use a static ip for the vpn server instead of a floating one

madetech · Jul 24, 2019 · ac2c226 · ac2c226
1 parent 43e5d2d
commit ac2c226
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 14 deletions.
diff --git a/main.tf b/main.tf
@@ -87,11 +87,14 @@ locals {
       foxpass_api_key = var.foxpass_api_key,
       //      require_groups = ["vpn"]
   })
+  private_ip = "172.17.0.81"
 }
 
 resource "aws_instance" "foxpass_vpn" {
   tags = module.vpn_label.tags
 
+  private_ip = local.private_ip
+
   associate_public_ip_address = true
   vpc_security_group_ids      = [aws_security_group.vpn_traffic.id]
   subnet_id                   = aws_subnet.public.id
@@ -117,3 +120,11 @@ EOF
     create_before_destroy = true
   }
 }
+
+resource "aws_eip" "static_ip" {
+  vpc = true
+
+  instance = aws_instance.foxpass_vpn.id
+  depends_on = ["aws_internet_gateway.gw"]
+  associate_with_private_ip = local.private_ip
+}
diff --git a/network.tf b/network.tf
@@ -29,17 +29,3 @@ resource "aws_route" "internet_access" {
   destination_cidr_block = "0.0.0.0/0"
   gateway_id             = aws_internet_gateway.gw.id
 }
-
-resource "aws_eip" "gw" {
-  vpc        = true
-  depends_on = ["aws_internet_gateway.gw"]
-
-  tags = module.vpn_label.tags
-}
-
-resource "aws_nat_gateway" "gw" {
-  subnet_id     = aws_subnet.public.id
-  allocation_id = aws_eip.gw.id
-
-  tags = module.vpn_label.tags
-}