Base configuration for a small host to hold all the website file stuff

infra/static-vultr/backend.tf

@@ -0,0 +1,34 @@
+terraform {
+  required_version = ">= 0.13"
+  backend s3 {
+    bucket  = "project-athens"
+    key     = "infra/vultr/static-hosts/state/build.tfstate"
+    region  = "us-west-1"
+    encrypt = true
+  }
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+    vultr = {
+      source = "vultr/vultr"
+      version = "2.19.0"
+    }
+  }
+}
+
+provider vultr {
+  api_key     = var.vultr_api_key
+  rate_limit  = 100
+  retry_limit = 3
+}
+
+provider aws {
+  access_key  = var.aws_key
+  secret_key  = var.aws_secret
+  region      = var.aws_region
+  max_retries = 1
+}
+
+

infra/static-vultr/firewall.tf

@@ -0,0 +1,25 @@
+resource vultr_firewall_group host {
+  description = "Static host firewall"
+}
+
+resource vultr_firewall_rule web_v4 {
+  for_each = toset(["80", "443"])
+  firewall_group_id = vultr_firewall_group.host.id
+  protocol    = "tcp"
+  ip_type     = "v4"
+  subnet      = "0.0.0.0"
+  subnet_size = 0
+  port        = each.value
+}
+
+resource vultr_firewall_rule ssh_v4 {
+  count = var.enable_ssh ? 1 : 0
+  firewall_group_id = vultr_firewall_group.host.id
+  protocol = "tcp"
+  ip_type  = "v4"
+  subnet   = "0.0.0.0"
+  subnet_size = 0
+  port     = "22"
+}
+
+

infra/static-vultr/generic.tfvars

@@ -0,0 +1,14 @@
+host = {
+  plan   = "vc2-1c-2gb"
+  region = "lax"
+  os     = 1743
+  name   = "project-athens-static-host"
+  backups = {
+    day  = 2  # Monday
+    hour = 7 # midnight
+  }
+}
+
+enable_ssh = true
+
+

infra/static-vultr/host.tf

@@ -0,0 +1,19 @@
+# Using a single host for this as I'm just looking for a quick and dirty solution
+# to host basically everything for now
+
+resource "vultr_instance" "websites" {
+  # Core configuration
+  plan    = var.host.plan
+  region  = var.host.region
+  os_id   = var.host.os
+  enable_ipv6 = true
+
+
+  # Enable backups for now since we're getting off of s3 as well at some point
+  backups = "enabled"
+  backups_schedule {
+    type = "weekly"
+    dow  = var.host.backups.day
+    hour = var.host.backups.hour
+  }
+}

infra/static-vultr/ssh.tf

@@ -0,0 +1,9 @@
+resource tls_private_key host {
+  algorithm = "RSA"
+  rsa_bits  = 4096
+}
+
+resource vultr_ssh_key host {
+  name = "static_ssh_key"
+  ssh_key = tls_private_key.host.public_key_pem
+}

infra/static-vultr/variables.tf

@@ -0,0 +1,45 @@
+# API Keys required to reach AWS/Vultr
+variable vultr_api_key {
+  type = string
+  sensitive = true
+}
+
+variable aws_key {
+  type = string
+  sensitive = true
+}
+
+variable aws_secret {
+  type = string
+  sensitive = true
+}
+
+variable aws_region {
+  type = string
+  sensitive = true
+}
+
+################### ################### ###################
+
+# Host configuration options
+variable host {
+  type = object({
+    plan   = string
+    region = string
+    os     = string
+    name   = string
+    backups = object({
+      hour = number # hour of the day
+      day = number  # 1 = sunday, 7 = saturday
+    })
+  })
+}
+
+variable enable_ssh {
+  type    = bool
+  default = false
+}
+
+
+
+