+ Simple example infrastructure built with Terraform

This should have literally everything you need to run a single command and get all infra components live and ready for app deployment.
2021-10-19 19:57:50 -07:00 · 2021-10-19 19:57:50 -07:00 · 9775ae9cb7
commit 9775ae9cb7
parent de51b9141d
8 changed files with 122 additions and 0 deletions
--- a/aws/infra/ebs.tf
+++ b/aws/infra/ebs.tf
@ -0,0 +1,8 @@
+resource "aws_ebs_volume" "app_volume" {
+  availability_zone = var.availability_zone
+  size = 20
+  type = "standard"
+  tags = {
+    Name = "APP Video block storage"
+  }
+}
--- a/aws/infra/ec2.tf
+++ b/aws/infra/ec2.tf
@ -0,0 +1,35 @@
+# This here module takes care of setting up the ec2 instances that our 
+# containers will bind to later on
+
+variable "aws_key" {}
+variable "aws_secret" {}
+variable "aws_region" {}
+variable "ami_id" {}
+variable "instance_type" {}
+variable "ssh_key_name" {}
+variable "public_key_path" {}
+variable "availability_zone" {}
+
+provider "aws" {
+  access_key = var.aws_key
+  secret_key = var.aws_secret
+  region = var.aws_region
+  max_retries = 1
+}
+
+resource "aws_key_pair" "sshkey" {
+	key_name = var.ssh_key_name
+	public_key = file(var.public_key_path)
+}
+
+resource "aws_instance" "app_instance" {
+  ami = var.ami_id
+  instance_type = var.instance_type
+
+  key_name = var.ssh_key_name
+  security_groups = [ aws_security_group.app_security_group.id ]
+	subnet_id = aws_subnet.app_public_subnet.id
+  tags = {
+    Name = "Clippable App Instance"
+  }
+}
--- a/aws/infra/eip.tf
+++ b/aws/infra/eip.tf
@ -0,0 +1,7 @@
+resource "aws_eip" "app_eip" {
+  instance = aws_instance.app_instance.id
+  vpc = true
+  tags = {
+    Name = "Clippable EIP"
+  }
+}
--- a/aws/infra/gateway.tf
+++ b/aws/infra/gateway.tf
@ -0,0 +1,6 @@
+resource "aws_internet_gateway" "app_gateway" {
+  vpc_id = aws_vpc.app_vpc.id
+  tags = {
+    Name = "Clippable app internet gateway"
+  }
+}
--- a/aws/infra/route-table.tf
+++ b/aws/infra/route-table.tf
@ -0,0 +1,12 @@
+resource "aws_route_table" "app_route_table" {
+  vpc_id = aws_vpc.app_vpc.id
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.app_gateway.id
+  }
+}
+
+resource "aws_route_table_association"  "app_subnet_assoc" {
+	subnet_id = aws_subnet.app_public_subnet.id
+	route_table_id = aws_route_table.app_route_table.id
+}
--- a/aws/infra/security-group.tf
+++ b/aws/infra/security-group.tf
@ -0,0 +1,39 @@
+resource "aws_security_group" "app_security_group" {
+  name = "App sec group"
+  description = "Allowing SSH and web traffic"
+  vpc_id = aws_vpc.app_vpc.id
+
+  ingress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 443
+    to_port = 443
+    protocol = "tcp"
+  }
+  ingress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 80
+    to_port = 80
+    protocol = "tcp"
+  }
+  ingress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 22
+    to_port = 22
+    protocol = "tcp"
+  }
+
+  # These are so that we can update the system regularly using apt and sometimes
+  # with tarballs if we're updating something from source
+  egress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 443
+    to_port = 443
+    protocol = "tcp"
+  }
+  egress {
+    cidr_blocks = ["0.0.0.0/0"]
+    from_port = 80
+    to_port = 80
+    protocol = "tcp"
+  }
+}
--- a/aws/infra/subnet.tf
+++ b/aws/infra/subnet.tf
@ -0,0 +1,5 @@
+resource "aws_subnet" "app_public_subnet" {
+  vpc_id = aws_vpc.app_vpc.id
+  cidr_block = "10.0.0.128/26"
+  availability_zone = var.availability_zone
+}
--- a/aws/infra/vpc.tf
+++ b/aws/infra/vpc.tf
@ -0,0 +1,10 @@
+
+resource "aws_vpc" "app_vpc" {
+  cidr_block = "10.0.0.128/26"
+  enable_dns_support = true
+  enable_dns_hostnames = true
+
+  tags = {
+    Name = "Clippable APP VPC"
+  }
+}