/* * https://wiki.nuxeo.com/display/INFRA/Cloud+Provisioning * 1) Create Public Subnet with a /24 size. One private Subnet to run Nuxeo and at least 2 Private Subnets for Data * 2) Create a NAT Gateway in one of the Public Subnets * 3) Create a Route with the Internet Gateway as default route, associate it with the Public Subnet(s) * 4) Create a Route with the NAT Gateway as default route, *that should be associated to all Private Subnets when they are created* * 5) Create a Security Group for Bastion Hosts that accepts SSH from anywhere * 6) Create a Security Group for ELBs that accepts HTTP and HTTPS from anywhere * 7) Create a Bastion Host with bastion host SG associated to ti, install NTP and Userify on it */ /////////////////////////////////////////////////////////////////////// // RESOURCES /////////////////////////////////////////////////////////////////////// resource "random_id" "customer" { byte_length = 8 } module "net" { source = "./net/" stack_name = "${var.stack_name}" region = "us-west-2" vpc_id = "${var.vpc_id}" public_subnets = ["10.0.10.0/24"] private_subnets = ["10.0.11.0/24"] private_db_subnets = ["10.0.100.0/24","10.0.101.0/24"] } #------------- # DNS Entry for Cloud Customer #------------- #resource "aws_route53_record" "dns" { # zone_id = "Z1EFT3O5K9NMCJ" // Zone ID for nuxeocloud.com # name = "${name}" # type = "CNAME" # ttl = "300" # weighted_routing_policy { # weight = 90 # } # set_identifier = "${var.stack_name}" # records = ["${var.stack_name}.nuxeocloud.com"] #} #------------------------------------- # S3 buckets:w for Nuxeo and for Backups #------------------------------------- module "s3" { source = "./s3/" stack_name = "${var.stack_name}" cust_id = "${random_id.customer.b64}" } #------------------------- # RDS Postgres Database #------------------------- module "rds" { source = "./rds/" region = "${var.aws_region}" stack_name = "${var.stack_name}" database_name = "nuxeo" rds_allocated_storage = "10" rds_engine_version = "9.4.7" security_group_ids = ["${module.net.sg_internal_id}"] #subnet_ids = ["${aws_subnet.db_private.0.id}", "${aws_subnet.db_private.1.id}"] #db_private_subnets = ["${element(module.net.db_private, 0)}", "${element(module.net.db_private, 1)}"] subnet_ids = ["${element(module.net.db_private, 0)}", "${element(module.net.db_private, 1)}"] } #------------------------- # Elastic Cache Redis #------------------------- module "elasticcache" { source = "./elasticcache" stack_name = "${var.stack_name}-redis" engine_version = "3.2.4" node_type = "cache.t2.micro" security_group_ids = ["${module.net.sg_internal_id}"] private_subnet_ids = ["${module.net.db_private}"] } # #------------------------------- # # Create Nuxeo Ubuntu Instance # #------------------------------- # # Create a new instance of the latest Ubuntu on an # # t2.micro node with an AWS Tag naming it "Nuxeo" # data "aws_ami" "ubuntu" { # most_recent = true # filter { # name = "name" # values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-*"] # } # filter { # name = "virtualization-type" # values = ["hvm"] # } # owners = ["099720109477"] # Canonical # } # resource "aws_instance" "nuxeo" { # ami = "${data.aws_ami.ubuntu.id}" # instance_type = "t2.micro" # key_name = "${aws_key_pair.deployer.id}" # subnet_id = "${aws_subnet.private.id}" # tags { # Name = "Nuxeo" # billing-category = "customers" # billing-subcategory = "${var.stack_name}" # role= "nuxeo.instance" # } # } # #--------------------- # # Deployer SSH keys # #-------------------- # resource "aws_key_pair" "deployer" { # key_name = "deployer-key" # public_key = "${file(var.public_key_path)}" # }