-
Notifications
You must be signed in to change notification settings - Fork 0
/
terraform.tf
146 lines (131 loc) · 4.05 KB
/
terraform.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# @todo sync aws_region variable with packer .json
# @todo sync instance_type variable with packer .json
# @todo sync instance_name variable with packer .json
variable "aws_region" {
description = "The AWS region"
type = string
default = "us-east-2"
}
variable "instance_type" {
type = string
default = "t3a.large"
}
variable "security_group_name" {
description = "The name of the associated resource as will be displayed on AWS"
type = string
default = "aws_sec_grp_incoming_custom_and_ssh-linux-docker"
}
variable "instance_name" {
description = "The name of the instance as will be displayed on AWS"
type = string
default = "awslinux-dockerce-jenkins-sonarqube_1"
}
variable "server_port" {
description = "The port the jenkins server will use for HTTP requests"
type = number
default = 8080
}
variable "sonarqube_port" {
description = "The port the sonarqube server will use for HTTP requests"
type = number
default = 9000
}
provider "aws" {
# profile refers to the user profile we are using to connect to AWS
# It is available after installing AWS CLI and running command aws configure
profile = "default"
region = var.aws_region
}
resource "aws_security_group" "security_group_1" {
name = var.security_group_name
description = "security group that allows all egress traffic, ingress for ssh 22 and tcp 8080, 9000"
# Terraform removes the default rule
egress {
description = "All outgoing to anywhere"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Allow SSH"
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Allow tcp jenkins port"
from_port = var.server_port
to_port = var.server_port
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Allow tcp sonarqube port"
from_port = var.sonarqube_port
to_port = var.sonarqube_port
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Allow http"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
description = "Allow tls (https) from anywhere"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
tags = {
# The actual name that will be displayed on AWS
Name = var.security_group_name
Tool = "Terraform"
Author = "ChinomsoIkwuagwu"
}
}
# name refers to ami_name in packer .json file
# Which should have been created by packer before applying this config
data "aws_ami" "ami_1" {
most_recent = true
owners = ["self"]
filter {
name = "name"
values = ["awslinux-dockerce-jenkins-sonarqube*"]
}
}
resource "aws_instance" "instance_1" {
ami = data.aws_ami.ami_1.id
instance_type = var.instance_type
vpc_security_group_ids = [aws_security_group.security_group_1.id]
user_data = file("user-data.txt")
tags = {
# The actual name that will be displayed on AWS
Name = var.instance_name
Tool = "Terraform"
OS_version = "amazon linux 2"
Author = "ChinomsoIkwuagwu"
}
}
resource "aws_eip" "ip" {
vpc = true
instance = aws_instance.instance_1.id
}
/**
* Output variables show up in the console after you run terraform apply
* command. Users of the terraform code may find this usesful. For example,
* in this case after deploying a web server, we need an ip address to
* use in accessing that server
*/
output "Public_ip" {
value = aws_instance.instance_1.public_ip
description = "The public IP of the web server"
}
output "Jenkins_security_group_ID" {
value = aws_security_group.security_group_1.id
}