Creating single instance with db

eb create --single --database
2020-07-29 15:33:54 +01:00
parent a5bcb9e998
commit b07e4e1b18
5 changed files with 109 additions and 34 deletions
--- a/infrastructure/main.tf
+++ b/infrastructure/main.tf
@@ -13,10 +13,17 @@ locals {
  }
 }

+# Name
+
+module "name" {
+  source = "git::"
+
+}
+
 # Network

 module "vpc" {
-  source = "git::https://github.com/cloudposse/terraform-aws-vpc?ref=tags/0.14.0"
+  source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.14.0"
  stage  = var.stage
  name   = var.name

@@ -25,7 +32,7 @@ module "vpc" {
 }

 module "subnets" {
-  source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets?ref=tags/0.23.0"
+  source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.23.0"
  stage  = var.stage
  name   = var.name

@@ -37,6 +44,28 @@ module "subnets" {
  nat_instance_enabled = false
 }

+resource "aws_security_group" "ec2_security_group" {
+  name        = "${var.stage}-${var.name}-ec2_sg"
+  description = "Security group assigned to the Elastic Scaling group that is applied to the EC2 instances."
+  vpc_id      = module.vpc.vpc_id
+
+  ingress {
+    description = "HTTP"
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = [module.vpc.vpc_cidr_block]
+  }
+
+  ingress {
+    description = "HTTPS"
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = [module.vpc.vpc_cidr_block]
+  }
+}
+
 # RDS instance

 module "rds_instance" {
@@ -44,21 +73,26 @@ module "rds_instance" {
  stage  = var.stage
  name   = var.name

-  allocated_storage   = 5
-  database_name       = "postgres"
-  database_user       = "mainuser"
-  database_password   = "password"
-  database_port       = 5432
-  db_parameter_group  = "postgres12"
-  engine              = "postgres"
-  engine_version      = "12.3"
-  instance_class      = "db.t2.micro"
+  allocated_storage  = 5
+  database_name      = "postgres"
+  database_user      = "mainuser"
+  database_password  = "password"
+  database_port      = 5432
+  db_parameter_group = "postgres12"
+  engine             = "postgres"
+  engine_version     = "12.3"
+  instance_class     = "db.t2.micro"
+  # security_group_ids	=
  subnet_ids          = module.subnets.public_subnet_ids
  vpc_id              = module.vpc.vpc_id
  publicly_accessible = true
  tags                = local.tags
 }

-# Set maintenance window
-# subnet_ids and vpc_id required
-# need a security group for the DB with ingress rule allowing inbound from the autoscaler/EB security group (does a single instance have an SC?) - use 0.0.0.0 for initial creation then change the TF stack with the EB security group once it's created.
+# S3 bucket
+
+resource "aws_s3_bucket" "static_assets" {
+  bucket = "${var.stage}-${var.name}-strapi_uploads"
+  acl    = "private"
+  tags   = local.tags
+}
--- a/infrastructure/outputs.tf
+++ b/infrastructure/outputs.tf
@@ -0,0 +1,12 @@
+
+
+# S3
+output "s3_static_assets" {
+  value       = "resource.aws_s3_bucket.static_assets.id"
+  description = "Name of the static assets S3 bucket."
+}
+
+output "s3_static_assets" {
+  value       = "resource.aws_s3_bucket.static_assets.arn"
+  description = "ARN of the static assets S3 bucket."
+}
--- a/infrastructure/prod-eu-west-1.tfvars
+++ b/infrastructure/prod-eu-west-1.tfvars
@@ -1,5 +1,5 @@
 # module
-name    = "strapi-elb"
+name    = "strapi-eb"
 region  = "eu-west-1"
 stage   = "prod"
 profile = "admin"