Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(do): initialise terraform for example #5

Merged
merged 11 commits into from
Dec 9, 2024
8 changes: 6 additions & 2 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,16 @@
name: ansible-lint
on:
pull_request:
branches: ["main"]
branches: ["devel", "master"]
jobs:
build:
# Apparently, variables do not have a context until actions are actually executed
# so we cannot make a matrix out of action versions.
# Thanks, Obama.
# See https://github.com/orgs/community/discussions/110550
name: Ansible Lint
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run ansible-lint
uses: ansible/ansible-lint@v6.22.2
uses: ansible/ansible-lint@v24.2.1
37 changes: 37 additions & 0 deletions examples/digital-ocean/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Local .terraform directories
**/.terraform/*

# .tfstate files
*.tfstate
*.tfstate.*

# Crash log files
crash.log
crash.*.log

# Exclude all .tfvars files, which are likely to contain sensitive data, such as
# password, private keys, and other secrets. These should not be part of version
# control as they are data points which are potentially sensitive and subject
# to change depending on the environment.
*.tfvars
*.tfvars.json

# Ignore override files as they are usually used to override resources locally and so
# are not checked in
override.tf
override.tf.json
*_override.tf
*_override.tf.json

# Include override files you do wish to add to version control using negated pattern
# !example_override.tf

# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
# example: *tfplan*

# Ignore CLI configuration files
.terraformrc
terraform.rc
# Ignore ssh keys
do
do.pub
26 changes: 26 additions & 0 deletions examples/digital-ocean/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

70 changes: 70 additions & 0 deletions examples/digital-ocean/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,70 @@
resource "digitalocean_vpc" "rciam" {
name = "rciam-${var.deployment_name}"
region = var.region
}

resource "digitalocean_database_cluster" "rciam" {
name = "rciam-db-${var.deployment_name}"
engine = "pg"
version = var.pg_version
region = var.region
node_count = 1
size = var.db_size
}

resource "digitalocean_database_user" "rciam" {
name = var.db_user
cluster_id = digitalocean_database_cluster.rciam.id
}

resource "digitalocean_database_db" "rciam" {
name = var.db_name
cluster_id = digitalocean_database_cluster.rciam.id
}

resource "digitalocean_ssh_key" "rciam" {
name = "value"
public_key = file("${path.module}/do.pub")
}

data "digitalocean_images" "ubuntu" {
filter {
key = "distribution"
values = ["Ubuntu"]
}
filter {
key = "regions"
values = ["ams3"]
}

sort {
key = "name"
direction = "desc"
}
}
resource "digitalocean_droplet" "keycloak" {
name = "keycloak-${var.deployment_name}"
vpc_uuid = digitalocean_vpc.rciam.id
size = "value"
ssh_keys = [digitalocean_ssh_key.rciam.id]
image = data.digitalocean_images.ubuntu.images[0].id
backups = false
monitoring = true
ipv6 = false
region = "ams3"
droplet_agent = true
}

resource "digitalocean_database_firewall" "keycloak" {
cluster_id = digitalocean_database_cluster.rciam.id
rule {
type = "droplet"
value = digitalocean_droplet.keycloak.id
}
}


# name: Configure PostgreSQL client authentication
# name: Configure PostgreSQL users
# name: Configure privileges of PostgreSQL users
# name: Configure PostgreSQL databases
12 changes: 12 additions & 0 deletions examples/digital-ocean/terraform.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
terraform {
required_version = "~> 1.7"
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "~> 2.36"
}
}
backend "local" {}
}

provider "digitalocean" {}
35 changes: 35 additions & 0 deletions examples/digital-ocean/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
variable "deployment_name" {
type = string
description = "Name of the deployment of this instance"
default = "default"
}

variable "region" {
type = string
description = "Name of the DigitalOcean region we are creating the VPC in"
default = "ams3"
}

variable "pg_version" {
type = string
description = "Postgres version of managed DB"
default = "11"
}

variable "db_size" {
type = string
description = "Instance size for PostgreSQL db."
default = "db-s-1-vcpu-1gb"
}

variable "db_user" {
type = string
description = "Username to connect to DB"
default = "postgres"
}

variable "db_name" {
type = string
description = "Name fo the PostGres database for RCIAM"
default = "rciam"
}