=,iv:l6jsCUvZNXVdxe3oDoF34Tj9VLNMMj/w61tNzxcH0dY=,tag:0zD9jq3XPtKLxn6/OFMg3w==,type:str]",
"pgp": null,
"unencrypted_suffix": "_unencrypted",
- "version": "3.7.3"
+ "version": "3.8.1"
}
}
diff --git a/services/terraform/remote/service_webapp.tf b/services/terraform/remote/service_webapp.tf
new file mode 100644
--- /dev/null
+++ b/services/terraform/remote/service_webapp.tf
@@ -0,0 +1,54 @@
+locals {
+ webapp_image_tag = "1.0.102"
+ webapp_service_image = "commapp/keyserver:${local.webapp_image_tag}"
+ webapp_container_name = "webapp"
+
+ webapp_run_server_config = jsonencode({
+ runKeyserver = false
+ runWebApp = true
+ runLanding = false
+ })
+
+ webapp_landing_environment_vars = local.secrets["webappLandingEnvVars"]
+
+ webapp_landing_environment_vars_encoded = {
+ for key, value in local.webapp_landing_environment_vars : key => jsonencode(value)
+ }
+
+ stage_specific_environment_vars = (local.is_staging ?
+ local.secrets["webappLandingStagingEnvVars"] :
+ local.secrets["webappLandingProdEnvVars"])
+
+ stage_specific_environment_vars_encoded = {
+ for key, value in local.stage_specific_environment_vars : key => jsonencode(value)
+ }
+
+ webapp_environment_vars = merge(
+ local.webapp_landing_environment_vars_encoded,
+ local.stage_specific_environment_vars_encoded,
+ {
+ "COMM_LISTEN_ADDR" = "0.0.0.0",
+ "COMM_NODE_ROLE" = "webapp",
+ "COMM_JSONCONFIG_facts_run_server_config" = local.webapp_run_server_config
+ })
+}
+
+module "webapp_service" {
+ source = "../modules/node_service"
+
+ container_name = "webapp"
+ image = local.webapp_service_image
+ service_name = "webapp"
+ cluster_id = aws_ecs_cluster.comm_services.id
+ domain_name = local.is_staging ? "comm.software" : "web.comm.app"
+ vpc_id = aws_vpc.default.id
+ vpc_subnets = [aws_subnet.public_a.id, aws_subnet.public_b.id]
+ region = "us-east-2"
+ environment_vars = local.webapp_environment_vars
+ ecs_task_role_arn = aws_iam_role.ecs_task_role.arn
+ ecs_task_execution_role_arn = aws_iam_role.ecs_task_execution.arn
+}
+
+output "webapp_service_load_balancer_dns_name" {
+ value = module.webapp_service.service_load_balancer_dns_name
+}

File Metadata

Mime Type
text/plain
Expires
Tue, Dec 17, 10:09 PM (1 h, 40 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2671469
Default Alt Text
D12928.id43025.diff (17 KB)

Event Timeline