Trang chủ Khám phá Trợ giúp
Đăng ký Đăng nhập
AFS
/
xdr-terraform-modules
2
0
Fork 0
Các tập tin Các vấn đề 0 Yêu cầu kéo về 0 Wiki
Tree: 066ddcdb15
Branches Tags
xdr-terraform-m...
/
base
/
github
/
github_servers.tf

github_servers.tf 2.1 KB
Lịch sử Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. # Rather than pass in the aws security group, we just look it up. This will
    2. 

  2. # probably be useful other places, as well.
    3. 

  3. data "aws_security_group" "typical-host" {
    4. 

  4.   name   = "typical-host"
    5. 

  5.   vpc_id = var.vpc_id
    6. 

  6. }
    7. 

  7. 

  8. # Use the default EBS key
    9. 

  9. data "aws_kms_key" "ebs-key" {
    10. 

  10.   key_id = "alias/ebs_root_encrypt_decrypt"
    11. 

  11. }
    12. 

  12. 

  13. resource "aws_instance" "ghe" {
    14. 

  14.   count                       = var.instance_count
    15. 

  15. 

  16.   ami                         = aws_ami_copy.github.id
    17. 

  17.   instance_type               = var.instance_type
    18. 

  18.   subnet_id                   = var.private_subnets[count.index]
    19. 

  19.   vpc_security_group_ids      = [ data.aws_security_group.typical-host.id, aws_security_group.ghe_server.id ]
    20. 

  20.   associate_public_ip_address = false
    21. 

  21.   ebs_optimized               = true
    22. 

  22.   tenancy = "default"
    23. 

  23.   disable_api_termination = var.instance_termination_protection
    24. 

  24.   instance_initiated_shutdown_behavior = "stop"
    25. 

  25.   key_name = "msoc-build"
    26. 

  26.   monitoring = false
    27. 

  27.   iam_instance_profile = "msoc-default-instance-profile"
    28. 

  28.   
    29. 

  29.   # single space to disable default module behavior
    30. 

  30.   root_block_device {
    31. 

  31.       volume_size           = 200
    32. 

  32.       volume_type           = "gp3"
    33. 

  33.       iops                  = 3000
    34. 

  34.       delete_on_termination = true
    35. 

  35.       encrypted             = true
    36. 

  36.       kms_key_id            = data.aws_kms_key.ebs-key.arn
    37. 

  37.     } 
    38. 

  38. 

  39.   ebs_block_device {
    40. 

  40.     # github data
    41. 

  41.     # Note: Not in AMI
    42. 

  42.     device_name = "/dev/xvdf"
    43. 

  43.     volume_size = var.github_data_volume_size
    44. 

  44.     delete_on_termination = true
    45. 

  45.     encrypted = true
    46. 

  46.     kms_key_id = data.aws_kms_key.ebs-key.arn
    47. 

  47.     volume_type = "gp3"
    48. 

  48.     iops = 3000
    49. 

  49.   }
    50. 

  50. 

  51.   tags = merge( var.standard_tags, var.tags, { Name = format("%s-%s", "github-enterprise", count.index) })
    52. 

  52.   volume_tags = merge( var.standard_tags, var.tags, { Name = format("%s-%s", "github-enterprise", count.index) })
    53. 

  53. }
    54. 

  54. 

  55. # Would need this a second time if count > 0
    56. 

  56. module "private_dns_record_ghe_backup_0" {
    57. 

  57.   source = "../../submodules/dns/private_A_record"
    58. 

  58. 

  59.   name = format("%s-%s", "github-enterprise", 0)
    60. 

  60.   ip_addresses = [ aws_instance.ghe[0].private_ip ]
    61. 

  61.   dns_info = var.dns_info
    62. 

  62.   reverse_enabled = var.reverse_enabled
    63. 

  63. 

  64.   providers = {
    65. 

  65.     aws.c2 = aws.c2
    66. 

  66.   }
    67. 

  67. }
    68.