├── .github ├── CODEOWNERS ├── PULL_REQUEST_TEMPLATE.md ├── dependabot.yml └── workflows │ ├── auto_assignee.yml │ ├── changelog.yml │ ├── terraform.yml │ ├── tflint.yml │ └── tfsec.yml ├── .gitignore ├── .pre-commit-config.yaml ├── LICENSE ├── Makefile ├── README.md ├── _docs └── .gitkeep ├── app └── k8s │ ├── charts │ └── .gitkeep │ └── kubectl │ └── .gitkeep └── terraform ├── README.md ├── _modules ├── app │ ├── main.tf │ ├── outputs.tf │ └── variables.tf ├── cdn │ ├── main.tf │ ├── outputs.tf │ └── variables.tf ├── certificate │ ├── main.tf │ ├── output.tf │ └── variables.tf ├── container-registry │ ├── main.tf │ ├── outputs.tf │ └── variables.tf ├── database │ ├── main.tf │ ├── output.tf │ └── variables.tf ├── domain │ ├── main.tf │ ├── outputs.tf │ └── variables.tf ├── droplet │ ├── main.tf │ ├── outputs.tf │ ├── user-data.sh │ └── variable.tf ├── firewall │ ├── main.tf │ ├── outputs.tf │ └── variables.tf ├── kubernetes │ ├── main.tf │ ├── outputs.tf │ └── variable.tf ├── loadbalancer │ ├── main.tf │ ├── outputs.tf │ └── variable.tf ├── monitoring │ ├── main.tf │ ├── output.tf │ └── variables.tf ├── spaces │ ├── main.tf │ ├── outputs.tf │ └── variable.tf └── vpc │ ├── main.tf │ ├── outputs.tf │ └── variable.tf └── sandbox └── blr1 ├── .gitkeep ├── main.tf ├── output.tf ├── user-data.sh └── versions.tf /.github/CODEOWNERS: -------------------------------------------------------------------------------- 1 | * @anmolnagpal -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ## what 2 | * Describe high-level what changed as a result of these commits (i.e. in plain-english, what do these changes mean?) 3 | * Use bullet points to be concise and to the point. 4 | 5 | ## why 6 | * Provide the justifications for the changes (e.g. business case). 7 | * Describe why these changes were made (e.g. why do these commits fix the problem?) 8 | * Use bullet points to be concise and to the point. 9 | 10 | ## references 11 | * Link to any supporting jira issues or helpful documentation to add some context (e.g. stackoverflow). 12 | * Use `closes #123`, if this PR closes a Jira issue `#123` 13 | -------------------------------------------------------------------------------- /.github/dependabot.yml: -------------------------------------------------------------------------------- 1 | # To get started with Dependabot version updates, you'll need to specify which 2 | # package ecosystems to update and where the package manifests are located. 3 | # Please see the documentation for all configuration options: 4 | # https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates 5 | 6 | version: 2 7 | updates: 8 | 9 | - package-ecosystem: "github-actions" 10 | directory: "/" 11 | schedule: 12 | interval: "daily" 13 | open-pull-requests-limit: 3 14 | assignees: 15 | - "clouddrove-ci" 16 | reviewers: 17 | - "approvers" 18 | 19 | - package-ecosystem: "terraform" # See documentation for possible values 20 | directory: "/" # Location of package manifests 21 | schedule: 22 | interval: "weekly" 23 | # Add assignees 24 | assignees: 25 | - "clouddrove-ci" 26 | # Add reviewer 27 | reviewers: 28 | - "approvers" 29 | # Allow up to 3 open pull requests for pip dependencies 30 | open-pull-requests-limit: 3 31 | 32 | - package-ecosystem: "terraform" # See documentation for possible values 33 | directory: "terraform/_modules/cdn" # Location of package manifests 34 | schedule: 35 | interval: "weekly" 36 | # Add assignees 37 | assignees: 38 | - "clouddrove-ci" 39 | # Add reviewer 40 | reviewers: 41 | - "approvers" 42 | # Allow up to 3 open pull requests for pip dependencies 43 | open-pull-requests-limit: 3 44 | 45 | - package-ecosystem: "terraform" # See documentation for possible values 46 | directory: "terraform/_modules/certificate" # Location of package manifests 47 | schedule: 48 | interval: "weekly" 49 | # Add assignees 50 | assignees: 51 | - "clouddrove-ci" 52 | # Add reviewer 53 | reviewers: 54 | - "approvers" 55 | # Allow up to 3 open pull requests for pip dependencies 56 | open-pull-requests-limit: 3 57 | 58 | - package-ecosystem: "terraform" # See documentation for possible values 59 | directory: "terraform/_modules/container-registry" # Location of package manifests 60 | schedule: 61 | interval: "weekly" 62 | # Add assignees 63 | assignees: 64 | - "clouddrove-ci" 65 | # Add reviewer 66 | reviewers: 67 | - "approvers" 68 | # Allow up to 3 open pull requests for pip dependencies 69 | open-pull-requests-limit: 3 70 | 71 | - package-ecosystem: "terraform" # See documentation for possible values 72 | directory: "terraform/_modules/domain" # Location of package manifests 73 | schedule: 74 | interval: "weekly" 75 | # Add assignees 76 | assignees: 77 | - "clouddrove-ci" 78 | # Add reviewer 79 | reviewers: 80 | - "approvers" 81 | # Allow up to 3 open pull requests for pip dependencies 82 | open-pull-requests-limit: 3 83 | 84 | - package-ecosystem: "terraform" # See documentation for possible values 85 | directory: "terraform/_modules/droplet" # Location of package manifests 86 | schedule: 87 | interval: "weekly" 88 | # Add assignees 89 | assignees: 90 | - "clouddrove-ci" 91 | # Add reviewer 92 | reviewers: 93 | - "approvers" 94 | # Allow up to 3 open pull requests for pip dependencies 95 | open-pull-requests-limit: 3 96 | 97 | - package-ecosystem: "terraform" # See documentation for possible values 98 | directory: "terraform/_modules/firewall" # Location of package manifests 99 | schedule: 100 | interval: "weekly" 101 | # Add assignees 102 | assignees: 103 | - "clouddrove-ci" 104 | # Add reviewer 105 | reviewers: 106 | - "approvers" 107 | # Allow up to 3 open pull requests for pip dependencies 108 | open-pull-requests-limit: 3 109 | 110 | - package-ecosystem: "terraform" # See documentation for possible values 111 | directory: "terraform/_modules/kubernetes" # Location of package manifests 112 | schedule: 113 | interval: "weekly" 114 | # Add assignees 115 | assignees: 116 | - "clouddrove-ci" 117 | # Add reviewer 118 | reviewers: 119 | - "approvers" 120 | # Allow up to 3 open pull requests for pip dependencies 121 | open-pull-requests-limit: 3 122 | 123 | - package-ecosystem: "terraform" # See documentation for possible values 124 | directory: "terraform/_modules/loadbalancer" # Location of package manifests 125 | schedule: 126 | interval: "weekly" 127 | # Add assignees 128 | assignees: 129 | - "clouddrove-ci" 130 | # Add reviewer 131 | reviewers: 132 | - "approvers" 133 | # Allow up to 3 open pull requests for pip dependencies 134 | open-pull-requests-limit: 3 135 | 136 | - package-ecosystem: "terraform" # See documentation for possible values 137 | directory: "terraform/_modules/monitoring" # Location of package manifests 138 | schedule: 139 | interval: "weekly" 140 | # Add assignees 141 | assignees: 142 | - "clouddrove-ci" 143 | # Add reviewer 144 | reviewers: 145 | - "approvers" 146 | # Allow up to 3 open pull requests for pip dependencies 147 | open-pull-requests-limit: 3 148 | 149 | - package-ecosystem: "terraform" # See documentation for possible values 150 | directory: "terraform/_modules/spaces" # Location of package manifests 151 | schedule: 152 | interval: "weekly" 153 | # Add assignees 154 | assignees: 155 | - "clouddrove-ci" 156 | # Add reviewer 157 | reviewers: 158 | - "approvers" 159 | # Allow up to 3 open pull requests for pip dependencies 160 | open-pull-requests-limit: 3 161 | 162 | - package-ecosystem: "terraform" # See documentation for possible values 163 | directory: "terraform/_modules/vpc" # Location of package manifests 164 | schedule: 165 | interval: "weekly" 166 | # Add assignees 167 | assignees: 168 | - "clouddrove-ci" 169 | # Add reviewer 170 | reviewers: 171 | - "approvers" 172 | # Allow up to 3 open pull requests for pip dependencies 173 | open-pull-requests-limit: 3 -------------------------------------------------------------------------------- /.github/workflows/auto_assignee.yml: -------------------------------------------------------------------------------- 1 | name: Auto Assign PRs 2 | 3 | on: 4 | pull_request: 5 | types: [opened, reopened] 6 | 7 | workflow_dispatch: 8 | jobs: 9 | assign-pr: 10 | uses: clouddrove/github-shared-workflows/.github/workflows/auto_assignee.yml@master 11 | secrets: 12 | GITHUB: ${{ secrets.GITHUB }} 13 | with: 14 | assignees: 'clouddrove-ci' -------------------------------------------------------------------------------- /.github/workflows/changelog.yml: -------------------------------------------------------------------------------- 1 | name: changelog 2 | permissions: write-all 3 | on: 4 | push: 5 | tags: 6 | - "*" 7 | workflow_dispatch: 8 | jobs: 9 | changelog: 10 | uses: clouddrove/github-shared-workflows/.github/workflows/changelog.yml@master 11 | secrets: 12 | GITHUB: ${{ secrets.GITHUB }} 13 | with: 14 | branch: 'master' -------------------------------------------------------------------------------- /.github/workflows/terraform.yml: -------------------------------------------------------------------------------- 1 | name: terraform workflow 2 | permissions: write-all 3 | on: 4 | push: 5 | branches: [ master ] 6 | pull_request: 7 | workflow_dispatch: 8 | jobs: 9 | prod: 10 | uses: clouddrove/github-shared-workflows/.github/workflows/terraform_workflow.yml@master 11 | with: 12 | provider: digitalocean 13 | working_directory: terraform/sandbox/blr1/ # Specify terraform code directory in repo 14 | # var_file: # Name of tfvar file e.g "variable.tfvar" 15 | approvers: d4kverma # Assignee name for approve apply or destroy step 16 | terraform_version: 1.5.4 # Specify terraform version e.g 1.3.6 17 | # destroy: # If the value is set to true, the workflow proceeds to the destroy step. However, the default value is false 18 | secrets: 19 | DIGITALOCEAN_ACCESS_TOKEN: ${{ secrets.DO_TOKEN }} # Digitalocean token 20 | # SPACES_ACCESS_KEY_ID: # Provide spaces access key id if required 21 | # SPACES_SECRET_ACCESS_KEY: # Provide spaces secret access key if required -------------------------------------------------------------------------------- /.github/workflows/tflint.yml: -------------------------------------------------------------------------------- 1 | name: tf-lint 2 | on: 3 | push: 4 | branches: [ master ] 5 | pull_request: 6 | types: [opened, reopened] 7 | workflow_dispatch: 8 | jobs: 9 | tf-lint: 10 | uses: clouddrove/github-shared-workflows/.github/workflows/tf-lint.yml@master 11 | secrets: 12 | GITHUB: ${{ secrets.GITHUB }} -------------------------------------------------------------------------------- /.github/workflows/tfsec.yml: -------------------------------------------------------------------------------- 1 | name: tfsec 2 | permissions: write-all 3 | on: 4 | pull_request: 5 | types: [opened, reopened] 6 | workflow_dispatch: 7 | jobs: 8 | tfsec: 9 | uses: clouddrove/github-shared-workflows/.github/workflows/tfsec.yml@master 10 | secrets: 11 | GITHUB: ${{ secrets.GITHUB }} 12 | with: 13 | working_directory: '.' -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | eks-admin-cluster-role-binding.yaml 2 | eks-admin-service-account.yaml 3 | config-map-aws-auth*.yaml 4 | kubeconfig_* 5 | .idea 6 | 7 | ################################################################# 8 | # Default .gitignore content for all terraform-aws-modules below 9 | ################################################################# 10 | 11 | .DS_Store 12 | 13 | # Local .terraform directories 14 | **/.terraform/* 15 | 16 | # Terraform lockfile 17 | .terraform.lock.hcl 18 | 19 | # .tfstate files 20 | *.tfstate 21 | *.tfstate.* 22 | *.tfplan 23 | 24 | # Crash log files 25 | crash.log 26 | 27 | # Exclude all .tfvars files, which are likely to contain sentitive data, such as 28 | # password, private keys, and other secrets. These should not be part of version 29 | # control as they are data points which are potentially sensitive and subject 30 | # to change depending on the environment. 31 | *.tfvars 32 | 33 | # Ignore override files as they are usually used to override resources locally and so 34 | # are not checked in 35 | override.tf 36 | override.tf.json 37 | *_override.tf 38 | *_override.tf.json 39 | 40 | # Ignore CLI configuration files 41 | .terraformrc 42 | terraform.rc 43 | 44 | kubeconfig -------------------------------------------------------------------------------- /.pre-commit-config.yaml: -------------------------------------------------------------------------------- 1 | repos: 2 | - repo: git://github.com/antonbabenko/pre-commit-terraform 3 | rev: v1.45.0 # Use the ref you want to point at 4 | hooks: 5 | - id: terraform_fmt 6 | - id: terraform_validate 7 | - repo: git://github.com/pre-commit/pre-commit-hooks 8 | rev: v3.4.0 # Use the ref you want to point at 9 | hooks: 10 | - id: end-of-file-fixer 11 | - id: trailing-whitespace 12 | - id: mixed-line-ending 13 | - id: check-byte-order-marker 14 | - id: check-executables-have-shebangs 15 | - id: check-merge-conflict 16 | - id: debug-statements 17 | - id: check-yaml 18 | - id: check-added-large-files 19 | - repo: https://github.com/ansible/ansible-lint.git 20 | rev: v5.0.0a0 21 | hooks: 22 | - id: ansible-lint 23 | files: \.(yaml|yml)$ 24 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Apache License 2 | Version 2.0, January 2004 3 | http://www.apache.org/licenses/ 4 | 5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION 6 | 7 | 1. Definitions. 8 | 9 | "License" shall mean the terms and conditions for use, reproduction, 10 | and distribution as defined by Sections 1 through 9 of this document. 11 | 12 | "Licensor" shall mean the copyright owner or entity authorized by 13 | the copyright owner that is granting the License. 14 | 15 | "Legal Entity" shall mean the union of the acting entity and all 16 | other entities that control, are controlled by, or are under common 17 | control with that entity. For the purposes of this definition, 18 | "control" means (i) the power, direct or indirect, to cause the 19 | direction or management of such entity, whether by contract or 20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the 21 | outstanding shares, or (iii) beneficial ownership of such entity. 22 | 23 | "You" (or "Your") shall mean an individual or Legal Entity 24 | exercising permissions granted by this License. 25 | 26 | "Source" form shall mean the preferred form for making modifications, 27 | including but not limited to software source code, documentation 28 | source, and configuration files. 29 | 30 | "Object" form shall mean any form resulting from mechanical 31 | transformation or translation of a Source form, including but 32 | not limited to compiled object code, generated documentation, 33 | and conversions to other media types. 34 | 35 | "Work" shall mean the work of authorship, whether in Source or 36 | Object form, made available under the License, as indicated by a 37 | copyright notice that is included in or attached to the work 38 | (an example is provided in the Appendix below). 39 | 40 | "Derivative Works" shall mean any work, whether in Source or Object 41 | form, that is based on (or derived from) the Work and for which the 42 | editorial revisions, annotations, elaborations, or other modifications 43 | represent, as a whole, an original work of authorship. For the purposes 44 | of this License, Derivative Works shall not include works that remain 45 | separable from, or merely link (or bind by name) to the interfaces of, 46 | the Work and Derivative Works thereof. 47 | 48 | "Contribution" shall mean any work of authorship, including 49 | the original version of the Work and any modifications or additions 50 | to that Work or Derivative Works thereof, that is intentionally 51 | submitted to Licensor for inclusion in the Work by the copyright owner 52 | or by an individual or Legal Entity authorized to submit on behalf of 53 | the copyright owner. For the purposes of this definition, "submitted" 54 | means any form of electronic, verbal, or written communication sent 55 | to the Licensor or its representatives, including but not limited to 56 | communication on electronic mailing lists, source code control systems, 57 | and issue tracking systems that are managed by, or on behalf of, the 58 | Licensor for the purpose of discussing and improving the Work, but 59 | excluding communication that is conspicuously marked or otherwise 60 | designated in writing by the copyright owner as "Not a Contribution." 61 | 62 | "Contributor" shall mean Licensor and any individual or Legal Entity 63 | on behalf of whom a Contribution has been received by Licensor and 64 | subsequently incorporated within the Work. 65 | 66 | 2. Grant of Copyright License. Subject to the terms and conditions of 67 | this License, each Contributor hereby grants to You a perpetual, 68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 69 | copyright license to reproduce, prepare Derivative Works of, 70 | publicly display, publicly perform, sublicense, and distribute the 71 | Work and such Derivative Works in Source or Object form. 72 | 73 | 3. Grant of Patent License. Subject to the terms and conditions of 74 | this License, each Contributor hereby grants to You a perpetual, 75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable 76 | (except as stated in this section) patent license to make, have made, 77 | use, offer to sell, sell, import, and otherwise transfer the Work, 78 | where such license applies only to those patent claims licensable 79 | by such Contributor that are necessarily infringed by their 80 | Contribution(s) alone or by combination of their Contribution(s) 81 | with the Work to which such Contribution(s) was submitted. If You 82 | institute patent litigation against any entity (including a 83 | cross-claim or counterclaim in a lawsuit) alleging that the Work 84 | or a Contribution incorporated within the Work constitutes direct 85 | or contributory patent infringement, then any patent licenses 86 | granted to You under this License for that Work shall terminate 87 | as of the date such litigation is filed. 88 | 89 | 4. Redistribution. You may reproduce and distribute copies of the 90 | Work or Derivative Works thereof in any medium, with or without 91 | modifications, and in Source or Object form, provided that You 92 | meet the following conditions: 93 | 94 | (a) You must give any other recipients of the Work or 95 | Derivative Works a copy of this License; and 96 | 97 | (b) You must cause any modified files to carry prominent notices 98 | stating that You changed the files; and 99 | 100 | (c) You must retain, in the Source form of any Derivative Works 101 | that You distribute, all copyright, patent, trademark, and 102 | attribution notices from the Source form of the Work, 103 | excluding those notices that do not pertain to any part of 104 | the Derivative Works; and 105 | 106 | (d) If the Work includes a "NOTICE" text file as part of its 107 | distribution, then any Derivative Works that You distribute must 108 | include a readable copy of the attribution notices contained 109 | within such NOTICE file, excluding those notices that do not 110 | pertain to any part of the Derivative Works, in at least one 111 | of the following places: within a NOTICE text file distributed 112 | as part of the Derivative Works; within the Source form or 113 | documentation, if provided along with the Derivative Works; or, 114 | within a display generated by the Derivative Works, if and 115 | wherever such third-party notices normally appear. The contents 116 | of the NOTICE file are for informational purposes only and 117 | do not modify the License. You may add Your own attribution 118 | notices within Derivative Works that You distribute, alongside 119 | or as an addendum to the NOTICE text from the Work, provided 120 | that such additional attribution notices cannot be construed 121 | as modifying the License. 122 | 123 | You may add Your own copyright statement to Your modifications and 124 | may provide additional or different license terms and conditions 125 | for use, reproduction, or distribution of Your modifications, or 126 | for any such Derivative Works as a whole, provided Your use, 127 | reproduction, and distribution of the Work otherwise complies with 128 | the conditions stated in this License. 129 | 130 | 5. Submission of Contributions. Unless You explicitly state otherwise, 131 | any Contribution intentionally submitted for inclusion in the Work 132 | by You to the Licensor shall be under the terms and conditions of 133 | this License, without any additional terms or conditions. 134 | Notwithstanding the above, nothing herein shall supersede or modify 135 | the terms of any separate license agreement you may have executed 136 | with Licensor regarding such Contributions. 137 | 138 | 6. Trademarks. This License does not grant permission to use the trade 139 | names, trademarks, service marks, or product names of the Licensor, 140 | except as required for reasonable and customary use in describing the 141 | origin of the Work and reproducing the content of the NOTICE file. 142 | 143 | 7. Disclaimer of Warranty. Unless required by applicable law or 144 | agreed to in writing, Licensor provides the Work (and each 145 | Contributor provides its Contributions) on an "AS IS" BASIS, 146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 147 | implied, including, without limitation, any warranties or conditions 148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A 149 | PARTICULAR PURPOSE. You are solely responsible for determining the 150 | appropriateness of using or redistributing the Work and assume any 151 | risks associated with Your exercise of permissions under this License. 152 | 153 | 8. Limitation of Liability. In no event and under no legal theory, 154 | whether in tort (including negligence), contract, or otherwise, 155 | unless required by applicable law (such as deliberate and grossly 156 | negligent acts) or agreed to in writing, shall any Contributor be 157 | liable to You for damages, including any direct, indirect, special, 158 | incidental, or consequential damages of any character arising as a 159 | result of this License or out of the use or inability to use the 160 | Work (including but not limited to damages for loss of goodwill, 161 | work stoppage, computer failure or malfunction, or any and all 162 | other commercial damages or losses), even if such Contributor 163 | has been advised of the possibility of such damages. 164 | 165 | 9. Accepting Warranty or Additional Liability. While redistributing 166 | the Work or Derivative Works thereof, You may choose to offer, 167 | and charge a fee for, acceptance of support, warranty, indemnity, 168 | or other liability obligations and/or rights consistent with this 169 | License. However, in accepting such obligations, You may act only 170 | on Your own behalf and on Your sole responsibility, not on behalf 171 | of any other Contributor, and only if You agree to indemnify, 172 | defend, and hold each Contributor harmless for any liability 173 | incurred by, or claims asserted against, such Contributor by reason 174 | of your accepting any such warranty or additional liability. 175 | 176 | END OF TERMS AND CONDITIONS 177 | 178 | APPENDIX: How to apply the Apache License to your work. 179 | 180 | To apply the Apache License to your work, attach the following 181 | boilerplate notice, with the fields enclosed by brackets "[]" 182 | replaced with your own identifying information. (Don't include 183 | the brackets!) The text should be enclosed in the appropriate 184 | comment syntax for the file format. We also recommend that a 185 | file or class name and description of purpose be included on the 186 | same "printed page" as the copyright notice for easier 187 | identification within third-party archives. 188 | 189 | Copyright 2021 CloudDrove Inc. 190 | 191 | Licensed under the Apache License, Version 2.0 (the "License"); 192 | you may not use this file except in compliance with the License. 193 | You may obtain a copy of the License at 194 | 195 | http://www.apache.org/licenses/LICENSE-2.0 196 | 197 | Unless required by applicable law or agreed to in writing, software 198 | distributed under the License is distributed on an "AS IS" BASIS, 199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 200 | See the License for the specific language governing permissions and 201 | limitations under the License. -------------------------------------------------------------------------------- /Makefile: -------------------------------------------------------------------------------- 1 | export GENIE_PATH ?= $(shell 'pwd')/.genie 2 | export client ?= "client" 3 | include $(GENIE_PATH)/Makefile -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Terraform Digital Ocean component 2 | 3 | This digital Ocean Component repo is a collection of different modules that were created at the same time. 4 | 5 | By default this creates many digital ocean component listed in moudle directory. 6 | 7 | Here is Digital Ocean Cloud Component created using this repo. 8 | 9 | |COMPONENT |PATH | OFFICAL-URL| 10 | |:-------------------|:-----|:---------| 11 | |VPC|[terraform/_modules/vpc](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/vpc)|[terraform-digitalocean-vpc](https://github.com/terraform-do-modules/terraform-digitalocean-vpc)| 12 | |DROPLET|[terraform/_modules/droplet](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/droplet)|[terraform-digitalocean-droplet](https://github.com/terraform-do-modules/terraform-digitalocean-droplet)| 13 | |CDN|[terraform/_modules/cdn](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/cdn)|[terraform-digitalocean-cdn](https://github.com/terraform-do-modules/terraform-digitalocean-cdn)| 14 | |CERTIFICATE|[terraform/_modules/certificate](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/certificate)|[terraform-digitalocean-certificate](https://github.com/terraform-do-modules/terraform-digitalocean-certificate)| 15 | |DATABASE|[terraform/_modules/database](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/database)|[terraform-digitalocean-database](https://github.com/terraform-do-modules/terraform-digitalocean-database)| 16 | |DOMAIN|[terraform/_modules/doamin](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/domain)|[terraform-digitalocean-domain](https://github.com/terraform-do-modules/terraform-digitalocean-domain)| 17 | |SPACES|[terraform/_modules/spaces](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/spaces)|[terraform-digitalocean-spaces](https://github.com/terraform-do-modules/terraform-digitalocean-spaces)| 18 | |KUBERNETES|[terraform/_modules/kubernetes](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/kubernetes)|[terraform-digitalocean-kubernetes](https://github.com/terraform-do-modules/terraform-digitalocean-kubernetes)| 19 | |CONTAINER-REGISTRY|[terraform/_modules/container-registry](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/container-registry)|[terraform-digitalocean-container-registry](https://github.com/terraform-do-modules/terraform-digitalocean-container-registry)| 20 | |FIREWALL|[terraform/_modules/firewall](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/firewall)|[terraform-digitalocean-firewall](https://github.com/terraform-do-modules/terraform-digitalocean-firewall)| 21 | |MONITORING|[terraform/_modules/monitoring](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/monitoring)|[terraform-digitalocean-monitoring](https://github.com/terraform-do-modules/terraform-digitalocean-monitoring)| 22 | |LOADBALANCER|[terraform/_modules/loadbalancer](https://github.com/terraform-do-modules/terraform-digitalocean-components/tree/master/terraform/_modules/loadbalancer)|[terraform-digitalocean-loadbalancer](https://github.com/terraform-do-modules/terraform-digitalocean-loadbalancer)| 23 | 24 | 25 | ## To execute 26 | - follow this directory path 27 | ``` 28 | cd terraform/sandbox/blr1 29 | ``` 30 | ### Initialize terraform configuration:- 31 | The terraform init command initializes a working directory containing Terraform configuration files. This is the first command that should be run after writing a new Terraform configuration or cloning an existing one from version control. 32 | 33 | Initialize Terraform with the necessary configurations using the following command: 34 | ``` 35 | terraform init 36 | ``` 37 | 38 | ### Plan :- 39 | The terraform plan command creates an execution plan, which lets you preview the changes that Terraform plans to make to your infrastructure. By default, when Terraform creates a plan it: Reads the current state of any already-existing remote objects to make sure that the Terraform state is up-to-date. 40 | 41 | Generate a Terraform execution plan configuration using the following command: 42 | ``` 43 | terraform plan 44 | ``` 45 | ### Apply :- 46 | The terraform apply command performs a plan just like terraform plan does, but then actually carries out the planned changes to each resource using the relevant infrastructure provider's API. It asks for confirmation from the user before making any changes, unless it was explicitly told to skip approval. 47 | 48 | Apply the configuration using the following command: 49 | ``` 50 | teraform apply 51 | ``` 52 | ### Destroy :- 53 | The terraform destroy command terminates resources managed by your Terraform project. This command is the inverse of terraform apply in that it terminates all the resources specified in your Terraform state. It does not destroy resources running elsewhere that are not managed by the current Terraform project. 54 | 55 | To destroy the infrastructure, use the following command: 56 | ``` 57 | terraform destroy 58 | ``` 59 | 60 | ## Enable/Disable 61 | Any module may be prevented from being created. Just add an enabled variable and set its value to false in the moudle. -------------------------------------------------------------------------------- /_docs/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-do-modules/terraform-digitalocean-components/da0d729c2a303afb5a9d020c9467cc7cd63d8a45/_docs/.gitkeep -------------------------------------------------------------------------------- /app/k8s/charts/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-do-modules/terraform-digitalocean-components/da0d729c2a303afb5a9d020c9467cc7cd63d8a45/app/k8s/charts/.gitkeep -------------------------------------------------------------------------------- /app/k8s/kubectl/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-do-modules/terraform-digitalocean-components/da0d729c2a303afb5a9d020c9467cc7cd63d8a45/app/k8s/kubectl/.gitkeep -------------------------------------------------------------------------------- /terraform/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-do-modules/terraform-digitalocean-components/da0d729c2a303afb5a9d020c9467cc7cd63d8a45/terraform/README.md -------------------------------------------------------------------------------- /terraform/_modules/app/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## app module call 3 | ##------------------------------------------------ 4 | module "app" { 5 | source = "terraform-do-modules/app/digitalocean" 6 | version = "1.0.0" 7 | spec = var.spec 8 | } -------------------------------------------------------------------------------- /terraform/_modules/app/outputs.tf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-do-modules/terraform-digitalocean-components/da0d729c2a303afb5a9d020c9467cc7cd63d8a45/terraform/_modules/app/outputs.tf -------------------------------------------------------------------------------- /terraform/_modules/app/variables.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------------- 2 | ## variable 3 | ##------------------------------------------------------- 4 | variable "enabled" { 5 | type = bool 6 | default = true 7 | description = "Flag to control the resources creation." 8 | } 9 | 10 | variable "spec" { 11 | description = "(Required) A DigitalOcean App spec describing the app." 12 | type = any 13 | default = [] 14 | } -------------------------------------------------------------------------------- /terraform/_modules/cdn/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## cdn module call 3 | ##------------------------------------------------ 4 | module "cdn" { 5 | source = "terraform-do-modules/cdn/digitalocean" 6 | version = "1.0.0" 7 | enabled = var.enabled 8 | origin = var.origin 9 | ttl = var.ttl 10 | custom_domain = var.custom_domain 11 | certificate_name = var.certificate_name 12 | } -------------------------------------------------------------------------------- /terraform/_modules/cdn/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "id" { 5 | value = module.cdn.id 6 | } 7 | -------------------------------------------------------------------------------- /terraform/_modules/cdn/variables.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Variables 3 | # ------------------------------------------------------------------------------ 4 | variable "enabled" { 5 | type = bool 6 | default = true 7 | description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources." 8 | } 9 | 10 | variable "origin" { 11 | type = string 12 | default = "" 13 | description = "The fully qualified domain name, (FQDN) for a Space." 14 | } 15 | 16 | variable "ttl" { 17 | type = number 18 | default = 3600 19 | description = "The time to live for the CDN Endpoint, in seconds. Default is 3600 seconds." 20 | } 21 | 22 | variable "certificate_name" { 23 | type = string 24 | default = null 25 | description = "The unique name of a DigitalOcean managed TLS certificate used for SSL when a custom subdomain is provided." 26 | } 27 | 28 | variable "custom_domain" { 29 | type = string 30 | default = null 31 | description = "The fully qualified domain name (FQDN) of the custom subdomain used with the CDN Endpoint." 32 | } -------------------------------------------------------------------------------- /terraform/_modules/certificate/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## lets_encrypt certificate module call 3 | ##------------------------------------------------ 4 | module "lets_encrypt_certificate" { 5 | source = "terraform-do-modules/certificate/digitalocean" 6 | version = "1.0.0" 7 | enabled = var.enabled 8 | certificate_name = var.certificate_name 9 | domain_names = var.domain_names 10 | } -------------------------------------------------------------------------------- /terraform/_modules/certificate/output.tf: -------------------------------------------------------------------------------- 1 | output "id" { 2 | value = module.lets_encrypt_certificate.id 3 | description = "The unique ID of the certificate." 4 | } 5 | 6 | output "name" { 7 | value = module.lets_encrypt_certificate.name 8 | description = "The name of the certificate." 9 | } -------------------------------------------------------------------------------- /terraform/_modules/certificate/variables.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------------- 2 | ## variable 3 | ##------------------------------------------------------- 4 | variable "enabled" { 5 | type = bool 6 | default = true 7 | description = "Flag to control the resources creation." 8 | } 9 | 10 | variable "certificate_name" { 11 | type = string 12 | default = "" 13 | description = "The name of the certificate for identification." 14 | } 15 | 16 | variable "domain_names" { 17 | type = list(any) 18 | default = [] 19 | description = "List of fully qualified domain names (FQDNs) for which the certificate will be issued. The domains must be managed using DigitalOcean's DNS. Only valid when type is lets_encrypt." 20 | } -------------------------------------------------------------------------------- /terraform/_modules/container-registry/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## container registry module call 3 | ##------------------------------------------------ 4 | module "container-registry" { 5 | source = "terraform-do-modules/container-registry/digitalocean" 6 | version = "1.0.1" 7 | name = var.name 8 | environment = var.environment 9 | label_order = var.label_order 10 | region = var.region 11 | enabled = var.enabled 12 | subscription_tier_slug = var.subscription_tier_slug 13 | } 14 | -------------------------------------------------------------------------------- /terraform/_modules/container-registry/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "name" { 5 | value = module.container-registry.name 6 | description = " The name of the container registry" 7 | } 8 | -------------------------------------------------------------------------------- /terraform/_modules/container-registry/variables.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables. 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | 9 | variable "environment" { 10 | type = string 11 | default = "" 12 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 13 | } 14 | 15 | variable "label_order" { 16 | type = list(any) 17 | default = ["name", "environment"] 18 | description = "Label order, e.g. `name`,`application`." 19 | } 20 | 21 | #Module : Container Registry 22 | variable "subscription_tier_slug" { 23 | type = string 24 | default = "starter" 25 | description = "The slug identifier for the subscription tier to use (starter, basic, or professional)." 26 | } 27 | 28 | variable "region" { 29 | type = string 30 | default = "syd1" 31 | description = "The region to create VPC, like ``london-1`` , ``bangalore-1`` ,``newyork-3`` ``toronto-1``. " 32 | } 33 | 34 | variable "enabled" { 35 | type = bool 36 | default = true 37 | description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources." 38 | } -------------------------------------------------------------------------------- /terraform/_modules/database/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## mysql database cluster module call 3 | ##------------------------------------------------ 4 | module "mysql" { 5 | source = "terraform-do-modules/database/digitalocean" 6 | version = "1.0.0" 7 | name = var.name 8 | environment = var.environment 9 | enabled = var.enabled 10 | region = var.region 11 | cluster_engine = var.cluster_engine 12 | cluster_version = var.cluster_version 13 | cluster_size = var.cluster_size 14 | cluster_node_count = var.cluster_node_count 15 | cluster_private_network_uuid = var.cluster_private_network_uuid 16 | mysql_sql_mode = var.mysql_sql_mode 17 | cluster_maintenance = var.cluster_maintenance 18 | databases = var.databases 19 | users = var.users 20 | create_firewall = var.create_firewall 21 | firewall_rules = var.firewall_rules 22 | } -------------------------------------------------------------------------------- /terraform/_modules/database/output.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | 5 | output "database_cluster_id" { 6 | value = module.mysql.database_cluster_id 7 | description = "The id of the database cluster" 8 | } 9 | 10 | output "database_cluster_urn" { 11 | value = module.mysql.database_cluster_urn 12 | description = "The uniform resource name of the database cluster" 13 | } 14 | 15 | output "database_cluster_host" { 16 | value = module.mysql.database_cluster_host 17 | description = "The hostname of the database cluster" 18 | } 19 | 20 | output "database_cluster_private_host" { 21 | value = module.mysql.database_cluster_private_host 22 | description = "Same as host, but only accessible from resources within the account and in the same region" 23 | } 24 | 25 | output "database_cluster_uri" { 26 | value = module.mysql.database_cluster_uri 27 | sensitive = true 28 | description = "The full URI for connecting to the database cluster" 29 | } 30 | 31 | output "database_cluster_default_database" { 32 | value = module.mysql.database_cluster_default_database 33 | description = "Name of the cluster's default database" 34 | } 35 | 36 | output "database_cluster_default_user" { 37 | value = module.mysql.database_cluster_default_user 38 | description = "Username for the cluster's default user" 39 | } 40 | 41 | output "database_cluster_default_password" { 42 | value = module.mysql.database_cluster_default_password 43 | sensitive = true 44 | description = "Password for the cluster's default user" 45 | } 46 | 47 | output "connection_pool_id" { 48 | value = module.mysql.connection_pool_id 49 | description = "The ID of the database connection pool" 50 | } 51 | 52 | output "connection_pool_host" { 53 | value = module.mysql.connection_pool_host 54 | description = "The hostname used to connect to the database connection pool" 55 | } 56 | 57 | output "connection_pool_private_host" { 58 | value = module.mysql.connection_pool_private_host 59 | description = "Same as pool host, but only accessible from resources within the account and in the same region" 60 | } 61 | 62 | output "connection_pool_port" { 63 | value = module.mysql.connection_pool_port 64 | description = "Network port that the database connection pool is listening on" 65 | } 66 | 67 | output "connection_pool_uri" { 68 | value = module.mysql.connection_pool_port 69 | sensitive = true 70 | description = "The full URI for connecting to the database connection pool" 71 | } 72 | 73 | output "connection_pool_private_uri" { 74 | value = module.mysql.connection_pool_private_uri 75 | sensitive = true 76 | description = "Same as pool uri, but only accessible from resources within the account and in the same region" 77 | } 78 | 79 | output "connection_pool_password" { 80 | value = module.mysql.connection_pool_private_uri 81 | sensitive = true 82 | description = "Password for the connection pool's user" 83 | } 84 | 85 | output "db_name" { 86 | value = module.mysql.db_name 87 | description = "The name for the database" 88 | } 89 | 90 | output "user_role" { 91 | value = module.mysql.user_role 92 | description = "Role for the database user" 93 | } 94 | 95 | output "user_password" { 96 | value = module.mysql.user_role 97 | sensitive = true 98 | description = "Password for the database user" 99 | } 100 | 101 | output "database_firewall_id" { 102 | value = module.mysql.database_firewall_id 103 | description = "A unique identifier for the firewall" 104 | } 105 | 106 | output "database_firewall_rule" { 107 | value = module.mysql.database_firewall_rule 108 | description = "A map with rule's uuid, type, value and created_at params" 109 | } 110 | 111 | output "database_replica_firewall_rule" { 112 | value = module.mysql.database_replica_firewall_rule 113 | description = "A map with rule's uuid, type, value and created_at params" 114 | } 115 | 116 | output "replica_id" { 117 | value = module.mysql.replica_id 118 | description = "The ID of the database replica created by Terraform." 119 | } 120 | 121 | output "replica_host_name" { 122 | value = module.mysql.replica_host_name 123 | description = "The ID of the database replica created by Terraform." 124 | } 125 | 126 | output "replica_cluster_private_host" { 127 | value = module.mysql.replica_cluster_private_host 128 | description = "Same as host, but only accessible from resources within the account and in the same region." 129 | } 130 | 131 | output "replica_cluster_port" { 132 | value = module.mysql.replica_cluster_port 133 | description = "Network port that the database replica is listening on." 134 | } 135 | 136 | output "replica_cluster_uri" { 137 | value = module.mysql.replica_cluster_uri 138 | sensitive = true 139 | description = "The full URI for connecting to the database replica." 140 | } 141 | output "replica_cluster_default_database" { 142 | value = module.mysql.replica_cluster_default_database 143 | description = "Name of the replica's default database." 144 | } 145 | 146 | output "replica_cluster_default_user" { 147 | value = module.mysql.replica_cluster_default_user 148 | description = "Username for the replica cluster's default user" 149 | } 150 | 151 | output "replica_cluster_default_password" { 152 | value = module.mysql.replica_cluster_default_password 153 | sensitive = true 154 | description = "Password for the replica cluster's default user" 155 | } -------------------------------------------------------------------------------- /terraform/_modules/database/variables.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables. 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | 9 | variable "environment" { 10 | type = string 11 | default = "" 12 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 13 | } 14 | 15 | variable "enabled" { 16 | type = bool 17 | default = true 18 | description = "Flag to control the resources creation." 19 | } 20 | 21 | variable "cluster_engine" { 22 | type = string 23 | default = "" 24 | description = "Database engine used by the cluster (ex. pg for PostreSQL, mysql for MySQL, redis for Redis, or mongodb for MongoDB)" 25 | } 26 | 27 | variable "cluster_version" { 28 | type = string 29 | default = "" 30 | description = "The version of the cluster" 31 | } 32 | 33 | variable "cluster_size" { 34 | type = string 35 | default = "db-s-1vcpu-1gb" 36 | description = "Database Droplet size associated with the cluster (ex. db-s-1vcpu-1gb)" 37 | 38 | } 39 | 40 | variable "region" { 41 | type = string 42 | default = null 43 | description = "DigitalOcean region where the cluster will reside" 44 | } 45 | 46 | variable "cluster_node_count" { 47 | type = number 48 | default = 1 49 | description = "Number of nodes that will be included in the cluster" 50 | } 51 | 52 | variable "cluster_private_network_uuid" { 53 | type = string 54 | default = null 55 | description = "The ID of the VPC where the database cluster will be located" 56 | } 57 | 58 | variable "mysql_sql_mode" { 59 | type = string 60 | default = null 61 | description = "A comma separated string specifying the SQL modes for a MySQL cluster." 62 | } 63 | 64 | variable "cluster_maintenance" { 65 | type = map(string) 66 | default = null 67 | description = "The day and the start hour of the maintenance window policy" 68 | } 69 | 70 | variable "databases" { 71 | type = list(string) 72 | default = [] 73 | description = "A list of databases in the cluster" 74 | } 75 | 76 | variable "users" { 77 | type = list(map(string)) 78 | default = null 79 | description = "A list of users in the cluster" 80 | } 81 | 82 | variable "create_firewall" { 83 | type = bool 84 | default = false 85 | description = "Controls if firewall should be created" 86 | } 87 | 88 | variable "firewall_rules" { 89 | type = list(map(string)) 90 | default = [] 91 | description = "List of firewall rules associated with the cluster" 92 | } -------------------------------------------------------------------------------- /terraform/_modules/domain/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## Domain module call 3 | ##------------------------------------------------ 4 | module "domain" { 5 | source = "terraform-do-modules/domain/digitalocean" 6 | version = "1.0.0" 7 | name = var.name 8 | enabled = var.enabled 9 | records = var.records 10 | } -------------------------------------------------------------------------------- /terraform/_modules/domain/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "id" { 5 | value = module.domain.id 6 | } 7 | -------------------------------------------------------------------------------- /terraform/_modules/domain/variables.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Variables 3 | # ------------------------------------------------------------------------------ 4 | variable "name" { 5 | type = string 6 | default = "" 7 | description = "The name of the domain." 8 | } 9 | variable "records" { 10 | type = map(any) 11 | default = {} 12 | description = "Provides a DigitalOcean DNS record resource." 13 | } 14 | variable "enabled" { 15 | type = bool 16 | default = true 17 | description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources." 18 | } -------------------------------------------------------------------------------- /terraform/_modules/droplet/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## Droplet module call 3 | ##------------------------------------------------ 4 | module "droplet" { 5 | source = "terraform-do-modules/droplet/digitalocean" 6 | version = "1.0.1" 7 | name = var.name 8 | environment = var.environment 9 | enabled = var.enabled 10 | region = var.region 11 | vpc_uuid = var.vpc_id 12 | ssh_key = var.ssh_key 13 | user_data = var.user_data 14 | ####firewall 15 | inbound_rules = var.inbound_rules 16 | } -------------------------------------------------------------------------------- /terraform/_modules/droplet/outputs.tf: -------------------------------------------------------------------------------- 1 | output "name" { 2 | value = module.droplet.name 3 | description = "The name of the Droplet." 4 | } 5 | 6 | output "id" { 7 | value = module.droplet.id 8 | description = "The name of the Droplet." 9 | } -------------------------------------------------------------------------------- /terraform/_modules/droplet/user-data.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | apt-get update 3 | apt-get install python -y 4 | sudo adduser ubuntu --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password 5 | echo "ubuntu ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers 6 | usermod -aG sudo ubuntu 7 | cp -r /root/.ssh /home/ubuntu 8 | chown -R ubuntu:ubuntu /home/ubuntu/.ssh -------------------------------------------------------------------------------- /terraform/_modules/droplet/variable.tf: -------------------------------------------------------------------------------- 1 | variable "name" { 2 | type = string 3 | default = "" 4 | description = "Name (e.g. `app` or `cluster`)." 5 | } 6 | 7 | variable "environment" { 8 | type = string 9 | default = "" 10 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 11 | } 12 | 13 | variable "region" { 14 | type = string 15 | default = "blr1" 16 | description = "The region to create VPC, like ``blr1``" 17 | } 18 | 19 | variable "enabled" { 20 | type = bool 21 | default = true 22 | description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources." 23 | } 24 | 25 | variable "vpc_id" { 26 | type = string 27 | default = "" 28 | description = "The ID of the VPC where the Droplet will be located." 29 | } 30 | 31 | variable "ssh_key" { 32 | type = string 33 | default = "" 34 | description = "SSH key" 35 | } 36 | 37 | variable "inbound_rules" { 38 | type = any 39 | default = [] 40 | description = "List of objects that represent the configuration of each inbound rule." 41 | } 42 | 43 | variable "user_data" { 44 | type = string 45 | default = null 46 | description = "(Optional) A string of the desired User Data for the Droplet." 47 | } -------------------------------------------------------------------------------- /terraform/_modules/firewall/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## Firewall module call 3 | ##------------------------------------------------ 4 | module "firewall" { 5 | source = "terraform-do-modules/firewall/digitalocean" 6 | version = "1.0.0" 7 | enabled = var.enabled 8 | name = var.name 9 | environment = var.environment 10 | label_order = var.label_order 11 | allowed_ip = var.allowed_ip 12 | allowed_ports = var.allowed_ports 13 | droplet_ids = var.droplet_ids 14 | } -------------------------------------------------------------------------------- /terraform/_modules/firewall/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "name" { 5 | value = module.firewall.name 6 | description = "The name of the Firewall." 7 | } -------------------------------------------------------------------------------- /terraform/_modules/firewall/variables.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables. 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | 9 | variable "environment" { 10 | type = string 11 | default = "" 12 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 13 | } 14 | 15 | variable "label_order" { 16 | type = list(any) 17 | default = ["name", "environment"] 18 | description = "Label order, e.g. `name`,`application`." 19 | } 20 | 21 | #Module : Droplet 22 | variable "enabled" { 23 | type = bool 24 | default = true 25 | description = "Flag to control the droplet creation." 26 | } 27 | 28 | variable "allowed_ip" { 29 | type = list(any) 30 | default = [] 31 | description = "List of allowed ip." 32 | } 33 | 34 | variable "allowed_ports" { 35 | type = list(any) 36 | default = [] 37 | description = "List of allowed ingress ports." 38 | } 39 | 40 | variable "droplet_ids" { 41 | type = list(string) 42 | default = [] 43 | description = "The ID of the VPC that the instance security group belongs to." 44 | } -------------------------------------------------------------------------------- /terraform/_modules/kubernetes/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## Kubernetes module call 3 | ##------------------------------------------------ 4 | module "kubernetes" { 5 | source = "terraform-do-modules/kubernetes/digitalocean" 6 | version = "1.1.1" 7 | name = var.name 8 | environment = var.environment 9 | region = var.region 10 | enabled = var.enabled 11 | cluster_version = var.cluster_version 12 | vpc_uuid = var.vpc_uuid 13 | critical_node_pool = var.critical_node_pool 14 | app_node_pools = var.app_node_pools 15 | } -------------------------------------------------------------------------------- /terraform/_modules/kubernetes/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "id" { 5 | value = module.kubernetes.id 6 | description = "The id of Kubernetes cluster." 7 | } 8 | 9 | output "endpoint" { 10 | value = module.kubernetes.endpoint 11 | description = "The base URL of the API server on the Kubernetes master node." 12 | } -------------------------------------------------------------------------------- /terraform/_modules/kubernetes/variable.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables. 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | 9 | variable "environment" { 10 | type = string 11 | default = "" 12 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 13 | } 14 | 15 | variable "enabled" { 16 | type = bool 17 | default = true 18 | description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources." 19 | } 20 | 21 | variable "region" { 22 | type = string 23 | default = "blr1" 24 | description = "K8s Cluster Region." 25 | } 26 | 27 | variable "cluster_version" { 28 | type = string 29 | default = "1.27.2" 30 | description = "K8s Cluster Version." 31 | } 32 | 33 | variable "vpc_uuid" { 34 | type = string 35 | default = "" 36 | description = "The ID of the VPC where the Kubernetes cluster will be located." 37 | } 38 | 39 | variable "critical_node_pool" { 40 | type = any 41 | default = {} 42 | description = "Cluster default node pool." 43 | } 44 | 45 | variable "app_node_pools" { 46 | type = map(any) 47 | default = {} 48 | description = "Cluster additional node pools." 49 | } 50 | -------------------------------------------------------------------------------- /terraform/_modules/loadbalancer/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## Load Balancer module call 3 | ##------------------------------------------------ 4 | module "load-balancer" { 5 | source = "terraform-do-modules/load-balancer/digitalocean" 6 | version = "1.0.0" 7 | enabled = var.enabled 8 | name = var.name 9 | environment = var.environment 10 | region = var.region 11 | vpc_uuid = var.vpc_uuid 12 | droplet_ids = var.droplet_ids 13 | ###### 14 | enabled_redirect_http_to_https = var.enabled_redirect_http_to_https 15 | forwarding_rule = var.forwarding_rule 16 | healthcheck = var.healthcheck 17 | sticky_sessions = var.sticky_sessions 18 | firewall = var.firewall 19 | } -------------------------------------------------------------------------------- /terraform/_modules/loadbalancer/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "id" { 5 | value = module.load-balancer.id 6 | description = "The ID of the Load Balancer." 7 | } 8 | -------------------------------------------------------------------------------- /terraform/_modules/loadbalancer/variable.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables. 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | 9 | variable "environment" { 10 | type = string 11 | default = "" 12 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 13 | } 14 | 15 | variable "region" { 16 | type = string 17 | default = "blr-1" 18 | description = "The region to create VPC, like ``london-1`` , ``bangalore-1`` ,``newyork-3`` ``toronto-1``. " 19 | } 20 | 21 | variable "enabled" { 22 | type = bool 23 | default = true 24 | description = "Whether to create the resources. Set to `false` to prevent the module from creating any resources." 25 | } 26 | 27 | variable "vpc_uuid" { 28 | type = string 29 | default = "" 30 | description = "The ID of the VPC where the load balancer will be located." 31 | } 32 | 33 | variable "droplet_ids" { 34 | type = list(string) 35 | default = [] 36 | description = "A list of the IDs of each droplet to be attached to the Load Balancer." 37 | } 38 | 39 | variable "enabled_redirect_http_to_https" { 40 | type = bool 41 | default = false 42 | description = "A boolean value indicating whether HTTP requests to the Load Balancer on port 80 will be redirected to HTTPS on port 443. Default value is false." 43 | } 44 | 45 | variable "forwarding_rule" { 46 | type = list(any) 47 | default = [] 48 | description = "List of objects that represent the configuration of each forwarding_rule." 49 | } 50 | 51 | variable "healthcheck" { 52 | type = list(any) 53 | default = [] 54 | description = "List of objects that represent the configuration of each healthcheck." 55 | } 56 | 57 | variable "sticky_sessions" { 58 | type = list(any) 59 | default = [] 60 | description = "List of objects that represent the configuration of each healthcheck." 61 | } 62 | 63 | variable "firewall" { 64 | type = list(any) 65 | default = [] 66 | description = "List of objects that represent the configuration of each healthcheck." 67 | } 68 | -------------------------------------------------------------------------------- /terraform/_modules/monitoring/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## alert module call. 3 | ##------------------------------------------------ 4 | module "uptime-alert" { 5 | source = "terraform-do-modules/monitoring/digitalocean" 6 | version = "1.0.0" 7 | name = var.name 8 | enabled = var.enabled 9 | environment = var.environment 10 | target_url = var.target_url 11 | type = var.type 12 | alert_type = var.alert_type 13 | period = var.period 14 | comparison = var.comparison 15 | #### 16 | notifications = var.notifications 17 | } -------------------------------------------------------------------------------- /terraform/_modules/monitoring/output.tf: -------------------------------------------------------------------------------- 1 | output "uptime_check_id" { 2 | value = module.uptime-alert.uptime_alert_id 3 | description = " The id of the check." 4 | } 5 | output "uptime_alert_id" { 6 | value = module.uptime-alert.uptime_check_id 7 | description = "The id of the alert." 8 | } 9 | 10 | output "uuid" { 11 | value = module.uptime-alert.uuid 12 | description = "The uuid of the alert." 13 | } -------------------------------------------------------------------------------- /terraform/_modules/monitoring/variables.tf: -------------------------------------------------------------------------------- 1 | #Module : LABEL 2 | #Description : Terraform label module variables. 3 | variable "name" { 4 | type = string 5 | default = "" 6 | description = "Name (e.g. `app` or `cluster`)." 7 | } 8 | 9 | variable "environment" { 10 | type = string 11 | default = "" 12 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 13 | } 14 | 15 | variable "target_url" { 16 | type = list(any) 17 | default = [] 18 | description = "The endpoint to perform healthchecks on." 19 | } 20 | 21 | variable "type" { 22 | type = list(string) 23 | default = [] 24 | description = "The type of health check to perform: 'ping' 'http' 'https'." 25 | } 26 | 27 | variable "enabled" { 28 | type = bool 29 | default = true 30 | description = "A boolean value indicating whether the check is enabled/disabled." 31 | } 32 | 33 | variable "alert_type" { 34 | type = list(any) 35 | default = ["down_global"] 36 | description = "The type of health check to perform. Must be one of latency, down, down_global or ssl_expiry." 37 | } 38 | 39 | variable "comparison" { 40 | type = list(any) 41 | default = ["less_than"] 42 | description = "The comparison operator used against the alert's threshold. Must be one of greater_than or less_than." 43 | } 44 | 45 | variable "period" { 46 | type = list(string) 47 | default = ["2m"] 48 | description = "Period of time the threshold must be exceeded to trigger the alert. Must be one of 2m, 3m, 5m, 10m, 15m, 30m or 1h." 49 | } 50 | 51 | variable "notifications" { 52 | type = list(any) 53 | default = [] 54 | description = "The notification settings for a trigger alert." 55 | } -------------------------------------------------------------------------------- /terraform/_modules/spaces/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## spaces module call 3 | ##------------------------------------------------ 4 | module "spaces" { 5 | source = "terraform-do-modules/spaces/digitalocean" 6 | version = "1.0.0" 7 | name = var.name 8 | environment = var.environment 9 | acl = var.acl 10 | force_destroy = var.force_destroy 11 | region = var.region 12 | } -------------------------------------------------------------------------------- /terraform/_modules/spaces/outputs.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | output "urn" { 5 | value = module.spaces.urn 6 | description = "Name of SSH key." 7 | } 8 | 9 | output "name" { 10 | value = module.spaces.name 11 | description = "Name of SSH key." 12 | } 13 | 14 | output "bucket_domain_name" { 15 | value = module.spaces.bucket_domain_name 16 | description = "Name of SSH key." 17 | } 18 | -------------------------------------------------------------------------------- /terraform/_modules/spaces/variable.tf: -------------------------------------------------------------------------------- 1 | variable "name" { 2 | type = string 3 | default = "" 4 | description = "Name (e.g. `app` or `cluster`)." 5 | } 6 | 7 | variable "environment" { 8 | type = string 9 | default = "" 10 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 11 | } 12 | 13 | variable "region" { 14 | type = string 15 | default = "blr1" 16 | description = "The region to create VPC, like ``blr1``" 17 | } 18 | 19 | variable "acl" { 20 | type = string 21 | default = null 22 | description = "Canned ACL applied on bucket creation (private or public-read)." 23 | } 24 | 25 | variable "force_destroy" { 26 | type = bool 27 | default = false 28 | description = "Unless true, the bucket will only be destroyed if empty (Defaults to false)." 29 | } -------------------------------------------------------------------------------- /terraform/_modules/vpc/main.tf: -------------------------------------------------------------------------------- 1 | ##------------------------------------------------ 2 | ## VPC module call 3 | ##------------------------------------------------ 4 | module "vpc" { 5 | source = "terraform-do-modules/vpc/digitalocean" 6 | version = "1.0.0" 7 | name = var.name 8 | environment = var.environment 9 | region = var.region 10 | ip_range = var.ip_range 11 | } -------------------------------------------------------------------------------- /terraform/_modules/vpc/outputs.tf: -------------------------------------------------------------------------------- 1 | output "id" { 2 | value = module.vpc.id 3 | description = "Name of SSH key." 4 | } -------------------------------------------------------------------------------- /terraform/_modules/vpc/variable.tf: -------------------------------------------------------------------------------- 1 | variable "name" { 2 | type = string 3 | default = "" 4 | description = "Name (e.g. `app` or `cluster`)." 5 | } 6 | 7 | variable "environment" { 8 | type = string 9 | default = "" 10 | description = "Environment (e.g. `prod`, `dev`, `staging`)." 11 | } 12 | 13 | variable "region" { 14 | type = string 15 | default = "blr1" 16 | description = "The region to create VPC, like ``blr1``" 17 | } 18 | 19 | variable "ip_range" { 20 | type = string 21 | default = "" 22 | description = "The range of IP addresses for the VPC in CIDR notation. Network ranges cannot overlap with other networks in the same account and must be in range of private addresses as defined in RFC1918. It may not be larger than /16 or smaller than /24." 23 | } 24 | -------------------------------------------------------------------------------- /terraform/sandbox/blr1/.gitkeep: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/terraform-do-modules/terraform-digitalocean-components/da0d729c2a303afb5a9d020c9467cc7cd63d8a45/terraform/sandbox/blr1/.gitkeep -------------------------------------------------------------------------------- /terraform/sandbox/blr1/main.tf: -------------------------------------------------------------------------------- 1 | provider "digitalocean" {} 2 | 3 | locals { 4 | name = "app-component" 5 | environment = "test" 6 | region = "blr1" 7 | } 8 | 9 | module "vpc" { 10 | source = "./../../_modules/vpc" 11 | name = local.name 12 | environment = local.environment 13 | region = local.region 14 | ip_range = "10.11.0.0/16" 15 | } 16 | 17 | module "spaces" { 18 | source = "./../../_modules/spaces" 19 | 20 | name = "space-component" 21 | acl = "private" 22 | force_destroy = false 23 | region = "nyc3" 24 | } 25 | 26 | ##------------------------------------------------ 27 | ## Droplet module call 28 | ##------------------------------------------------ 29 | module "droplet" { 30 | source = "./../../_modules/droplet" 31 | name = local.name 32 | environment = local.environment 33 | region = local.region 34 | vpc_id = module.vpc.id 35 | ssh_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCbnaeXI+pAfwoMBLDl2r+fsRrBoqgRY54gcAawz0XJOiG6esHa13r28GGuEyAm5UGhDkVm6PZ8JAmLNpe8BTjJzF3BEZb+MMf0YLG+Gz6V5uyz9efuKxZqNTk2El36y5Z2dDUyrcT6FdayhRGtJPfUJc22tgucaTwA0I41SVJDb6OPeSYFalWIHk953RePWnJAjpRKyRqjnkbn6VUCqVQSNdJ+C4Qs7Zydullusm45UOMjhi20dgttdnnz6y9AOJDLws5IVmiee+Qwt1jO86RYSGyN2ikJQa6zB7Si1b8hlrVvDkBVGSxKs2mMJuLjXSx/SqdcwW17CDZLQoJ03WJgW3vs2sriyrtsFxWHCjssidl0sF83qVvUEsJKyNo7A6cXTAC++n2HlmWiDFpAns7qCrMkBJPOIT3hKDROozU+sLH8AL/mNd4yGpdTKDQGf+nDWq/5EGkHO4aq9RW9gQbGCX6H/zQTYudaDKLoVGf5LkYWtOC8+wfWmf2/dUA1KDU= devops" 36 | user_data = file("user-data.sh") 37 | ####firewall 38 | inbound_rules = [ 39 | { 40 | allowed_ip = ["0.0.0.0/0"] 41 | allowed_ports = "22" 42 | } 43 | ] 44 | } 45 | 46 | # ##------------------------------------------------ 47 | # ## Firewall module call 48 | # ##------------------------------------------------ 49 | module "firewall" { 50 | source = "./../../_modules/firewall" 51 | name = local.name 52 | environment = local.environment 53 | allowed_ip = ["0.0.0.0/0"] 54 | allowed_ports = [80, 443] 55 | droplet_ids = module.droplet.id 56 | } 57 | 58 | # ##------------------------------------------------ 59 | # ## Load Balancer module call 60 | # ##------------------------------------------------ 61 | module "load-balancer" { 62 | source = "./../../_modules/loadbalancer" 63 | name = local.name 64 | environment = local.environment 65 | region = local.region 66 | vpc_uuid = module.vpc.id 67 | droplet_ids = module.droplet.id 68 | ###### 69 | enabled_redirect_http_to_https = false 70 | forwarding_rule = [ 71 | { 72 | entry_port = 80 73 | entry_protocol = "http" 74 | target_port = 80 75 | target_protocol = "http" 76 | }, 77 | { 78 | entry_port = 443 79 | entry_protocol = "https" 80 | target_port = 80 81 | target_protocol = "http" 82 | certificate_name = "demo" 83 | } 84 | ] 85 | 86 | healthcheck = [ 87 | { 88 | port = 80 89 | protocol = "http" 90 | check_interval_seconds = 10 91 | response_timeout_seconds = 5 92 | unhealthy_threshold = 3 93 | healthy_threshold = 5 94 | } 95 | ] 96 | sticky_sessions = [ 97 | { 98 | type = "cookies" 99 | cookie_name = "lb-cookie" 100 | cookie_ttl_seconds = 300 101 | } 102 | ] 103 | 104 | firewall = [ 105 | { 106 | deny = ["cidr:0.0.0.0/0"] 107 | allow = ["cidr:143.244.136.144/32"] 108 | } 109 | ] 110 | } 111 | 112 | ##------------------------------------------------ 113 | ## container registry module call 114 | ##------------------------------------------------ 115 | module "container-registry" { 116 | source = "./../../_modules/container-registry" 117 | name = local.name 118 | environment = local.environment 119 | subscription_tier_slug = "starter" 120 | } 121 | 122 | ##------------------------------------------------ 123 | ## Kubernetes module call 124 | ##------------------------------------------------ 125 | module "k8s" { 126 | source = "./../../_modules/kubernetes" 127 | name = local.name 128 | environment = local.environment 129 | region = local.region 130 | cluster_version = "1.27.4-do.0" 131 | vpc_uuid = module.vpc.id 132 | 133 | critical_node_pool = { 134 | critical_node = { 135 | node_count = 1 136 | min_nodes = 1 137 | max_nodes = 2 138 | size = "s-1vcpu-2gb" 139 | labels = { "cluster" = "critical", } 140 | tags = ["demo"] 141 | # taint = [ 142 | # { 143 | # key = "name" 144 | # value = "default" 145 | # effect = "NoSchedule" 146 | # } 147 | # ] 148 | } 149 | } 150 | 151 | app_node_pools = { 152 | app_node = { 153 | size = "s-1vcpu-2gb" 154 | node_count = 1 155 | min_nodes = 1 156 | max_nodes = 2 157 | labels = { "cluster" = "application" } 158 | tags = ["demo"] 159 | taint = [ 160 | { 161 | key = "mysize" 162 | value = "large" 163 | effect = "NoSchedule" 164 | } 165 | ] 166 | } 167 | } 168 | } 169 | 170 | ##------------------------------------------------ 171 | ## Domain module call 172 | ##------------------------------------------------ 173 | module "domain" { 174 | source = "./../../_modules/domain" 175 | name = "component.test.com" 176 | 177 | records = { 178 | record1 = { 179 | type = "A" 180 | name = "test" 181 | value = "192.168.0.12" 182 | }, 183 | record2 = { 184 | type = "A" 185 | name = "demo2" 186 | value = "192.168.0.13" 187 | }, 188 | } 189 | } 190 | 191 | ##------------------------------------------------ 192 | ## alert module call. 193 | ##------------------------------------------------ 194 | module "uptime-alert" { 195 | source = "./../../_modules/monitoring" 196 | name = "app" 197 | environment = "test" 198 | target_url = ["http://test.do.clouddrove.ca/", "https://test2.do.clouddrove.ca/"] 199 | type = ["http", "https"] 200 | alert_type = ["down_global"] 201 | period = ["2m", "3m"] 202 | comparison = ["less_than"] 203 | #### 204 | notifications = [ 205 | { 206 | email = ["deepak.verma@clouddrove.com"] 207 | slack = [ 208 | { 209 | channel = "testing" 210 | url = "https://hooks.slack.com/services/TEXXXXXXXXxxxxYTGH8DNkjgggyKipj" 211 | } 212 | ] 213 | } 214 | ] 215 | } 216 | 217 | ##------------------------------------------------ 218 | ## lets_encrypt certificate module call 219 | ##------------------------------------------------ 220 | module "lets_encrypt_certificate" { 221 | source = "./../../_modules/certificate" 222 | certificate_name = "test" 223 | domain_names = ["do.clouddrove.ca"] 224 | } 225 | 226 | ##------------------------------------------------ 227 | ## cdn module call 228 | ##------------------------------------------------ 229 | module "cdn" { 230 | depends_on = [module.spaces] 231 | source = "./../../_modules/cdn" 232 | origin = module.spaces.bucket_domain_name 233 | ttl = 3600 234 | custom_domain = "" 235 | certificate_name = "" 236 | } 237 | 238 | ##------------------------------------------------ 239 | ## mysql database cluster module call 240 | ##------------------------------------------------ 241 | module "mysql" { 242 | source = "./../../_modules/database" 243 | name = local.name 244 | environment = local.environment 245 | region = local.region 246 | cluster_engine = "mysql" 247 | cluster_version = "8" 248 | cluster_size = "db-s-1vcpu-1gb" 249 | cluster_node_count = 1 250 | cluster_private_network_uuid = module.vpc.id 251 | mysql_sql_mode = "ANSI,ERROR_FOR_DIVISION_BY_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,STRICT_ALL_TABLES,ALLOW_INVALID_DATES" 252 | cluster_maintenance = { 253 | maintenance_hour = "02:00:00" 254 | maintenance_day = "saturday" 255 | } 256 | databases = ["testdb"] 257 | 258 | users = [ 259 | { 260 | name = "test", 261 | mysql_auth_plugin = "mysql_native_password" 262 | } 263 | ] 264 | 265 | create_firewall = false 266 | firewall_rules = [ 267 | { 268 | type = "ip_addr" 269 | value = "0.0.0.0" 270 | } 271 | ] 272 | } 273 | 274 | ##------------------------------------------------ 275 | ## app module call 276 | ##------------------------------------------------ 277 | module "app" { 278 | source = "./../../_modules/app" 279 | spec = [{ 280 | name = "test" 281 | enabled = true 282 | region = "nyc" 283 | domain = { 284 | name = "test.do.clouddrove.ca" 285 | type = "PRIMARY" 286 | zone = "do.clouddrove.ca" 287 | } 288 | 289 | static_site = { 290 | name = "blog" 291 | build_command = "bundle exec jekyll build -d ./public" 292 | environment_slug = "hugo" 293 | output_dir = "/public" 294 | 295 | git = { 296 | repo_clone_url = "https://github.com/digitalocean/sample-jekyll.git" 297 | branch = "main" 298 | } 299 | 300 | routes = { 301 | path = "/" 302 | } 303 | } 304 | }] 305 | } -------------------------------------------------------------------------------- /terraform/sandbox/blr1/output.tf: -------------------------------------------------------------------------------- 1 | # ------------------------------------------------------------------------------ 2 | # Outputs 3 | # ------------------------------------------------------------------------------ 4 | ## cdn 5 | output "cdn_id" { 6 | value = module.cdn.id 7 | } 8 | 9 | ## certificate 10 | 11 | output "certificate_id" { 12 | value = module.lets_encrypt_certificate.id 13 | description = "The unique ID of the certificate." 14 | } 15 | 16 | output "certificate_name" { 17 | value = module.lets_encrypt_certificate.name 18 | description = "The name of the certificate." 19 | } 20 | 21 | output "container_registry_name" { 22 | value = module.container-registry.name 23 | description = " The name of the container registry" 24 | } 25 | 26 | ###Database 27 | 28 | output "database_cluster_id" { 29 | value = module.mysql.database_cluster_id 30 | description = "The id of the database cluster" 31 | } 32 | 33 | output "database_cluster_urn" { 34 | value = module.mysql.database_cluster_urn 35 | description = "The uniform resource name of the database cluster" 36 | } 37 | 38 | output "database_cluster_host" { 39 | value = module.mysql.database_cluster_host 40 | description = "The hostname of the database cluster" 41 | } 42 | 43 | output "database_cluster_private_host" { 44 | value = module.mysql.database_cluster_private_host 45 | description = "Same as host, but only accessible from resources within the account and in the same region" 46 | } 47 | 48 | output "database_cluster_uri" { 49 | value = module.mysql.database_cluster_uri 50 | sensitive = true 51 | description = "The full URI for connecting to the database cluster" 52 | } 53 | 54 | output "database_cluster_default_database" { 55 | value = module.mysql.database_cluster_default_database 56 | description = "Name of the cluster's default database" 57 | } 58 | 59 | output "database_cluster_default_user" { 60 | value = module.mysql.database_cluster_default_user 61 | description = "Username for the cluster's default user" 62 | } 63 | 64 | output "database_cluster_default_password" { 65 | value = module.mysql.database_cluster_default_password 66 | sensitive = true 67 | description = "Password for the cluster's default user" 68 | } 69 | 70 | output "connection_pool_id" { 71 | value = module.mysql.connection_pool_id 72 | description = "The ID of the database connection pool" 73 | } 74 | 75 | output "connection_pool_host" { 76 | value = module.mysql.connection_pool_host 77 | description = "The hostname used to connect to the database connection pool" 78 | } 79 | 80 | output "connection_pool_private_host" { 81 | value = module.mysql.connection_pool_private_host 82 | description = "Same as pool host, but only accessible from resources within the account and in the same region" 83 | } 84 | 85 | output "connection_pool_port" { 86 | value = module.mysql.connection_pool_port 87 | description = "Network port that the database connection pool is listening on" 88 | } 89 | 90 | output "connection_pool_uri" { 91 | value = module.mysql.connection_pool_port 92 | sensitive = true 93 | description = "The full URI for connecting to the database connection pool" 94 | } 95 | 96 | output "connection_pool_private_uri" { 97 | value = module.mysql.connection_pool_private_uri 98 | sensitive = true 99 | description = "Same as pool uri, but only accessible from resources within the account and in the same region" 100 | } 101 | 102 | output "connection_pool_password" { 103 | value = module.mysql.connection_pool_private_uri 104 | sensitive = true 105 | description = "Password for the connection pool's user" 106 | } 107 | 108 | output "db_name" { 109 | value = module.mysql.db_name 110 | description = "The name for the database" 111 | } 112 | 113 | output "user_role" { 114 | value = module.mysql.user_role 115 | description = "Role for the database user" 116 | } 117 | 118 | output "user_password" { 119 | value = module.mysql.user_role 120 | sensitive = true 121 | description = "Password for the database user" 122 | } 123 | 124 | output "database_firewall_id" { 125 | value = module.mysql.database_firewall_id 126 | description = "A unique identifier for the firewall" 127 | } 128 | 129 | output "database_firewall_rule" { 130 | value = module.mysql.database_firewall_rule 131 | description = "A map with rule's uuid, type, value and created_at params" 132 | } 133 | 134 | output "database_replica_firewall_rule" { 135 | value = module.mysql.database_replica_firewall_rule 136 | description = "A map with rule's uuid, type, value and created_at params" 137 | } 138 | 139 | output "replica_id" { 140 | value = module.mysql.replica_id 141 | description = "The ID of the database replica created by Terraform." 142 | } 143 | 144 | output "replica_host_name" { 145 | value = module.mysql.replica_host_name 146 | description = "The ID of the database replica created by Terraform." 147 | } 148 | 149 | output "replica_cluster_private_host" { 150 | value = module.mysql.replica_cluster_private_host 151 | description = "Same as host, but only accessible from resources within the account and in the same region." 152 | } 153 | 154 | output "replica_cluster_port" { 155 | value = module.mysql.replica_cluster_port 156 | description = "Network port that the database replica is listening on." 157 | } 158 | 159 | output "replica_cluster_uri" { 160 | value = module.mysql.replica_cluster_uri 161 | sensitive = true 162 | description = "The full URI for connecting to the database replica." 163 | } 164 | output "replica_cluster_default_database" { 165 | value = module.mysql.replica_cluster_default_database 166 | description = "Name of the replica's default database." 167 | } 168 | 169 | output "replica_cluster_default_user" { 170 | value = module.mysql.replica_cluster_default_user 171 | description = "Username for the replica cluster's default user" 172 | } 173 | 174 | output "replica_cluster_default_password" { 175 | value = module.mysql.replica_cluster_default_password 176 | sensitive = true 177 | description = "Password for the replica cluster's default user" 178 | } 179 | 180 | #droplet 181 | output "domain_id" { 182 | value = module.domain.id 183 | } 184 | 185 | output "droplet_name" { 186 | value = module.droplet.name 187 | description = "The name of the Droplet." 188 | } 189 | 190 | output "droplet_id" { 191 | value = module.droplet.id 192 | description = "The name of the Droplet." 193 | } 194 | 195 | #firewall 196 | output "firewall_name" { 197 | value = module.firewall.name 198 | description = "The name of the Firewall." 199 | } 200 | 201 | #kubernetes 202 | output "kubernetes_id" { 203 | value = module.k8s.id 204 | description = "The id of Kubernetes cluster." 205 | } 206 | 207 | output "kubernetes_endpoint" { 208 | value = module.k8s.endpoint 209 | description = "The base URL of the API server on the Kubernetes master node." 210 | } 211 | 212 | #loadbalancer 213 | output "loadbalancer_id" { 214 | value = module.load-balancer.id 215 | description = "The ID of the Load Balancer." 216 | } 217 | 218 | ## monitoring 219 | output "uptime_check_id" { 220 | value = module.uptime-alert.uptime_alert_id 221 | description = " The id of the check." 222 | } 223 | output "uptime_alert_id" { 224 | value = module.uptime-alert.uptime_check_id 225 | description = "The id of the alert." 226 | } 227 | 228 | #spaces 229 | output "spaces_uuid" { 230 | value = module.uptime-alert.uuid 231 | description = "The uuid of the alert." 232 | } 233 | 234 | output "spaces_urn" { 235 | value = module.spaces.urn 236 | description = "Name of SSH key." 237 | } 238 | 239 | output "spaces_name" { 240 | value = module.spaces.name 241 | description = "Name of SSH key." 242 | } 243 | 244 | output "bucket_domain_name" { 245 | value = module.spaces.bucket_domain_name 246 | description = "Name of SSH key." 247 | } 248 | 249 | #vpc 250 | output "vpc_id" { 251 | value = module.vpc.id 252 | description = "Name of SSH key." 253 | } -------------------------------------------------------------------------------- /terraform/sandbox/blr1/user-data.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | apt-get update 3 | apt-get install python -y 4 | sudo adduser ubuntu --gecos "First Last,RoomNumber,WorkPhone,HomePhone" --disabled-password 5 | echo "ubuntu ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers 6 | usermod -aG sudo ubuntu 7 | cp -r /root/.ssh /home/ubuntu 8 | chown -R ubuntu:ubuntu /home/ubuntu/.ssh -------------------------------------------------------------------------------- /terraform/sandbox/blr1/versions.tf: -------------------------------------------------------------------------------- 1 | # Terraform version 2 | terraform { 3 | required_version = ">= 1.5.4" 4 | required_providers { 5 | digitalocean = { 6 | source = "digitalocean/digitalocean" 7 | version = ">= 2.29.0" 8 | } 9 | } 10 | } --------------------------------------------------------------------------------