From 9775ae9cb74b81ad33abcb196d6226d34ca4fec1 Mon Sep 17 00:00:00 2001
From: shockrah <alejandros714@protonmail.com>
Date: Tue, 19 Oct 2021 19:57:50 -0700
Subject: [PATCH] + Simple example infrastructure built with Terraform This
 should have literally everything you need to run a single command and get all
 infra components live and ready for app deployment.

---
 aws/infra/ebs.tf            |  8 ++++++++
 aws/infra/ec2.tf            | 35 +++++++++++++++++++++++++++++++++
 aws/infra/eip.tf            |  7 +++++++
 aws/infra/gateway.tf        |  6 ++++++
 aws/infra/route-table.tf    | 12 ++++++++++++
 aws/infra/security-group.tf | 39 +++++++++++++++++++++++++++++++++++++
 aws/infra/subnet.tf         |  5 +++++
 aws/infra/vpc.tf            | 10 ++++++++++
 8 files changed, 122 insertions(+)
 create mode 100644 aws/infra/ebs.tf
 create mode 100644 aws/infra/ec2.tf
 create mode 100644 aws/infra/eip.tf
 create mode 100644 aws/infra/gateway.tf
 create mode 100644 aws/infra/route-table.tf
 create mode 100644 aws/infra/security-group.tf
 create mode 100644 aws/infra/subnet.tf
 create mode 100644 aws/infra/vpc.tf

diff --git a/aws/infra/ebs.tf b/aws/infra/ebs.tf
new file mode 100644
index 0000000..eea0061
--- /dev/null
+++ b/aws/infra/ebs.tf
@@ -0,0 +1,8 @@
+resource "aws_ebs_volume" "app_volume" {
+  availability_zone = var.availability_zone
+  size = 20
+  type = "standard"
+  tags = {
+    Name = "APP Video block storage"
+  }
+}
diff --git a/aws/infra/ec2.tf b/aws/infra/ec2.tf
new file mode 100644
index 0000000..b857017
--- /dev/null
+++ b/aws/infra/ec2.tf
@@ -0,0 +1,35 @@
+# This here module takes care of setting up the ec2 instances that our 
+# containers will bind to later on
+
+variable "aws_key" {}
+variable "aws_secret" {}
+variable "aws_region" {}
+variable "ami_id" {}
+variable "instance_type" {}
+variable "ssh_key_name" {}
+variable "public_key_path" {}
+variable "availability_zone" {}
+
+provider "aws" {
+  access_key = var.aws_key
+  secret_key = var.aws_secret
+  region = var.aws_region
+  max_retries = 1
+}
+
+resource "aws_key_pair" "sshkey" {
+	key_name = var.ssh_key_name
+	public_key = file(var.public_key_path)
+}
+
+resource "aws_instance" "app_instance" {
+  ami = var.ami_id
+  instance_type = var.instance_type
+
+  key_name = var.ssh_key_name
+  security_groups = [ aws_security_group.app_security_group.id ]
+	subnet_id = aws_subnet.app_public_subnet.id
+  tags = {
+    Name = "Clippable App Instance"
+  }
+}
diff --git a/aws/infra/eip.tf b/aws/infra/eip.tf
new file mode 100644
index 0000000..172fd8a
--- /dev/null
+++ b/aws/infra/eip.tf
@@ -0,0 +1,7 @@
+resource "aws_eip" "app_eip" {
+  instance = aws_instance.app_instance.id
+  vpc = true
+  tags = {
+    Name = "Clippable EIP"
+  }
+}
diff --git a/aws/infra/gateway.tf b/aws/infra/gateway.tf
new file mode 100644
index 0000000..616c69c
--- /dev/null
+++ b/aws/infra/gateway.tf
@@ -0,0 +1,6 @@
+resource "aws_internet_gateway" "app_gateway" {
+  vpc_id = aws_vpc.app_vpc.id
+  tags = {
+    Name = "Clippable app internet gateway"
+  }
+}
diff --git a/aws/infra/route-table.tf b/aws/infra/route-table.tf
new file mode 100644
index 0000000..1b61b4b
--- /dev/null
+++ b/aws/infra/route-table.tf
@@ -0,0 +1,12 @@
+resource "aws_route_table" "app_route_table" {
+  vpc_id = aws_vpc.app_vpc.id
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.app_gateway.id
+  }
+}
+
+resource "aws_route_table_association"  "app_subnet_assoc" {
+	subnet_id = aws_subnet.app_public_subnet.id
+	route_table_id = aws_route_table.app_route_table.id
+}
diff --git a/aws/infra/security-group.tf b/aws/infra/security-group.tf
new file mode 100644
index 0000000..10677cd
--- /dev/null
+++ b/aws/infra/security-group.tf
@@ -0,0 +1,39 @@
+resource "aws_security_group" "app_security_group" {
+  name = "App sec group"
+  description = "Allowing SSH and web traffic"
+  vpc_id = aws_vpc.app_vpc.id
+
+  ingress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 443
+    to_port = 443
+    protocol = "tcp"
+  }
+  ingress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 80
+    to_port = 80
+    protocol = "tcp"
+  }
+  ingress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 22
+    to_port = 22
+    protocol = "tcp"
+  }
+
+  # These are so that we can update the system regularly using apt and sometimes
+  # with tarballs if we're updating something from source
+  egress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 443
+    to_port = 443
+    protocol = "tcp"
+  }
+  egress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 80
+    to_port = 80
+    protocol = "tcp"
+  }
+}
diff --git a/aws/infra/subnet.tf b/aws/infra/subnet.tf
new file mode 100644
index 0000000..e8f9575
--- /dev/null
+++ b/aws/infra/subnet.tf
@@ -0,0 +1,5 @@
+resource "aws_subnet" "app_public_subnet" {
+  vpc_id = aws_vpc.app_vpc.id
+  cidr_block = "10.0.0.128/26"
+  availability_zone = var.availability_zone
+}
diff --git a/aws/infra/vpc.tf b/aws/infra/vpc.tf
new file mode 100644
index 0000000..4326f78
--- /dev/null
+++ b/aws/infra/vpc.tf
@@ -0,0 +1,10 @@
+
+resource "aws_vpc" "app_vpc" {
+  cidr_block = "10.0.0.128/26"
+  enable_dns_support = true
+  enable_dns_hostnames = true
+
+  tags = {
+    Name = "Clippable APP VPC"
+  }
+}