-
Notifications
You must be signed in to change notification settings - Fork 4
/
backend_https.tf
58 lines (49 loc) · 1.5 KB
/
backend_https.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# Copyright (c) 2023, Oracle and/or its affiliates.
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl.
# this file creates the self-signed certificate used to set up the web server
# HTTPS connection
# RSA key of size 4096 bits
resource "tls_private_key" "rsa_private_key" {
algorithm = "RSA"
rsa_bits = 4096
count = (local.use-image ? 0 : 1)
}
resource "tls_self_signed_cert" "self_signed_certificate" {
private_key_pem = tls_private_key.rsa_private_key[0].private_key_pem
subject {
common_name = "localhost"
}
validity_period_hours = 87600
allowed_uses = [
"key_encipherment",
"digital_signature",
"server_auth",
"cert_signing",
"client_auth",
"data_encipherment",
"digital_signature",
"server_auth"
]
count = (local.use-image ? 0 : 1)
}
resource "local_file" "self_signed_certificate" {
filename = "${path.module}/certificate.pem"
content = tls_self_signed_cert.self_signed_certificate[0].cert_pem
count = (local.use-image ? 0 : 1)
}
resource "local_file" "self_signed_private_key" {
filename = "${path.module}/private-key.pem"
content = tls_private_key.rsa_private_key[0].private_key_pem
count = (local.use-image ? 0 : 1)
}
# Keystore password
resource "random_password" "keystore_password" {
length = 15
min_upper = 1
min_lower = 1
min_numeric = 1
min_special = 0
special = false
numeric = true
override_special = "!#%&"
}