Page Menu
Home
Phabricator
Search
Configure Global Search
Log In
Files
F3527087
D12339.diff
No One
Temporary
Actions
View File
Edit File
Delete File
View Transforms
Subscribe
Mute Notifications
Award Token
Flag For Later
Size
5 KB
Referenced Files
None
Subscribers
None
D12339.diff
View Options
diff --git a/services/terraform/self-host/aws_db.tf b/services/terraform/self-host/aws_db.tf
--- a/services/terraform/self-host/aws_db.tf
+++ b/services/terraform/self-host/aws_db.tf
@@ -2,7 +2,7 @@
resource "aws_security_group" "keyserver_mariadb_security_group" {
name = "keyserver-mariadb-sg"
description = "Allow inbound traffic on port 3307 and all outbound traffic"
- vpc_id = aws_vpc.default.id
+ vpc_id = local.vpc_id
# Inbound rules
ingress {
@@ -21,7 +21,6 @@
}
}
-
# MariaDB RDS Instance
resource "aws_db_instance" "mariadb" {
allocated_storage = 100
diff --git a/services/terraform/self-host/aws_vpc.tf b/services/terraform/self-host/aws_vpc.tf
--- a/services/terraform/self-host/aws_vpc.tf
+++ b/services/terraform/self-host/aws_vpc.tf
@@ -1,54 +1,78 @@
-# VPC
+# Default VPC Data
+
+data "aws_vpc" "default" {
+ default = true
+}
+
+data "aws_subnets" "default" {
+ filter {
+ name = "vpc-id"
+ values = [data.aws_vpc.default.id]
+ }
+}
+
+data "aws_internet_gateway" "default" {
+ filter {
+ name = "attachment.vpc-id"
+ values = [data.aws_vpc.default.id]
+ }
+}
+
+
+# User Created VPC
resource "aws_vpc" "default" {
+ count = var.user_created_vpc ? 1 : 0
cidr_block = "172.31.0.0/16"
enable_dns_support = true
enable_dns_hostnames = true
}
-# Public Subnets
resource "aws_subnet" "public_1" {
- vpc_id = aws_vpc.default.id
+ count = var.user_created_vpc ? 1 : 0
+ vpc_id = aws_vpc.default[0].id
cidr_block = "172.31.0.0/20"
availability_zone = var.availability_zone_1
map_public_ip_on_launch = true
}
resource "aws_subnet" "public_2" {
- vpc_id = aws_vpc.default.id
+ count = var.user_created_vpc ? 1 : 0
+ vpc_id = aws_vpc.default[0].id
cidr_block = "172.31.16.0/20"
availability_zone = var.availability_zone_2
map_public_ip_on_launch = true
}
-# Internet Gateway
+
resource "aws_internet_gateway" "default" {
- vpc_id = aws_vpc.default.id
+ count = var.user_created_vpc ? 1 : 0
+ vpc_id = aws_vpc.default[0].id
}
# Route Table for Internet Gateway
resource "aws_route_table" "public_igw_route_table" {
- vpc_id = aws_vpc.default.id
+ vpc_id = local.vpc_id
route {
- cidr_block = "${var.allowed_ip}/32"
- gateway_id = aws_internet_gateway.default.id
+ cidr_block = "0.0.0.0/0"
+ gateway_id = var.user_created_vpc ? aws_internet_gateway.default[0].id : data.aws_internet_gateway.default.id
}
}
resource "aws_route_table_association" "public_1_igw_route_association" {
- subnet_id = aws_subnet.public_1.id
+ subnet_id = local.vpc_subnets[0]
route_table_id = aws_route_table.public_igw_route_table.id
}
resource "aws_route_table_association" "public_2_igw_route_association" {
- subnet_id = aws_subnet.public_2.id
+ subnet_id = local.vpc_subnets[1]
route_table_id = aws_route_table.public_igw_route_table.id
}
# DB Subnet Group
resource "aws_db_subnet_group" "public_db_subnet_group" {
name = "public-db-subnet-group"
- subnet_ids = [aws_subnet.public_1.id, aws_subnet.public_2.id]
+ subnet_ids = local.vpc_subnets
tags = {
Name = "DB subnet group associated with private vpc subnet"
diff --git a/services/terraform/self-host/main.tf b/services/terraform/self-host/main.tf
--- a/services/terraform/self-host/main.tf
+++ b/services/terraform/self-host/main.tf
@@ -1,3 +1,8 @@
+locals {
+ vpc_id = var.user_created_vpc ? aws_vpc.default[0].id : data.aws_vpc.default.id
+ vpc_subnets = var.user_created_vpc ? [aws_subnet.public_1[0].id, aws_subnet.public_2[0].id] : [data.aws_subnets.default.ids[0], data.aws_subnets.default.ids[1]]
+}
+
provider "aws" {
region = var.region
diff --git a/services/terraform/self-host/terraform.tfvars.example b/services/terraform/self-host/terraform.tfvars.example
--- a/services/terraform/self-host/terraform.tfvars.example
+++ b/services/terraform/self-host/terraform.tfvars.example
@@ -1,6 +1,4 @@
mariadb_username = "username"
mariadb_password = "password"
region = "us-west-1"
-availability_zone_1 = "us-west-1b"
-availability_zone_2 = "us-west-1c"
allowed_ip = "0.0.0.0"
diff --git a/services/terraform/self-host/variables.tf b/services/terraform/self-host/variables.tf
--- a/services/terraform/self-host/variables.tf
+++ b/services/terraform/self-host/variables.tf
@@ -21,14 +21,20 @@
type = string
}
+variable "user_created_vpc" {
+ description = "Use non-default vpc and subnets"
+ type = bool
+ default = false
+}
+
variable "availability_zone_1" {
- description = "First availability zone for vpc subnet"
+ description = "First availability zone for vpc subnet if user created vpc"
type = string
default = "us-west-1b"
}
variable "availability_zone_2" {
- description = "Second availability zone for vpc subnet"
+ description = "Second availability zone for vpc subnet if user created vpc"
type = string
default = "us-west-1c"
}
File Metadata
Details
Attached
Mime Type
text/plain
Expires
Wed, Dec 25, 3:46 AM (6 h, 26 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2701449
Default Alt Text
D12339.diff (5 KB)
Attached To
Mode
D12339: [terraform] Use default vpc, subnets, and internet gateway for self-host
Attached
Detach File
Event Timeline
Log In to Comment