idanoo/fediservices.nz-infra
1
0
Fork 0
mirror of https://github.com/idanoo/fediservices.nz-infra synced 2025-07-01 22:02:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Formatting

Browse source
This commit is contained in:
Daniel Mason 2023-04-22 13:19:00 +12:00
parent 2d32a3c4bb
commit 6d36a3aa71
Signed by: idanoo
GPG key ID: 387387CDBC02F132
4 changed files with 37 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

2
ec2.tf
View file

@ -3,7 +3,7 @@
resource "aws_instance" "instance" {
ami = data.aws_ami.ubuntu.id
instance_type = var.instance_type
iam_instance_profile = aws_iam_instance_profile.profile.name
iam_instance_profile = aws_iam_instance_profile.profile.name
availability_zone = element(aws_subnet.subnet.*.availability_zone, 1)
user_data = data.template_file.userdata.rendered
subnet_id = element(aws_subnet.subnet.*.id, 1)

6
iam.tf
View file

@ -25,10 +25,10 @@ resource "aws_iam_instance_profile" "profile" {
}
resource "aws_iam_role_policy" "policy" {
name = aws_iam_role.role.name
role = aws_iam_role.role.id
name = aws_iam_role.role.name
role = aws_iam_role.role.id
policy = <<EOF
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [

44
sg.tf
View file

@ -3,38 +3,38 @@ resource "aws_security_group" "sg" {
name = "status.fediservices.nz"
description = "status.fediservices.nz"
vpc_id = aws_vpc.vpc.id
vpc_id = aws_vpc.vpc.id
}
# Allow out
resource "aws_security_group_rule" "allow_egress" {
security_group_id = aws_security_group.sg.id
type = "egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
security_group_id = aws_security_group.sg.id
type = "egress"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
# Allow HTTP traffic
resource "aws_security_group_rule" "http" {
security_group_id = aws_security_group.sg.id
type = "ingress"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
security_group_id = aws_security_group.sg.id
type = "ingress"
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}
# Allow HTTPS traffic
resource "aws_security_group_rule" "https" {
security_group_id = aws_security_group.sg.id
type = "ingress"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
security_group_id = aws_security_group.sg.id
type = "ingress"
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = ["::/0"]
}

22
vpc.tf
View file

@ -1,24 +1,24 @@
resource "aws_vpc" "vpc" {
cidr_block = "10.10.10.0/24"
enable_dns_hostnames = true
enable_dns_support = true
cidr_block = "10.10.10.0/24"
enable_dns_hostnames = true
enable_dns_support = true
tags = {Name = "mainVPC"}
tags = { Name = "mainVPC" }
}
resource "aws_subnet" "subnet" {
count = length(data.aws_availability_zones.available.names)
vpc_id = aws_vpc.vpc.id
cidr_block = "10.10.10.${16*count.index}/28"
availability_zone= "${data.aws_availability_zones.available.names[count.index]}"
count = length(data.aws_availability_zones.available.names)
vpc_id = aws_vpc.vpc.id
cidr_block = "10.10.10.${16 * count.index}/28"
availability_zone = data.aws_availability_zones.available.names[count.index]
tags = {Name = "mainSubnet"}
tags = { Name = "mainSubnet" }
}
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.vpc.id
tags = {Name = "mainIGW"}
tags = { Name = "mainIGW" }
}
data "aws_route_table" "rt" {
@ -32,7 +32,7 @@ resource "aws_route" "igw" {
}
resource "aws_route_table_association" "association" {
count = length(data.aws_availability_zones.available.names)
count = length(data.aws_availability_zones.available.names)
subnet_id = element(aws_subnet.subnet.*.id, count.index)
route_table_id = data.aws_route_table.rt.id
}