diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..dc82526 --- /dev/null +++ b/.gitignore @@ -0,0 +1,34 @@ +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log +crash.*.log + +# Exclude all .tfvars files, which are likely to contain sensitive data, such as +# password, private keys, and other secrets. These should not be part of version +# control as they are data points which are potentially sensitive and subject +# to change depending on the environment. +*.tfvars +*.tfvars.json + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# Ignore CLI configuration files +.terraformrc +terraform.rc \ No newline at end of file diff --git a/aws_ebs/main.tf b/aws_ebs/main.tf index 3ae55f8..e9ca13c 100644 --- a/aws_ebs/main.tf +++ b/aws_ebs/main.tf @@ -2,5 +2,17 @@ resource "aws_ebs_volume" "this" { availability_zone = var.azs size = var.size type = var.type - tags = var.common_tags + + tags = { + Name = "${var.project_name}-${var.env}-${var.instance_name}-ebs" + Project = var.project_name + Environment = var.env + Terraform = true + } +} + +resource "aws_volume_attachment" "ebs_att" { + device_name = var.device_path + volume_id = aws_ebs_volume.this.id + instance_id = var.instance_id } diff --git a/aws_ebs/outputs.tf b/aws_ebs/outputs.tf index 968b8c3..1577791 100644 --- a/aws_ebs/outputs.tf +++ b/aws_ebs/outputs.tf @@ -1,4 +1,4 @@ output "storage_id" { - description = "Storege ID" - value = aws_ebs_volume.this.id + description = "Storege ID" + value = aws_ebs_volume.this.id } diff --git a/aws_ebs/variables.tf b/aws_ebs/variables.tf index 8a18956..74ef0c1 100644 --- a/aws_ebs/variables.tf +++ b/aws_ebs/variables.tf @@ -1,28 +1,42 @@ variable "azs" { - description = "Availability Zones list" - default = "" + description = "Availability Zones list" + type = string +} + +variable "env" { + description = "Name of env" + type = string +} + +variable "project_name" { + description = "Name of project" + type = string + validation { + condition = length(var.project_name) > 3 + error_message = "The project_name value must be set and more than 3 symbols." + } +} + +variable "instance_name" { + description = "Name of project" + type = string } variable "type" { - description = "Type of storage" + description = "Type of storage" } variable "size" { - description = "Storage size" + description = "Storage size" + type = string } -variable "proj_name" { - description = "Name of project" +variable "instance_id" { + description = "Instance id for attach volume" type = string - default = "" } -variable "common_tags" { - description = "Common tags to apply resourses" - type = map(any) - default = { - Name = "" - Project = "" - Environment = "" - } -} \ No newline at end of file +variable "device_path" { + description = "Device path" + type = string +} diff --git a/aws_instance/data.tf b/aws_instance/data.tf deleted file mode 100644 index 5038309..0000000 --- a/aws_instance/data.tf +++ /dev/null @@ -1,12 +0,0 @@ -# data "aws_ami" "ubuntu_server" { -# most_recent = true -# owners = ["099720109477"] # Canonical -# filter { -# name = "name" -# values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] -# } -# filter { -# name = "virtualization-type" -# values = ["hvm"] -# } -# } diff --git a/aws_instance/main.tf b/aws_instance/main.tf index a4ade22..22e4742 100644 --- a/aws_instance/main.tf +++ b/aws_instance/main.tf @@ -16,16 +16,22 @@ resource "aws_instance" "this" { volume_type = var.root_volume_type } - tags = merge(var.instance_tags, { - Name = var.instance_name - }) + tags = { + Name = "${var.project_name}-${var.env}-${var.instance_name}" + Project = var.project_name, + Environment = var.env + Terraform = true + } } resource "aws_eip" "this" { instance = aws_instance.this.id domain = "vpc" - tags = merge(var.instance_tags, { - Name = "${var.instance_name}-EIP" - }) + tags = { + Name = "${var.instance_name}-EIP" + Project = var.project_name, + Environment = var.env + Terraform = true + } } diff --git a/aws_instance/outputs.tf b/aws_instance/outputs.tf index dd542b2..32a42cd 100644 --- a/aws_instance/outputs.tf +++ b/aws_instance/outputs.tf @@ -8,11 +8,6 @@ output "instance_public_ip" { value = aws_instance.this.public_ip } -output "instance_public_url" { - description = "Public URL address of EC2 instance" - value = aws_instance.this.public_dns -} - output "elastic_ip" { description = "Elastic IP for instance" value = aws_eip.this.public_ip diff --git a/aws_instance/sg.tf b/aws_instance/sg.tf index 13c76f4..7125a32 100644 --- a/aws_instance/sg.tf +++ b/aws_instance/sg.tf @@ -1,7 +1,14 @@ resource "aws_security_group" "this" { - name = "${var.instance_name}-sg" - description = "Security Group for instance" - vpc_id = var.vpc_id + # description = "Security Group for instance" + name = "${var.project_name}-${var.env}-${var.instance_name}" + vpc_id = var.vpc_id + + tags = { + Name = "${var.project_name}-${var.env}-sg" + Project = var.project_name, + Environment = var.env + Terraform = true + } } resource "aws_security_group_rule" "access_tcp_from_internet" { diff --git a/aws_instance/variables.tf b/aws_instance/variables.tf index c2951c2..64b4207 100644 --- a/aws_instance/variables.tf +++ b/aws_instance/variables.tf @@ -1,11 +1,10 @@ variable "region" { - default = "" + default = "eu-central-1" } variable "azs" { - type = string description = "Availability Zones list" - default = "" + type = string } variable "ssh_key" { @@ -21,13 +20,15 @@ variable "ami" { variable "instance_name" { description = "My instance's name" type = string - default = "" } variable "instance_type" { description = "My instance's type" type = string - default = "" + validation { + condition = length(var.instance_type) > 0 + error_message = "The project_name value must be." + } } variable "root_block_size" { @@ -39,7 +40,7 @@ variable "root_block_size" { variable "root_volume_type" { description = "Storage type" type = string - default = "gp2" + default = "gp3" } variable "instance_profile" { @@ -49,10 +50,12 @@ variable "instance_profile" { variable "vpc_id" { description = "VPC for instance" + type = string } variable "cidr_vpc" { description = "VPC_cidr_block" + type = string } variable "subnet_id" { @@ -61,55 +64,47 @@ variable "subnet_id" { variable "allow_tcp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "allow_udp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "start_tcp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "end_tcp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "start_udp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "end_udp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "project_name" { description = "Project name" - default = "" + validation { + condition = length(var.project_name) > 3 + error_message = "The project_name value must be set and more than 3 symbols." + } } -variable "user_data" { - description = "User data for instance" +variable "env" { + description = "env" + type = string } -variable "instance_tags" { - description = "Common tags to apply resourses" - type = map(any) - default = { - Name = "" - Project = "" - Environment = "" - } +variable "user_data" { + description = "User data for instance" } diff --git a/aws_instance_without_eip/data.tf b/aws_instance_without_eip/data.tf deleted file mode 100644 index 5038309..0000000 --- a/aws_instance_without_eip/data.tf +++ /dev/null @@ -1,12 +0,0 @@ -# data "aws_ami" "ubuntu_server" { -# most_recent = true -# owners = ["099720109477"] # Canonical -# filter { -# name = "name" -# values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] -# } -# filter { -# name = "virtualization-type" -# values = ["hvm"] -# } -# } diff --git a/aws_instance_without_eip/main.tf b/aws_instance_without_eip/main.tf index 843a8c5..8651d76 100644 --- a/aws_instance_without_eip/main.tf +++ b/aws_instance_without_eip/main.tf @@ -5,13 +5,21 @@ resource "aws_instance" "this" { vpc_security_group_ids = [aws_security_group.this.id] subnet_id = var.subnet_id key_name = var.ssh_key + user_data = var.user_data + + lifecycle { + ignore_changes = [user_data] + } root_block_device { volume_size = var.root_block_size volume_type = var.root_volume_type } - tags = merge(var.instance_tags, { - Name = var.instance_name - }) -} \ No newline at end of file + tags = { + Name = "${var.project_name}-${var.env}-${var.instance_name}" + Project = var.project_name, + Environment = var.env + Terraform = true + } +} diff --git a/aws_instance_without_eip/sg.tf b/aws_instance_without_eip/sg.tf index 13c76f4..e78b3d6 100644 --- a/aws_instance_without_eip/sg.tf +++ b/aws_instance_without_eip/sg.tf @@ -1,7 +1,7 @@ resource "aws_security_group" "this" { - name = "${var.instance_name}-sg" - description = "Security Group for instance" - vpc_id = var.vpc_id + # description = "Security Group for instance" + name = "${var.project_name}-${var.env}-${var.instance_name}" + vpc_id = var.vpc_id } resource "aws_security_group_rule" "access_tcp_from_internet" { diff --git a/aws_instance_without_eip/variables.tf b/aws_instance_without_eip/variables.tf index c0c72a3..abccdb0 100644 --- a/aws_instance_without_eip/variables.tf +++ b/aws_instance_without_eip/variables.tf @@ -1,11 +1,12 @@ variable "region" { - default = "" + description = "AWS Region" + type = string + default = "eu-central-1" } variable "azs" { type = string description = "Availability Zones list" - default = "" } variable "ssh_key" { @@ -21,13 +22,15 @@ variable "ami" { variable "instance_name" { description = "My instance's name" type = string - default = "Blaize_Host" } variable "instance_type" { description = "My instance's type" type = string - default = "" + validation { + condition = length(var.instance_type) > 0 + error_message = "The project_name value must be." + } } variable "root_block_size" { @@ -39,7 +42,7 @@ variable "root_block_size" { variable "root_volume_type" { description = "Storage type" type = string - default = "gp2" + default = "gp3" } variable "instance_profile" { @@ -49,63 +52,63 @@ variable "instance_profile" { variable "vpc_id" { description = "VPC for instance" + type = string } variable "cidr_vpc" { description = "VPC_cidr_block" + type = string } variable "subnet_id" { description = "Subnet ID for instance" + type = string } variable "allow_tcp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "allow_udp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "start_tcp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "end_tcp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "start_udp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "end_udp_ports" { description = "List of ports to open for server" - type = list(any) - default = [] + type = list(string) } variable "project_name" { description = "Project name" - default = "" + type = string + validation { + condition = length(var.project_name) > 3 + error_message = "The project_name value must be set and more than 3 symbols." + } } -variable "instance_tags" { - description = "Common tags to apply resourses" - type = map(any) - default = { - Name = "" - Project = "" - Environment = "" - } +variable "env" { + description = "env" + type = string +} + +variable "user_data" { + description = "User data for instance" } diff --git a/aws_rds/main.tf b/aws_rds/main.tf new file mode 100644 index 0000000..9ee45ec --- /dev/null +++ b/aws_rds/main.tf @@ -0,0 +1,42 @@ +resource "aws_db_instance" "main" { + skip_final_snapshot = var.skip_final_snapshot + publicly_accessible = var.publicly_accessible + apply_immediately = var.apply_immediately + multi_az = var.multi_az + storage_type = var.storage_type + allocated_storage = var.allocated_storage + max_allocated_storage = var.max_allocated_storage + db_name = var.db_name + engine = var.engine + engine_version = var.engine_version + instance_class = var.instance_class + username = var.username + password = var.password + parameter_group_name = var.parameter_group_name + monitoring_interval = var.monitoring_interval + backup_retention_period = var.backup_retention_period + deletion_protection = var.deletion_protection + allow_major_version_upgrade = var.allow_major_version_upgrade + db_subnet_group_name = aws_db_subnet_group.main.name + identifier = "${var.project_name}-${var.env}-db" + vpc_security_group_ids = [aws_security_group.this.id] + + tags = { + Name = "${var.project_name}-${var.env}-db" + Project = var.project_name + Environment = var.env + Terraform = true + } +} + +resource "aws_db_subnet_group" "main" { + name = "${var.project_name}-${var.env}-db-subnet" + subnet_ids = var.subnet_ids + + tags = { + Name = "${var.project_name}-${var.env}-db-subnet" + Project = var.project_name + Environment = var.env + Terraform = true + } +} diff --git a/aws_rds/outputs.tf b/aws_rds/outputs.tf new file mode 100644 index 0000000..2df6b22 --- /dev/null +++ b/aws_rds/outputs.tf @@ -0,0 +1,4 @@ +output "rds_endpoint" { + description = "Endpoint of the RDS instance" + value = aws_db_instance.main.endpoint +} diff --git a/aws_rds/sg.tf b/aws_rds/sg.tf new file mode 100644 index 0000000..02ab60d --- /dev/null +++ b/aws_rds/sg.tf @@ -0,0 +1,36 @@ +resource "aws_security_group" "this" { + name = "${var.project_name}-${var.env}-rds-sg" + # description = "Security Group for instance" + vpc_id = var.vpc_id + + lifecycle { + create_before_destroy = true + } + + tags = { + Name = "${var.project_name}-${var.env}-rds-sg" + Project = var.project_name, + Environment = var.env + Terraform = true + } +} + +resource "aws_security_group_rule" "access_from_vpc" { + security_group_id = aws_security_group.this.id + type = "ingress" + from_port = var.db_port + to_port = var.db_port + description = "Allow from vpc" + protocol = "tcp" + cidr_blocks = [var.cidr_vpc] +} + +resource "aws_security_group_rule" "access_to_anywhere" { + security_group_id = aws_security_group.this.id + description = "Allow outbound traffic" + type = "egress" + from_port = 0 + to_port = 0 + protocol = "all" + cidr_blocks = [var.cidr_vpc] +} diff --git a/aws_rds/variables_network.tf b/aws_rds/variables_network.tf new file mode 100644 index 0000000..f06a86d --- /dev/null +++ b/aws_rds/variables_network.tf @@ -0,0 +1,19 @@ +variable "vpc_id" { + description = "Vpc id" + type = string +} + +variable "cidr_vpc" { + description = "VPC CIDR block" + type = string +} + +variable "subnet_ids" { + description = "Subnets ids" + type = list(string) +} + +variable "db_port" { + description = "DB open port" + type = string +} diff --git a/aws_rds/variables_project.tf b/aws_rds/variables_project.tf new file mode 100644 index 0000000..bff7f58 --- /dev/null +++ b/aws_rds/variables_project.tf @@ -0,0 +1,32 @@ +variable "project_name" { + description = "Project name" + validation { + condition = length(var.project_name) > 3 + error_message = "The project_name value must be set and more than 3 symbols." + } +} + +variable "env" { + description = "env" + type = string +} + +variable "username" { + description = "Master username" + type = string +} + +variable "password" { + description = "Password for master username" + sensitive = true + type = string + validation { + condition = length(var.password) > 8 + error_message = "The password must be more than 8 symbols." + } +} + +variable "db_name" { + description = "Created db name" + type = string +} diff --git a/aws_rds/variables_rds.tf b/aws_rds/variables_rds.tf new file mode 100644 index 0000000..c4d2e4f --- /dev/null +++ b/aws_rds/variables_rds.tf @@ -0,0 +1,88 @@ +variable "skip_final_snapshot" { + description = "Skip final snapshot" + type = bool +} + +variable "publicly_accessible" { + description = "Publicly accessible" + type = bool + default = false +} + +variable "apply_immediately" { + description = "Apply immediately" + type = bool + default = false +} + +variable "multi_az" { + description = "multi_az" + type = bool + default = false +} + +variable "storage_type" { + description = "Storage type" + type = string + default = "gp3" +} + +variable "allocated_storage" { + description = "Storage amount GB" + type = string + default = "20" +} + +variable "max_allocated_storage" { + description = "Autoscale stogage amount" + type = string + default = "0" +} + +variable "engine" { + description = "Engine type" + type = string + default = "postgres" +} + +variable "engine_version" { + description = "Engine_version" + type = string + default = "14.8" +} + +variable "instance_class" { + description = "Instance_class" + type = string + default = "db.t4g.micro" +} + +variable "parameter_group_name" { + description = "Parameter group name" + type = string + default = "default.postgres14" +} + +variable "monitoring_interval" { + description = "Monitoring interval" + type = string + default = "0" +} + +variable "backup_retention_period" { + description = "Backup retention period" + type = string + default = "3" +} + +variable "deletion_protection" { + description = "Deletion protection" + type = bool + default = false +} + +variable "allow_major_version_upgrade" { + description = "Allow major version upgrade" + type = bool + default = false +} diff --git a/aws_vpc/main.tf b/aws_vpc/main.tf index 6669d0f..8617cf7 100644 --- a/aws_vpc/main.tf +++ b/aws_vpc/main.tf @@ -1,32 +1,125 @@ resource "aws_vpc" "main" { cidr_block = var.cidr_vpc enable_dns_hostnames = true - tags = merge(var.vpc_tags, { Name = "${var.proj_name}-VPC" }) + enable_dns_support = true + tags = { + Name = "${var.project_name}-${var.env}" + Project = var.project_name, + Environment = var.env + Terraform = true + } } -resource "aws_subnet" "public_subnet" { - vpc_id = aws_vpc.main.id - cidr_block = var.public_subnet_cidr - availability_zone = var.azs - tags = merge(var.vpc_tags, { Name = "${var.proj_name}_public_subnet" }) +resource "aws_subnet" "public_subnets" { + vpc_id = aws_vpc.main.id + count = length(var.public_subnet_cidrs) + cidr_block = element(var.public_subnet_cidrs, count.index) + availability_zone = element(var.azs, count.index) + map_public_ip_on_launch = true + tags = { + Name = "${var.project_name}-${var.env}-public-${count.index + 1}" + Project = var.project_name, + Environment = var.env + Terraform = true + } +} + +resource "aws_subnet" "private_subnets" { + vpc_id = aws_vpc.main.id + count = length(var.private_subnet_cidrs) + cidr_block = element(var.private_subnet_cidrs, count.index) + availability_zone = element(var.azs, count.index) + map_public_ip_on_launch = false + tags = { + Name = "${var.project_name}-${var.env}-private-${count.index + 1}" + Project = var.project_name, + Environment = var.env + Terraform = true + } } resource "aws_internet_gateway" "gw" { vpc_id = aws_vpc.main.id - tags = merge(var.vpc_tags, { Name = "${var.proj_name}_vpc_igw" }) + tags = { + Name = "${var.project_name}-${var.env}" + Project = var.project_name, + Environment = var.env + Terraform = true + } } -resource "aws_route_table" "igw_rt" { +resource "aws_route_table" "public_rt" { vpc_id = aws_vpc.main.id route { cidr_block = "0.0.0.0/0" gateway_id = aws_internet_gateway.gw.id } - tags = merge(var.vpc_tags, { Name = "${var.proj_name}_rt_to_igw" }) + tags = { + Name = "${var.project_name}-${var.env}-public" + Project = var.project_name, + Environment = var.env + Terraform = true + } +} + +resource "aws_route_table_association" "public_subnet_assosiation" { + count = length(aws_subnet.public_subnets[*].id) + subnet_id = element(aws_subnet.public_subnets[*].id, count.index) + route_table_id = aws_route_table.public_rt.id +} + +resource "aws_route_table" "private_rt" { + vpc_id = aws_vpc.main.id + + route { + cidr_block = var.cidr_vpc + gateway_id = "local" + } + + tags = { + Name = "${var.project_name}-${var.env}-private" + Project = var.project_name, + Environment = var.env + Terraform = true + } +} + +resource "aws_route_table_association" "private_subnet_assosiation" { + count = length(aws_subnet.private_subnets[*].id) + subnet_id = element(aws_subnet.private_subnets[*].id, count.index) + route_table_id = aws_route_table.private_rt.id +} + +resource "aws_nat_gateway" "main" { + count = var.nat_create ? 1 : 0 + connectivity_type = "public" + allocation_id = aws_eip.eip_nat[0].allocation_id + subnet_id = aws_subnet.public_subnets[0].id + + tags = { + Name = "${var.project_name}-${var.env}" + Project = var.project_name, + Environment = var.env + Terraform = true + } +} + +resource "aws_eip" "eip_nat" { + count = var.nat_create ? 1 : 0 + domain = "vpc" + + tags = { + Name = "${var.project_name}-${var.env}-nat-eip" + Project = var.project_name, + Environment = var.env + Terraform = true + } } -resource "aws_route_table_association" "subnet_asso" { - subnet_id = aws_subnet.public_subnet.id - route_table_id = aws_route_table.igw_rt.id +resource "aws_route" "private_nat_route" { + count = var.nat_create ? 1 : 0 + route_table_id = aws_route_table.private_rt.id + destination_cidr_block = "0.0.0.0/0" + nat_gateway_id = aws_nat_gateway.main[0].id } diff --git a/aws_vpc/outputs.tf b/aws_vpc/outputs.tf index 7fa0a82..46709cc 100644 --- a/aws_vpc/outputs.tf +++ b/aws_vpc/outputs.tf @@ -2,10 +2,14 @@ output "vpc_id" { value = aws_vpc.main.id } -output "vpc_cidr" { - value = aws_vpc.main.cidr_block +output "public_subnet_ids" { + value = aws_subnet.public_subnets[*].id } -output "public_subnet_id" { - value = aws_subnet.public_subnet.id +output "private_subnet_ids" { + value = aws_subnet.private_subnets[*].id +} + +output "nat_eip" { + value = aws_nat_gateway.main[*].public_ip } diff --git a/aws_vpc/variables.tf b/aws_vpc/variables.tf index cd3e3f1..7154189 100644 --- a/aws_vpc/variables.tf +++ b/aws_vpc/variables.tf @@ -1,44 +1,46 @@ variable "region" { description = "AWS region" type = string - default = "" + default = "eu-central-1" } variable "azs" { - type = string + type = list(string) description = "Availability Zones list" - default = "" } variable "env" { description = "Name of env" type = string - default = "" } -variable "proj_name" { +variable "project_name" { description = "Name of project" type = string - default = "" + + validation { + condition = length(var.project_name) > 3 + error_message = "The project_name value must be set and more than 3 symbols." + } } variable "cidr_vpc" { description = "CIDR block for VPC" type = string - default = "" } -variable "public_subnet_cidr" { - type = string +variable "public_subnet_cidrs" { + type = list(string) description = "Public Subnet CIDR values" - default = "" } -variable "vpc_tags" { - description = "Common tags to apply to all resourses" - type = map(any) - default = { - Project = "" - Environment = "" - } +variable "private_subnet_cidrs" { + type = list(string) + description = "Private Subnet CIDR values" +} + +variable "nat_create" { + description = "Is create a NAT Gateway?" + type = bool + default = false } diff --git a/data.tf b/data.tf new file mode 100644 index 0000000..87d8f48 --- /dev/null +++ b/data.tf @@ -0,0 +1,3 @@ +data "aws_availability_zones" "available" { + state = "available" +} diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..3dc0831 --- /dev/null +++ b/main.tf @@ -0,0 +1,103 @@ +terraform { + # backend "s3" { + # bucket = "mybucket" + # key = "path/to/my/key" + # region = "eu-central-1" + # } + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + cloudflare = { + source = "cloudflare/cloudflare" + version = "~> 4.0" + } + } +} + +provider "aws" { + region = var.region +} + +provider "cloudflare" { +} + +module "vpc" { + source = "./aws_vpc" + nat_create = var.nat_create + azs = data.aws_availability_zones.available.names + cidr_vpc = var.cidr_vpc + public_subnet_cidrs = var.public_subnet_cidrs + private_subnet_cidrs = var.private_subnet_cidrs + project_name = var.project_name + env = var.env +} + +module "rds_postgres" { + source = "./aws_rds" + apply_immediately = var.apply_immediately + multi_az = var.multi_az + cidr_vpc = var.cidr_vpc + vpc_id = module.vpc.vpc_id + allocated_storage = var.allocated_storage + max_allocated_storage = var.max_allocated_storage + allow_major_version_upgrade = var.allow_major_version_upgrade + backup_retention_period = var.backup_retention_period + deletion_protection = var.deletion_protection + engine = var.engine + engine_version = var.engine_version + instance_class = var.instance_class + publicly_accessible = var.publicly_accessible + skip_final_snapshot = var.skip_final_snapshot + + subnet_ids = module.vpc.private_subnet_ids + db_port = var.db_port + + username = var.username + password = var.password + db_name = var.db_name + + project_name = var.project_name + env = var.env +} + +module "server1" { + source = "./aws_instance" + depends_on = [module.vpc] + ami = var.ami_ubuntu_22_04 + azs = element(data.aws_availability_zones.available.names, 0) + instance_type = "t3.micro" + root_block_size = 10 + root_volume_type = "gp3" + instance_profile = null + vpc_id = module.vpc.vpc_id + cidr_vpc = var.cidr_vpc + allow_tcp_ports = [80, 443, 22, 8080] + allow_udp_ports = [] + start_tcp_ports = [] + end_tcp_ports = [] + start_udp_ports = [] + end_udp_ports = [] + subnet_id = element(module.vpc.public_subnet_ids, 0) + ssh_key = var.ssh_key + user_data = file("test.sh") + + project_name = var.project_name + env = var.env + instance_name = var.inst1_name +} + +module "ebs_server_1" { + source = "./aws_ebs" + azs = element(data.aws_availability_zones.available.names, 0) + size = "10" + type = "gp3" + instance_id = module.server1.instance_id + device_path = "/dev/sdh" + + project_name = var.project_name + env = var.env + instance_name = var.inst1_name +} + diff --git a/outputs.tf b/outputs.tf new file mode 100644 index 0000000..808cde7 --- /dev/null +++ b/outputs.tf @@ -0,0 +1,32 @@ +output "avz" { + value = data.aws_availability_zones.available.names +} + +output "avz_ids" { + value = data.aws_availability_zones.available.zone_ids +} + +output "vpc_id" { + value = module.vpc.vpc_id +} + +output "public_subnet_ids" { + value = module.vpc.public_subnet_ids +} + +output "private_subnet_ids" { + value = module.vpc.private_subnet_ids +} + +output "nat_eip" { + value = module.vpc.nat_eip +} + +output "rds_endpoint" { + description = "Endpoint of the RDS instance" + value = module.rds_postgres.rds_endpoint +} + +# output "server1_ip" { +# value = module.server1.elastic_ip +# } diff --git a/terraform.tfvars.example b/terraform.tfvars.example new file mode 100644 index 0000000..4a6bf56 --- /dev/null +++ b/terraform.tfvars.example @@ -0,0 +1,14 @@ +#### General vars +region = "eu-central-1" +project_name = "new-vpc" +env = "test" +#### VPC vars +nat_create = "false" + +#### RDS vars +db_port = "5432" #for postgres +db_name = "postgres" +username = "master" +password = "master123" +skip_final_snapshot = true + diff --git a/test.sh b/test.sh new file mode 100644 index 0000000..07a9c71 --- /dev/null +++ b/test.sh @@ -0,0 +1,2 @@ +#!/bin/bash +echo "Hello instance!!!" > /home/${USER}/test.txt \ No newline at end of file diff --git a/variables_instances.tf b/variables_instances.tf new file mode 100644 index 0000000..82d2b90 --- /dev/null +++ b/variables_instances.tf @@ -0,0 +1,38 @@ +variable "ami_ubuntu_22_04" { + description = "ami_ubuntu_22.04" + default = "ami-0ec7f9846da6b0f61" +} + +variable "ssh_key" { + description = "SSH key pair for instances" + default = "test_key" +} + +variable "ebs_name" { + description = "EBS name" + default = "/dev/sdf" +} + +variable "inst1_name" { + description = "Name for instances" + type = string + default = "test" +} + +variable "inst2_name" { + description = "Name for instances" + type = string + default = "" +} + +variable "inst3_name" { + description = "Name for instances" + type = string + default = "" +} + +variable "inst4_name" { + description = "Name for instances" + type = string + default = "" +} diff --git a/variables_project.tf b/variables_project.tf new file mode 100644 index 0000000..e494ea7 --- /dev/null +++ b/variables_project.tf @@ -0,0 +1,18 @@ +variable "region" { + description = "AWS region" + type = string + default = "eu-central-1" +} + +variable "project_name" { + description = "Project name" + type = string +} + +variable "env" { + description = "Environment" + type = string + default = "dev" +} + + diff --git a/variables_rds.tf b/variables_rds.tf new file mode 100644 index 0000000..4d20daf --- /dev/null +++ b/variables_rds.tf @@ -0,0 +1,109 @@ +variable "skip_final_snapshot" { + description = "Skip final snapshot" + type = bool +} + +variable "publicly_accessible" { + description = "Publicly accessible" + type = bool + default = false +} + +variable "apply_immediately" { + description = "Apply immediately" + type = bool + default = false +} + +variable "multi_az" { + description = "multi_az" + type = bool + default = false +} + +variable "storage_type" { + description = "Storage type" + type = string + default = "gp3" +} + +variable "allocated_storage" { + description = "Storage amount GB" + type = string + default = "20" +} + +variable "max_allocated_storage" { + description = "Autoscale stogage amount" + type = string + default = "0" +} + +variable "engine" { + description = "Engine type" + type = string + default = "postgres" +} + +variable "engine_version" { + description = "Engine_version" + type = string + default = "14.8" +} + +variable "instance_class" { + description = "Instance_class" + type = string + default = "db.t4g.micro" +} + +variable "parameter_group_name" { + description = "Parameter group name" + type = string + default = "default.postgres14" +} + +variable "monitoring_interval" { + description = "Monitoring interval" + type = string + default = "0" +} + +variable "backup_retention_period" { + description = "Backup retention period" + type = string + default = "3" +} + +variable "deletion_protection" { + description = "Deletion protection" + type = bool + default = false +} + +variable "allow_major_version_upgrade" { + description = "Allow major version upgrade" + type = bool + default = false +} + +variable "db_port" { + description = "DB open port" + type = string +} + +variable "username" { + description = "Master username" + type = string +} + +variable "password" { + description = "Password for master username" + sensitive = true + type = string +} + +variable "db_name" { + description = "Created db name" + type = string +} diff --git a/variables_vpc.tf b/variables_vpc.tf new file mode 100644 index 0000000..b48fb15 --- /dev/null +++ b/variables_vpc.tf @@ -0,0 +1,30 @@ +variable "cidr_vpc" { + description = "CIDR block for VPC" + type = string + default = "192.168.0.0/16" +} + +variable "nat_create" { + description = "Is create a NAT Gateway?" + type = bool + default = false +} + +variable "public_subnet_cidrs" { + description = "Public subnet CIDRs" + type = list(string) + default = [ + "192.168.11.0/24", + "192.168.12.0/24", + ] +} + +variable "private_subnet_cidrs" { + description = "Public subnet CIDRs" + type = list(string) + default = [ + "192.168.21.0/24", + "192.168.22.0/24" + ] +} +