Merge pull request #22 from WanderaOrg/no_cert

Add a condition for rancher elb cert to be passed in from outside the…

aws/cert.tf

@@ -1,13 +1,16 @@
 resource "tls_private_key" "private_key" {
+  count = "${var.rancher_create_cert ? 1 : 0}"
   algorithm = "RSA"
 }
 
 resource "acme_registration" "reg" {
+  count = "${var.rancher_create_cert ? 1 : 0}"
   account_key_pem = "${tls_private_key.private_key.private_key_pem}"
   email_address   = "${var.acme_registration_email}"
 }
 
 resource "acme_certificate" "certificate" {
+  count = "${var.rancher_create_cert ? 1 : 0}"
   account_key_pem = "${acme_registration.reg.account_key_pem}"
   common_name     = "${var.domain_name}"
 
@@ -17,6 +20,7 @@ resource "acme_certificate" "certificate" {
 }
 
 resource "aws_iam_server_certificate" "rancher_elb_cert" {
+  count = "${var.rancher_create_cert ? 1 : 0}"
   name_prefix       = "rancher-cert-"
   certificate_body  = "${acme_certificate.certificate.certificate_pem}"
   certificate_chain = "${acme_certificate.certificate.issuer_pem}"

aws/load-balancer.tf

@@ -35,7 +35,7 @@ resource "aws_lb_listener" "rancher_https" {
   port              = "443"
   protocol          = "HTTPS"
   ssl_policy        = "ELBSecurityPolicy-2016-08"
-  certificate_arn   = "${aws_iam_server_certificate.rancher_elb_cert.arn}"
+  certificate_arn   = "${var.rancher_create_cert ? join("",aws_iam_server_certificate.rancher_elb_cert.*.arn) : var.rancher_elb_cert_arn}"
 
   default_action {
     type             = "forward"

aws/variables.tf

@@ -75,6 +75,16 @@ variable "rancher_storage_volume_size" {
   default = 20
 }
 
+variable "rancher_create_cert" {
+  description = "set to false if rancher elb cert is created outside the module"
+  default = true
+}
+
+variable "rancher_elb_cert_arn" {
+ description = "rancher elb cert to be passed in from outside the module"
+ default = ""
+}
+
 variable "node_exporter_version" {
   default = "0.16.0"
 }