Skip to content

Commit

Permalink
Merge pull request #43 from silinternational/develop
Browse files Browse the repository at this point in the history
Release 5.0.0 - multiregion changes
  • Loading branch information
briskt authored Aug 9, 2023
2 parents dcce92f + 4bf596d commit 67863b7
Show file tree
Hide file tree
Showing 5 changed files with 52 additions and 56 deletions.
8 changes: 0 additions & 8 deletions .terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

86 changes: 48 additions & 38 deletions main.tf
Original file line number Diff line number Diff line change
@@ -1,25 +1,25 @@
locals {
app_name_and_env = "${var.app_name}-${local.app_env}"
app_env = var.app_env
app_environment = var.app_environment
ecr_repo_name = local.app_name_and_env
is_multiregion = var.aws_region_secondary != ""
is_primary = local.is_multiregion && var.aws_region != var.aws_region_secondary
create_cd_user = !local.is_multiregion || local.is_primary
mysql_database = "session"
mysql_user = "root"
name_tag_suffix = "${var.app_name}-${var.customer}-${local.app_environment}"
app_name_and_env = "${var.app_name}-${local.app_env}"
app_env = var.app_env
app_environment = var.app_environment
ecr_repo_name = local.app_name_and_env
is_multiregion = var.aws_region_secondary != ""
is_multiregion_primary = local.is_multiregion && var.aws_region != var.aws_region_secondary
create_cd_user = !local.is_multiregion || local.is_multiregion_primary
mysql_database = "session"
mysql_user = "root"
name_tag_suffix = "${var.app_name}-${var.customer}-${local.app_environment}"
}

module "app" {
source = "github.com/silinternational/terraform-aws-ecs-app?ref=develop"
source = "silinternational/ecs-app/aws"
version = "0.4.0"

app_env = local.app_env
app_name = var.app_name
domain_name = var.cloudflare_domain
container_def_json = data.template_file.task_def_hub.rendered
create_dns_record = var.create_dns_record
dns_allow_overwrite = local.is_multiregion
container_def_json = local.task_def_hub
create_dns_record = false
create_cd_user = local.create_cd_user
database_name = local.mysql_database
database_user = local.mysql_user
Expand All @@ -38,6 +38,37 @@ module "app" {
}


/*
* Create intermediate DNS record using Cloudflare (e.g. hub-us-east-2.example.com)
*/
resource "cloudflare_record" "intermediate" {
zone_id = data.cloudflare_zone.this.id
name = "${var.subdomain}-${var.aws_region}"
value = module.app.alb_dns_name
type = "CNAME"
comment = "intermediate record - DO NOT change this"
proxied = true
}

/*
* Create public DNS record using Cloudflare (e.g. hub.example.com)
*/
resource "cloudflare_record" "public" {
count = local.is_multiregion_primary || !local.is_multiregion ? 1 : 0

zone_id = data.cloudflare_zone.this.id
name = var.subdomain
value = cloudflare_record.intermediate.hostname
type = "CNAME"
comment = "public record - this can be changed for failover"
proxied = true
}

data "cloudflare_zone" "this" {
name = var.cloudflare_domain
}


/*
* Create passwords required for SimpleSAMLphp
*/
Expand All @@ -53,10 +84,8 @@ resource "random_id" "ssp_secret_salt" {
/*
* Create task definition template
*/
data "template_file" "task_def_hub" {
template = file("${path.module}/task-def-hub.json")

vars = {
locals {
task_def_hub = templatefile("${path.module}/task-def-hub.json", {
admin_email = var.admin_email
admin_name = var.admin_name
admin_pass = random_id.ssp_admin_pass.hex
Expand All @@ -83,7 +112,7 @@ data "template_file" "task_def_hub" {
session_store_type = "sql"
show_saml_errors = var.show_saml_errors
subdomain = var.subdomain
}
})
}

/*
Expand Down Expand Up @@ -132,25 +161,6 @@ module "ecr" {
image_retention_tags = ["latest", "develop"]
}

resource "aws_ecr_replication_configuration" "this" {
count = local.is_primary ? 1 : 0
depends_on = [module.ecr]

replication_configuration {
rule {
destination {
region = var.aws_region_secondary
registry_id = data.aws_caller_identity.this.account_id
}
repository_filter {
filter = local.ecr_repo_name
filter_type = "PREFIX_MATCH"
}
}
}
}

data "aws_caller_identity" "this" {}

/*
* DynamoDB table for user login activity logging
Expand Down
4 changes: 4 additions & 0 deletions outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -29,3 +29,7 @@ output "cd_user_arn" {
output "user_log_table" {
value = aws_dynamodb_table.logger.name
}

output "alb_dns_name" {
value = module.app.alb_dns_name
}
6 changes: 0 additions & 6 deletions vars.tf
Original file line number Diff line number Diff line change
Expand Up @@ -140,12 +140,6 @@ variable "cloudflare_token" {
default = null
}

variable "create_dns_record" {
description = "Set to false to skip creation of a Cloudflare DNS record"
type = string
default = true
}

variable "subdomain" {
description = "The subdomain on which to host the app. Combined with \"cloudflare_domain\" to create an ALB listener rule. Also used for the optional DNS record."
type = string
Expand Down
4 changes: 0 additions & 4 deletions versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,5 @@ terraform {
version = "~> 3.1"
source = "hashicorp/random"
}
template = {
version = "~> 2.2"
source = "hashicorp/template"
}
}
}

0 comments on commit 67863b7

Please sign in to comment.