roberto.barbosa
/
terraform


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115
							/*
* https://wiki.nuxeo.com/display/INFRA/Cloud+Provisioning
* 1) Create Subnets for the Stack
*     - On Public with a /24 size. 
*     - One private Subnet to run Nuxeo 
*     - at least 2 Private Subnets for Databases
* 2) Create a NAT Gateway in one of the Public Subnets
* 3) Create a Route with the Internet Gateway as default route, associate it with the Public Subnet(s)
* 4) Create a Route with the NAT Gateway as default route, *that should be associated to all Private Subnets when they are created*
* 5) Create a Security Group for ELBs that accepts HTTP and HTTPS from anywhere
* 6) Create a Security Group for Bastion Hosts that accepts SSH from anywhere
* 
* 7) Create a Bastion Host with bastion host SG associated to ti, install NTP and Userify on it
*/

///////////////////////////////////////////////////////////////////////
// RESOURCES
///////////////////////////////////////////////////////////////////////
resource "random_id" "customer" {
  byte_length = 8
}

module "net" {
  source = "./net/"

  stack_name = "${var.stack_name}"  
  region = "${var.aws_region}"
  vpc_id = "${var.vpc_id}"

  public_subnets = ["10.0.10.0/24"]
  private_subnets = ["10.0.11.0/24"]
  private_db_subnets = ["10.0.100.0/24","10.0.101.0/24"]
}


#-------------
#DNS Entry for Cloud Customer
#-------------
resource "aws_route53_record" "dns" {
  zone_id = "Z1EFT3O5K9NMCJ" // Zone ID for nuxeocloud.com
  name = "${name}"
  type = "CNAME"
  ttl = "300"
  weighted_routing_policy {
   weight = 90
  }
 set_identifier = "${var.stack_name}"
 records = ["${var.stack_name}.nuxeocloud.com"]
}

# -------------------------------------
# S3 buckets:w for Nuxeo and for Backups
# -------------------------------------
module "s3" {
  source = "./s3/"
  stack_name = "${var.stack_name}"
  #cust_id = "${random_id.customer.b64}"
  cust_id = "${uuid()}"
}


# -------------------------
# RDS Postgres Database
# -------------------------
module "rds" {
  source = "./rds/"
  region = "${var.aws_region}"
  stack_name = "${var.stack_name}"
  database_name = "nuxeo"
  rds_allocated_storage = "10"
  rds_engine_version = "9.4.7"
  security_group_ids = ["${module.net.sg_internal_id}"]
  #subnet_ids = ["${aws_subnet.db_private.0.id}", "${aws_subnet.db_private.1.id}"]
  #db_private_subnets = ["${element(module.net.db_private, 0)}", "${element(module.net.db_private, 1)}"]
  subnet_ids = ["${element(module.net.db_private, 0)}", "${element(module.net.db_private, 1)}"]

}


#-------------------------
# Elastic Cache Redis
#-------------------------
module "elasticcache" {
	source = "./elasticcache"
	stack_name = "${var.stack_name}-redis"
	engine_version = "3.2.4"
	node_type = "cache.t2.micro"
	security_group_ids = ["${module.net.sg_internal_id}"]
	private_subnet_ids  = ["${module.net.db_private}"]
}

#-------------------------
# EC2 Instances
#-------------------------
module "nuxeo" {
  source = "./instance/"
  # Variables for creating an instance
  stack_name = "${var.stack_name}-nuxeo"
  instance_name = "${var.stack_name}-nuxeo-instance"
  os_release = "xenial"
  instance_type = "t2.micro"
  public_key_path ="${var.public_key_path}"
#  public_key_path="/path/to/my/pub_key"
  subnet_id="${element(module.net.private_subnets, 0)}"
}

module "bastion" {
  source = "bastion/"

  vpc_id = "${var.vpc_id}"
  allowed_network="10.0.0.0/16"
  subnet_public="${module.net.public_subnets}"
}