├── .github
    └── FUNDING.yml
├── README.md
├── m1-setup
    └── README.md
├── m2-security-group
    ├── README.md
    └── wordpress.tf
├── m3-ec2
    ├── README.md
    ├── variables.tf
    └── wordpress.tf
├── m4-elastic-ip
    ├── README.md
    ├── variables.tf
    └── wordpress.tf
├── m5-user-data
    ├── README.md
    ├── variables.tf
    ├── wordpress-init.sh
    └── wordpress.tf
├── m6-template
    ├── README.md
    ├── variables.tf
    ├── wordpress-init.sh.tpl
    └── wordpress.tf
├── m7-module
    ├── README.md
    ├── variables.tf
    ├── vpc
    │   └── vpc.tf
    ├── wordpress-init.sh.tpl
    └── wordpress.tf
└── teach
    ├── cli.sh
    ├── datasource.tf
    ├── interpolationsyntax1.tf
    ├── interpolationsyntax2.tf
    ├── output.tf
    ├── provider.tf
    ├── resource.tf
    └── variable.tf


/.github/FUNDING.yml:
--------------------------------------------------------------------------------
1 | # These are supported funding model platforms
2 | 
3 | github: widdix
4 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Learn Terraform
 2 | 
 3 | This repository contains modules helping you to get started with Terraform based on a simple example. You will deploy Wordpress with the help of Terraform.
 4 | 
 5 | ## Setup
 6 | Clone this repository on your local machine.
 7 | 
 8 | ``git clone https://github.com/widdix/learn-terraform.git``
 9 | 
10 | ## Cleaning up
11 | Delete your infrastructure with `AWS_PROFILE=tf-workshop terraform destroy`.
12 | 
13 | Open the AWS Management Console of an empty AWS account.
14 | 


--------------------------------------------------------------------------------
/m1-setup/README.md:
--------------------------------------------------------------------------------
 1 | # Module 1: Initial Setup
 2 | 
 3 | ## Documentation
 4 | * [Terraform Docs](https://www.terraform.io/docs/index.html)
 5 | 
 6 | ## Initial Setup
 7 | 1. Create an IAM user.
 8 | 1. Create and download security credentials for your IAM user.
 9 | 1. Add another AWS profile: `aws configure --profile tf-workshop`. Choose default region us-east-1.
10 | 1. Run `AWS_PROFILE=tf-workshop aws s3 ls` to verify your setup.
11 | 


--------------------------------------------------------------------------------
/m2-security-group/README.md:
--------------------------------------------------------------------------------
 1 | # Module 2: Creating a Security Group
 2 | 
 3 | ## Documentation
 4 | * [Terraform: AWS Provider](https://www.terraform.io/docs/providers/aws/index.html)
 5 | * [Terraform: Security Group](https://www.terraform.io/docs/providers/aws/r/security_group.html)
 6 | 
 7 | ## Creating a Security Group
 8 | 1. Create a Terraform configuration file `wordpress.tf`.
 9 | 1. Add the AWS provider to your configuration file.
10 | 1. Set the region to `us-east-1`.
11 | 1. Create a Security Group resource allowing incoming traffic on TCP 22 and 80 from anywhere and all outgoing traffic.
12 | 1. Apply the Terraform configuration: `AWS_PROFILE=tf-workshop terraform apply`.
13 | 


--------------------------------------------------------------------------------
/m2-security-group/wordpress.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = "us-east-1"
 3 | }
 4 | 
 5 | resource "aws_security_group" "webserver" {
 6 |   name        = "wordpress"
 7 |   description = "Allowing HTTP and SSH access."
 8 |   vpc_id      = "vpc-6bca420d"
 9 | 
10 |   ingress {
11 |     protocol  = "tcp"
12 |     from_port = 22
13 |     to_port   = 22
14 |     cidr_blocks = ["0.0.0.0/0"]
15 |   }
16 | 
17 |   ingress {
18 |     protocol  = "tcp"
19 |     from_port = 80
20 |     to_port   = 80
21 |     cidr_blocks = ["0.0.0.0/0"]
22 |   }
23 | 
24 |   egress {
25 |     from_port   = 0
26 |     to_port     = 0
27 |     protocol    = "-1"
28 |     cidr_blocks = ["0.0.0.0/0"]
29 |   }
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/m3-ec2/README.md:
--------------------------------------------------------------------------------
 1 | # Module 3: Creating an EC2 Instance
 2 | 
 3 | ## Documentation
 4 | * [Terraform: EC2 Instance](https://www.terraform.io/docs/providers/aws/r/instance.html)
 5 | * [Terraform: Variables](https://www.terraform.io/docs/configuration/variables.html)
 6 | * [Terraform: Dependencies](https://www.terraform.io/intro/getting-started/dependencies.html)
 7 | 
 8 | ## Creating an EC2 Instance
 9 | 1. Add an EC2 Instance resource to your Terraform configuration file `wordpress.tf`.
10 | 1. Define `t2.micro` as the instance type.
11 | 1. Create a variable named `ami` with the value `ami-f4cc1de2`.
12 | 1. Use use the variable `ami` to specify the image to start the virtual machine from.
13 | 1. Attach the Security Group already defined within the template to the EC2 instance.
14 | 1. Configure your Key Pair for the EC2 instance.
15 | 1. Apply the Terraform configuration: `AWS_PROFILE=tf-workshop terraform apply`.
16 | 


--------------------------------------------------------------------------------
/m3-ec2/variables.tf:
--------------------------------------------------------------------------------
1 | variable "ami" {
2 |   default = "ami-f4cc1de2"
3 | }


--------------------------------------------------------------------------------
/m3-ec2/wordpress.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = "us-east-1"
 3 | }
 4 | 
 5 | resource "aws_instance" "webserver" {
 6 |   ami           = "${var.ami}"
 7 |   instance_type = "t2.micro"
 8 |   vpc_security_group_ids = ["${aws_security_group.webserver.id}"]
 9 |   key_name      = "awittig"
10 | }
11 | 
12 | resource "aws_security_group" "webserver" {
13 |   name        = "wordpress"
14 |   description = "Allowing HTTP and SSH access."
15 |   vpc_id      = "vpc-6bca420d"
16 | 
17 |   ingress {
18 |     protocol  = "tcp"
19 |     from_port = 22
20 |     to_port   = 22
21 |     cidr_blocks = ["0.0.0.0/0"]
22 |   }
23 | 
24 |   ingress {
25 |     protocol  = "tcp"
26 |     from_port = 80
27 |     to_port   = 80
28 |     cidr_blocks = ["0.0.0.0/0"]
29 |   }
30 | 
31 |   egress {
32 |     from_port   = 0
33 |     to_port     = 0
34 |     protocol    = "-1"
35 |     cidr_blocks = ["0.0.0.0/0"]
36 |   }
37 | 
38 | }
39 | 


--------------------------------------------------------------------------------
/m4-elastic-ip/README.md:
--------------------------------------------------------------------------------
 1 | # Module 4: Creating an Elastic IP
 2 | 
 3 | ## Documentation
 4 | * [Terraform: Elastic IP](https://www.terraform.io/docs/providers/aws/r/eip.html)
 5 | * [Terraform: Outputs](https://www.terraform.io/intro/getting-started/outputs.html)
 6 | 
 7 | ## Creating an Elastic IP
 8 | 1. Add an Elastic IP resource to your Terraform configuration file `wordpress.tf`.
 9 | 1. Add an output variable containing the public IP address to your configuration file.
10 | 1. Apply the Terraform configuration: `AWS_PROFILE=tf-workshop terraform apply`.
11 | 


--------------------------------------------------------------------------------
/m4-elastic-ip/variables.tf:
--------------------------------------------------------------------------------
1 | variable "ami" {
2 |   default = "ami-f4cc1de2"
3 | }


--------------------------------------------------------------------------------
/m4-elastic-ip/wordpress.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = "us-east-1"
 3 | }
 4 | 
 5 | resource "aws_instance" "webserver" {
 6 |   ami           = "${var.ami}"
 7 |   instance_type = "t2.micro"
 8 |   vpc_security_group_ids = ["${aws_security_group.webserver.id}"]
 9 |   key_name      = "awittig"
10 | }
11 | 
12 | resource "aws_security_group" "webserver" {
13 |   name        = "wordpress"
14 |   description = "Allowing HTTP and SSH access."
15 |   vpc_id      = "vpc-6bca420d"
16 | 
17 |   ingress {
18 |     protocol  = "tcp"
19 |     from_port = 22
20 |     to_port   = 22
21 |     cidr_blocks = ["0.0.0.0/0"]
22 |   }
23 | 
24 |   ingress {
25 |     protocol  = "tcp"
26 |     from_port = 80
27 |     to_port   = 80
28 |     cidr_blocks = ["0.0.0.0/0"]
29 |   }
30 | 
31 |   egress {
32 |     from_port   = 0
33 |     to_port     = 0
34 |     protocol    = "-1"
35 |     cidr_blocks = ["0.0.0.0/0"]
36 |   }
37 | 
38 | }
39 | 
40 | resource "aws_eip" "ip" {
41 |   instance = "${aws_instance.webserver.id}"
42 | }
43 | 
44 | output "ip" {
45 |   value = "${aws_eip.ip.public_ip}"
46 | }
47 | 


--------------------------------------------------------------------------------
/m5-user-data/README.md:
--------------------------------------------------------------------------------
 1 | # Module 5: Using User Data to provision the EC2 Instance
 2 | 
 3 | ## Documentation
 4 | * [Terraform: EC2 Instance](https://www.terraform.io/docs/providers/aws/r/instance.html)
 5 | * [Terraform: Interpolation](https://www.terraform.io/docs/configuration/interpolation.html)
 6 | 
 7 | ## Using User Data to provision the EC2 Instance
 8 | 1. Create a file including a bash script to provision the EC2 Instance (e.g. install apache2, download and configure Wordpress, ...).
 9 | 1. Use User Data to inject your script to the EC2 Instance during the boot process.
10 | 1. Apply the Terraform configuration: `AWS_PROFILE=tf-workshop terraform apply`.
11 | 


--------------------------------------------------------------------------------
/m5-user-data/variables.tf:
--------------------------------------------------------------------------------
1 | variable "ami" {
2 |   default = "ami-f4cc1de2"
3 | }


--------------------------------------------------------------------------------
/m5-user-data/wordpress-init.sh:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | 
  3 | apt-get update
  4 | DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 libapache2-mod-php7.0 mysql-server php7.0-mysql
  5 | service apache2 restart
  6 | wget https://wordpress.org/latest.tar.gz
  7 | tar xf latest.tar.gz
  8 | mv wordpress/ /var/www/html
  9 | echo "CREATE DATABASE IF NOT EXISTS wordpress; CREATE USER IF NOT EXISTS 'wordpress'@'localhost' IDENTIFIED BY 'verysecurepassword'; GRANT ALL PRIVILEGES ON *.* TO 'wordpress'@'localhost' WITH GRANT OPTION;" | mysql
 10 | 
 11 | 
 12 | cat > /var/www/html/wordpress/wp-config.php << "EOF"
 13 | <?php
 14 | /**
 15 |  * The base configuration for WordPress
 16 |  *
 17 |  * The wp-config.php creation script uses this file during the
 18 |  * installation. You don't have to use the web site, you can
 19 |  * copy this file to \"wp-config.php\" and fill in the values.
 20 |  *
 21 |  * This file contains the following configurations:
 22 |  *
 23 |  * * MySQL settings
 24 |  * * Secret keys
 25 |  * * Database table prefix
 26 |  * * ABSPATH
 27 |  *
 28 |  * @link https://codex.wordpress.org/Editing_wp-config.php
 29 |  *
 30 |  * @package WordPress
 31 |  */
 32 | 
 33 | // ** MySQL settings - You can get this info from your web host ** //
 34 | /** The name of the database for WordPress */
 35 | define('DB_NAME', 'wordpress');
 36 | 
 37 | /** MySQL database username */
 38 | define('DB_USER', 'wordpress');
 39 | 
 40 | /** MySQL database password */
 41 | define('DB_PASSWORD', 'verysecurepassword');
 42 | 
 43 | /** MySQL hostname */
 44 | define('DB_HOST', 'localhost');
 45 | 
 46 | /** Database Charset to use in creating database tables. */
 47 | define('DB_CHARSET', 'utf8');
 48 | 
 49 | /** The Database Collate type. Don't change this if in doubt. */
 50 | define('DB_COLLATE', '');
 51 | 
 52 | /**#@+
 53 |  * Authentication Unique Keys and Salts.
 54 |  *
 55 |  * Change these to different unique phrases!
 56 |  * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 57 |  * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 58 |  *
 59 |  * @since 2.6.0
 60 |  */
 61 | define('AUTH_KEY',         'put your unique phrase here');
 62 | define('SECURE_AUTH_KEY',  'put your unique phrase here');
 63 | define('LOGGED_IN_KEY',    'put your unique phrase here');
 64 | define('NONCE_KEY',        'put your unique phrase here');
 65 | define('AUTH_SALT',        'put your unique phrase here');
 66 | define('SECURE_AUTH_SALT', 'put your unique phrase here');
 67 | define('LOGGED_IN_SALT',   'put your unique phrase here');
 68 | define('NONCE_SALT',       'put your unique phrase here');
 69 | 
 70 | /**#@-*/
 71 | 
 72 | /**
 73 |  * WordPress Database Table prefix.
 74 |  *
 75 |  * You can have multiple installations in one database if you give each
 76 |  * a unique prefix. Only numbers, letters, and underscores please!
 77 |  */
 78 | $table_prefix  = 'wp_';
 79 | 
 80 | /**
 81 |  * For developers: WordPress debugging mode.
 82 |  *
 83 |  * Change this to true to enable the display of notices during development.
 84 |  * It is strongly recommended that plugin and theme developers use WP_DEBUG
 85 |  * in their development environments.
 86 |  *
 87 |  * For information on other constants that can be used for debugging,
 88 |  * visit the Codex.
 89 |  *
 90 |  * @link https://codex.wordpress.org/Debugging_in_WordPress
 91 |  */
 92 | define('WP_DEBUG', false);
 93 | 
 94 | /* That's all, stop editing! Happy blogging. */
 95 | 
 96 | /** Absolute path to the WordPress directory. */
 97 | if ( !defined('ABSPATH') )
 98 |   define('ABSPATH', dirname(__FILE__) . '/');
 99 | 
100 | /** Sets up WordPress vars and included files. */
101 | require_once(ABSPATH . 'wp-settings.php');
102 | EOF


--------------------------------------------------------------------------------
/m5-user-data/wordpress.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = "us-east-1"
 3 | }
 4 | 
 5 | resource "aws_instance" "webserver" {
 6 |   ami           = "${var.ami}"
 7 |   instance_type = "t2.micro"
 8 |   user_data     =  "${file("wordpress-init.sh")}"
 9 |   vpc_security_group_ids = ["${aws_security_group.webserver.id}"]
10 |   key_name      = "awittig"
11 | }
12 | 
13 | resource "aws_security_group" "webserver" {
14 |   name        = "wordpress"
15 |   description = "Allowing HTTP and SSH access."
16 |   vpc_id      = "vpc-6bca420d"
17 | 
18 |   ingress {
19 |     protocol  = "tcp"
20 |     from_port = 22
21 |     to_port   = 22
22 |     cidr_blocks = ["0.0.0.0/0"]
23 |   }
24 | 
25 |   ingress {
26 |     protocol  = "tcp"
27 |     from_port = 80
28 |     to_port   = 80
29 |     cidr_blocks = ["0.0.0.0/0"]
30 |   }
31 | 
32 |   egress {
33 |     from_port   = 0
34 |     to_port     = 0
35 |     protocol    = "-1"
36 |     cidr_blocks = ["0.0.0.0/0"]
37 |   }
38 | 
39 | }
40 | 
41 | resource "aws_eip" "ip" {
42 |   instance = "${aws_instance.webserver.id}"
43 | }
44 | 
45 | output "ip" {
46 |   value = "${aws_eip.ip.public_ip}"
47 | }
48 | 


--------------------------------------------------------------------------------
/m6-template/README.md:
--------------------------------------------------------------------------------
 1 | # Module 6: Using templates
 2 | 
 3 | ## Documentation
 4 | * [Terraform: Template](https://www.terraform.io/docs/providers/template/d/file.html)
 5 | 
 6 | ## Using templates
 7 | 1. Add a variable containing the database password.
 8 | 1. Use the `Template` provider to set the database password within your bash script.
 9 | 1. Apply the Terraform configuration: `AWS_PROFILE=tf-workshop terraform apply`.
10 | 


--------------------------------------------------------------------------------
/m6-template/variables.tf:
--------------------------------------------------------------------------------
1 | variable "ami" {
2 |   default = "ami-f4cc1de2"
3 | }
4 | variable "db_password" {}


--------------------------------------------------------------------------------
/m6-template/wordpress-init.sh.tpl:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | 
  3 | apt-get update
  4 | DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 libapache2-mod-php7.0 mysql-server php7.0-mysql
  5 | service apache2 restart
  6 | wget https://wordpress.org/latest.tar.gz
  7 | tar xf latest.tar.gz
  8 | mv wordpress/ /var/www/html
  9 | echo "CREATE DATABASE IF NOT EXISTS wordpress; CREATE USER IF NOT EXISTS 'wordpress'@'localhost' IDENTIFIED BY '${db_password}'; GRANT ALL PRIVILEGES ON *.* TO 'wordpress'@'localhost' WITH GRANT OPTION;" | mysql
 10 | 
 11 | 
 12 | cat > /var/www/html/wordpress/wp-config.php << "EOF"
 13 | <?php
 14 | /**
 15 |  * The base configuration for WordPress
 16 |  *
 17 |  * The wp-config.php creation script uses this file during the
 18 |  * installation. You don't have to use the web site, you can
 19 |  * copy this file to \"wp-config.php\" and fill in the values.
 20 |  *
 21 |  * This file contains the following configurations:
 22 |  *
 23 |  * * MySQL settings
 24 |  * * Secret keys
 25 |  * * Database table prefix
 26 |  * * ABSPATH
 27 |  *
 28 |  * @link https://codex.wordpress.org/Editing_wp-config.php
 29 |  *
 30 |  * @package WordPress
 31 |  */
 32 | 
 33 | // ** MySQL settings - You can get this info from your web host ** //
 34 | /** The name of the database for WordPress */
 35 | define('DB_NAME', 'wordpress');
 36 | 
 37 | /** MySQL database username */
 38 | define('DB_USER', 'wordpress');
 39 | 
 40 | /** MySQL database password */
 41 | define('DB_PASSWORD', '${db_password}');
 42 | 
 43 | /** MySQL hostname */
 44 | define('DB_HOST', 'localhost');
 45 | 
 46 | /** Database Charset to use in creating database tables. */
 47 | define('DB_CHARSET', 'utf8');
 48 | 
 49 | /** The Database Collate type. Don't change this if in doubt. */
 50 | define('DB_COLLATE', '');
 51 | 
 52 | /**#@+
 53 |  * Authentication Unique Keys and Salts.
 54 |  *
 55 |  * Change these to different unique phrases!
 56 |  * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 57 |  * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 58 |  *
 59 |  * @since 2.6.0
 60 |  */
 61 | define('AUTH_KEY',         'put your unique phrase here');
 62 | define('SECURE_AUTH_KEY',  'put your unique phrase here');
 63 | define('LOGGED_IN_KEY',    'put your unique phrase here');
 64 | define('NONCE_KEY',        'put your unique phrase here');
 65 | define('AUTH_SALT',        'put your unique phrase here');
 66 | define('SECURE_AUTH_SALT', 'put your unique phrase here');
 67 | define('LOGGED_IN_SALT',   'put your unique phrase here');
 68 | define('NONCE_SALT',       'put your unique phrase here');
 69 | 
 70 | /**#@-*/
 71 | 
 72 | /**
 73 |  * WordPress Database Table prefix.
 74 |  *
 75 |  * You can have multiple installations in one database if you give each
 76 |  * a unique prefix. Only numbers, letters, and underscores please!
 77 |  */
 78 | $table_prefix  = 'wp_';
 79 | 
 80 | /**
 81 |  * For developers: WordPress debugging mode.
 82 |  *
 83 |  * Change this to true to enable the display of notices during development.
 84 |  * It is strongly recommended that plugin and theme developers use WP_DEBUG
 85 |  * in their development environments.
 86 |  *
 87 |  * For information on other constants that can be used for debugging,
 88 |  * visit the Codex.
 89 |  *
 90 |  * @link https://codex.wordpress.org/Debugging_in_WordPress
 91 |  */
 92 | define('WP_DEBUG', false);
 93 | 
 94 | /* That's all, stop editing! Happy blogging. */
 95 | 
 96 | /** Absolute path to the WordPress directory. */
 97 | if ( !defined('ABSPATH') )
 98 |   define('ABSPATH', dirname(__FILE__) . '/');
 99 | 
100 | /** Sets up WordPress vars and included files. */
101 | require_once(ABSPATH . 'wp-settings.php');
102 | EOF


--------------------------------------------------------------------------------
/m6-template/wordpress.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = "us-east-1"
 3 | }
 4 | 
 5 | data "template_file" "wordpress-init" {
 6 |   template = "${file("wordpress-init.sh.tpl")}"
 7 | 
 8 |   vars {
 9 |     db_password = "${var.db_password}"
10 |   }
11 | }
12 | 
13 | resource "aws_instance" "webserver" {
14 |   ami           = "${var.ami}"
15 |   instance_type = "t2.micro"
16 |   user_data     =  "${data.template_file.wordpress-init.rendered}" # "${file("wordpress-init.sh")}"
17 |   vpc_security_group_ids = ["${aws_security_group.webserver.id}"]
18 |   key_name      = "awittig"
19 | }
20 | 
21 | resource "aws_security_group" "webserver" {
22 |   name        = "wordpress"
23 |   description = "Allowing HTTP and SSH access."
24 |   vpc_id      = "vpc-6bca420d"
25 | 
26 |   ingress {
27 |     protocol  = "tcp"
28 |     from_port = 22
29 |     to_port   = 22
30 |     cidr_blocks = ["0.0.0.0/0"]
31 |   }
32 | 
33 |   ingress {
34 |     protocol  = "tcp"
35 |     from_port = 80
36 |     to_port   = 80
37 |     cidr_blocks = ["0.0.0.0/0"]
38 |   }
39 | 
40 |   egress {
41 |     from_port   = 0
42 |     to_port     = 0
43 |     protocol    = "-1"
44 |     cidr_blocks = ["0.0.0.0/0"]
45 |   }
46 | 
47 | }
48 | 
49 | resource "aws_eip" "ip" {
50 |   instance = "${aws_instance.webserver.id}"
51 | }
52 | 
53 | output "ip" {
54 |   value = "${aws_eip.ip.public_ip}"
55 | }
56 | 


--------------------------------------------------------------------------------
/m7-module/README.md:
--------------------------------------------------------------------------------
 1 | # Module 7: Modularization
 2 | 
 3 | ## Documentation
 4 | * [Terraform: Modules](https://www.terraform.io/docs/modules/index.html)
 5 | * [Terraform: VPC](https://www.terraform.io/docs/providers/aws/r/vpc.html)
 6 | * [Terraform: Subnet](https://www.terraform.io/docs/providers/aws/r/subnet.html)
 7 | * [Terraform: Default Route](https://www.terraform.io/docs/providers/aws/r/default_route_table.html)
 8 | * [Terraform: Internet Gateway](https://www.terraform.io/docs/providers/aws/r/internet_gateway.html)
 9 | * [Terraform: EC2 Instance](https://www.terraform.io/docs/providers/aws/r/instance.html)
10 | 
11 | ## Using templates
12 | 1. Create a sub folder named `vpc`.
13 | 1. Create a file `vpc.tf` within the sub folder.
14 | 1. Add a module pointing to `./vpc` to `wordpress.tf`.
15 | 1. Add a VPC, Subnet, Internet Gateway and Default Route to the `vpc` module.
16 | 1. Add outputs for VPC ID and Subnet ID to the `vpc` module.
17 | 1. Use VPC ID and Subnet ID from module `vpc` within `wordpress.tf`: Security Group and EC2 Instance
18 | 1. Get the module `terraform get`.
19 | 1. Apply the Terraform configuration: `AWS_PROFILE=tf-workshop terraform apply`.
20 | 


--------------------------------------------------------------------------------
/m7-module/variables.tf:
--------------------------------------------------------------------------------
1 | variable "ami" {
2 |   default = "ami-f4cc1de2"
3 | }
4 | variable "db_password" {}


--------------------------------------------------------------------------------
/m7-module/vpc/vpc.tf:
--------------------------------------------------------------------------------
 1 | 
 2 | resource "aws_vpc" "tf_workshop" {
 3 |   cidr_block = "10.0.0.0/16"
 4 | 
 5 |   tags {
 6 |     Name = "learn-terraform"
 7 |   }
 8 | }
 9 | 
10 | resource "aws_subnet" "tf_workshop" {
11 |   vpc_id     = "${aws_vpc.tf_workshop.id}"
12 |   cidr_block = "10.0.1.0/24"
13 | 
14 |   tags {
15 |     Name = "learn-terraform"
16 |   }
17 | }
18 | 
19 | resource "aws_internet_gateway" "tf_workshop" {
20 |   vpc_id = "${aws_vpc.tf_workshop.id}"
21 | 
22 |   tags {
23 |     Name = "learn-terraform"
24 |   }
25 | }
26 | 
27 | resource "aws_default_route_table" "tf_workshop" {
28 |   default_route_table_id = "${aws_vpc.tf_workshop.default_route_table_id}"
29 | 
30 |   route {
31 |     cidr_block = "0.0.0.0/0"
32 |     gateway_id = "${aws_internet_gateway.tf_workshop.id}"
33 |   }
34 | 
35 |   tags {
36 |     Name = "Default"
37 |   }
38 | }
39 | 
40 | output "vpc_id" {
41 |   value = "${aws_vpc.tf_workshop.id}"
42 | }
43 | 
44 | output "subnet_id" {
45 |   value = "${aws_subnet.tf_workshop.id}"
46 | }
47 | 


--------------------------------------------------------------------------------
/m7-module/wordpress-init.sh.tpl:
--------------------------------------------------------------------------------
  1 | #!/bin/bash
  2 | 
  3 | apt-get update
  4 | DEBIAN_FRONTEND=noninteractive apt-get install -y apache2 libapache2-mod-php7.0 mysql-server php7.0-mysql
  5 | service apache2 restart
  6 | wget https://wordpress.org/latest.tar.gz
  7 | tar xf latest.tar.gz
  8 | mv wordpress/ /var/www/html
  9 | echo "CREATE DATABASE IF NOT EXISTS wordpress; CREATE USER IF NOT EXISTS 'wordpress'@'localhost' IDENTIFIED BY '${db_password}'; GRANT ALL PRIVILEGES ON *.* TO 'wordpress'@'localhost' WITH GRANT OPTION;" | mysql
 10 | 
 11 | 
 12 | cat > /var/www/html/wordpress/wp-config.php << "EOF"
 13 | <?php
 14 | /**
 15 |  * The base configuration for WordPress
 16 |  *
 17 |  * The wp-config.php creation script uses this file during the
 18 |  * installation. You don't have to use the web site, you can
 19 |  * copy this file to \"wp-config.php\" and fill in the values.
 20 |  *
 21 |  * This file contains the following configurations:
 22 |  *
 23 |  * * MySQL settings
 24 |  * * Secret keys
 25 |  * * Database table prefix
 26 |  * * ABSPATH
 27 |  *
 28 |  * @link https://codex.wordpress.org/Editing_wp-config.php
 29 |  *
 30 |  * @package WordPress
 31 |  */
 32 | 
 33 | // ** MySQL settings - You can get this info from your web host ** //
 34 | /** The name of the database for WordPress */
 35 | define('DB_NAME', 'wordpress');
 36 | 
 37 | /** MySQL database username */
 38 | define('DB_USER', 'wordpress');
 39 | 
 40 | /** MySQL database password */
 41 | define('DB_PASSWORD', '${db_password}');
 42 | 
 43 | /** MySQL hostname */
 44 | define('DB_HOST', 'localhost');
 45 | 
 46 | /** Database Charset to use in creating database tables. */
 47 | define('DB_CHARSET', 'utf8');
 48 | 
 49 | /** The Database Collate type. Don't change this if in doubt. */
 50 | define('DB_COLLATE', '');
 51 | 
 52 | /**#@+
 53 |  * Authentication Unique Keys and Salts.
 54 |  *
 55 |  * Change these to different unique phrases!
 56 |  * You can generate these using the {@link https://api.wordpress.org/secret-key/1.1/salt/ WordPress.org secret-key service}
 57 |  * You can change these at any point in time to invalidate all existing cookies. This will force all users to have to log in again.
 58 |  *
 59 |  * @since 2.6.0
 60 |  */
 61 | define('AUTH_KEY',         'put your unique phrase here');
 62 | define('SECURE_AUTH_KEY',  'put your unique phrase here');
 63 | define('LOGGED_IN_KEY',    'put your unique phrase here');
 64 | define('NONCE_KEY',        'put your unique phrase here');
 65 | define('AUTH_SALT',        'put your unique phrase here');
 66 | define('SECURE_AUTH_SALT', 'put your unique phrase here');
 67 | define('LOGGED_IN_SALT',   'put your unique phrase here');
 68 | define('NONCE_SALT',       'put your unique phrase here');
 69 | 
 70 | /**#@-*/
 71 | 
 72 | /**
 73 |  * WordPress Database Table prefix.
 74 |  *
 75 |  * You can have multiple installations in one database if you give each
 76 |  * a unique prefix. Only numbers, letters, and underscores please!
 77 |  */
 78 | $table_prefix  = 'wp_';
 79 | 
 80 | /**
 81 |  * For developers: WordPress debugging mode.
 82 |  *
 83 |  * Change this to true to enable the display of notices during development.
 84 |  * It is strongly recommended that plugin and theme developers use WP_DEBUG
 85 |  * in their development environments.
 86 |  *
 87 |  * For information on other constants that can be used for debugging,
 88 |  * visit the Codex.
 89 |  *
 90 |  * @link https://codex.wordpress.org/Debugging_in_WordPress
 91 |  */
 92 | define('WP_DEBUG', false);
 93 | 
 94 | /* That's all, stop editing! Happy blogging. */
 95 | 
 96 | /** Absolute path to the WordPress directory. */
 97 | if ( !defined('ABSPATH') )
 98 |   define('ABSPATH', dirname(__FILE__) . '/');
 99 | 
100 | /** Sets up WordPress vars and included files. */
101 | require_once(ABSPATH . 'wp-settings.php');
102 | EOF


--------------------------------------------------------------------------------
/m7-module/wordpress.tf:
--------------------------------------------------------------------------------
 1 | provider "aws" {
 2 |   region = "us-east-1"
 3 | }
 4 | 
 5 | module "vpc" {
 6 |   source = "./vpc"
 7 | }
 8 | 
 9 | data "template_file" "wordpress-init" {
10 |   template = "${file("wordpress-init.sh.tpl")}"
11 | 
12 |   vars {
13 |     db_password = "${var.db_password}"
14 |   }
15 | }
16 | 
17 | resource "aws_instance" "webserver" {
18 |   ami           = "${var.ami}"
19 |   instance_type = "t2.micro"
20 |   user_data     =  "${data.template_file.wordpress-init.rendered}" # "${file("wordpress-init.sh")}"
21 |   vpc_security_group_ids = ["${aws_security_group.webserver.id}"]
22 |   key_name      = "awittig"
23 |   subnet_id     = "${module.vpc.subnet_id}"
24 | }
25 | 
26 | resource "aws_security_group" "webserver" {
27 |   name        = "wordpress"
28 |   description = "Allowing HTTP and SSH access."
29 |   vpc_id      = "${module.vpc.vpc_id}"
30 | 
31 |   ingress {
32 |     protocol  = "tcp"
33 |     from_port = 22
34 |     to_port   = 22
35 |     cidr_blocks = ["0.0.0.0/0"]
36 |   }
37 | 
38 |   ingress {
39 |     protocol  = "tcp"
40 |     from_port = 80
41 |     to_port   = 80
42 |     cidr_blocks = ["0.0.0.0/0"]
43 |   }
44 | 
45 |   egress {
46 |     from_port   = 0
47 |     to_port     = 0
48 |     protocol    = "-1"
49 |     cidr_blocks = ["0.0.0.0/0"]
50 |   }
51 | 
52 | }
53 | 
54 | resource "aws_eip" "ip" {
55 |   instance = "${aws_instance.webserver.id}"
56 | }
57 | 
58 | output "ip" {
59 |   value = "${aws_eip.ip.public_ip}"
60 | }
61 | 


--------------------------------------------------------------------------------
/teach/cli.sh:
--------------------------------------------------------------------------------
 1 | $ terraform
 2 | Usage: terraform [--version] [--help] <command> [args]
 3 | 
 4 | Common commands:
 5 |   apply     Builds or changes infrastructure
 6 |   destroy   Destroy Terraform-managed infrastructure
 7 |   get       Download and install modules for the configuration
 8 |   output    Read an output from a state file
 9 |   plan      Generate and show an execution plan
10 | 


--------------------------------------------------------------------------------
/teach/datasource.tf:
--------------------------------------------------------------------------------
1 | data "aws_ami" "web" {
2 |   
3 |   filter {
4 |     name   = "tag:Component"
5 |     values = ["web"]
6 |   }
7 | 
8 | }
9 | 


--------------------------------------------------------------------------------
/teach/interpolationsyntax1.tf:
--------------------------------------------------------------------------------
 1 | # variable 
 2 | ${var.NAME
 3 | ${var.foo}
 4 | 
 5 | # attributes of other resources
 6 | ${TYPE.NAME.ATTRIBUTE}
 7 | ${aws_instance.web.id}
 8 | 
 9 | # attributes of your own resource
10 | ${self.ATTRIBUTE}
11 | ${self.private_ip_address}
12 | 


--------------------------------------------------------------------------------
/teach/interpolationsyntax2.tf:
--------------------------------------------------------------------------------
1 | # attributes of a data source
2 | ${data.TYPE.NAME.ATTRIBUTE}
3 | ${data.aws_ami.ubuntu.id}
4 | 
5 | # outputs from a module
6 | ${MODULE.NAME.OUTPUT}
7 | ${module.foo.bar}
8 | 


--------------------------------------------------------------------------------
/teach/output.tf:
--------------------------------------------------------------------------------
1 | output "address" {
2 |   value = "${aws_instance.db.public_dns}"
3 | }
4 | 


--------------------------------------------------------------------------------
/teach/provider.tf:
--------------------------------------------------------------------------------
1 | provider "aws" {
2 |   region = "us-east-1"
3 | }
4 | 


--------------------------------------------------------------------------------
/teach/resource.tf:
--------------------------------------------------------------------------------
1 | resource "aws_instance" "web" {
2 |   ami           = "ami-408c7f28"
3 |   instance_type = "t1.micro"
4 | }
5 | 


--------------------------------------------------------------------------------
/teach/variable.tf:
--------------------------------------------------------------------------------
 1 | variable "key" {
 2 |   type = "string"
 3 | }
 4 | 
 5 | variable "images" {
 6 |   type = "map"
 7 | 
 8 |   default = {
 9 |     us-east-1 = "image-1234"
10 |     us-west-2 = "image-4567"
11 |   }
12 | }
13 | 


--------------------------------------------------------------------------------