x/terraform-digitalocean-spoke
1
0
Fork 0
Code Issues Pull Requests Releases Activity
36 Commits 1 Branch 4 Tags 132 KiB
HCL 62.2%
Shell 32.3%
Smarty 4.4%
Makefile 1.1%
main
Go to file
Dan Buch 6e40a59bc5
Bump default ref for Spoke
2023-01-28 20:41:33 -05:00
.github/workflows Update time 2023-01-28 16:06:07 -05:00
.gitignore Modernizing many things 2020-08-22 22:28:12 -04:00
.terraform.lock.hcl Update time 2023-01-28 16:06:07 -05:00
LICENSE Update time 2023-01-28 16:06:07 -05:00
main.tf Bump default ref for Spoke 2023-01-28 20:41:33 -05:00
Makefile Now with less trailing space 2020-03-02 22:30:43 -05:00
nginx-sites-default.conf.tpl Use cert bits from home directory 2020-02-13 11:03:11 -05:00
README.md Update documented usage to point at module registry 2023-01-28 20:29:52 -05:00
spoke-app-provision Many updates! terraform 0.14 formatting, nginx compat, error handling 2021-04-06 10:54:30 -04:00
spoke-app-provision-wrapper Many updates! terraform 0.14 formatting, nginx compat, error handling 2021-04-06 10:54:30 -04:00
spoke-app-run Many updates! terraform 0.14 formatting, nginx compat, error handling 2021-04-06 10:54:30 -04:00
spoke.service Porting over most of the things 2020-02-09 22:28:45 -05:00
versions.tf Run terraform 0.13upgrade 2020-08-22 22:34:08 -04:00

README.md

terraform-digitalocean-spoke

This is a terraform module that provisions a Spoke instance at DigitalOcean.

Terraform versions

This module is compatible with Terraform version 0.13+.

Usage

A typical production deployment that uses PASSPORT_STRATEGY=auth0, DEFAULT_SERVICE=twilio, and a direct SMTP connection for email might look like this:

module "digitalocean_spoke" {
  source = "hamfist/spoke/digitalocean"

  server_name      = "spoke.example.org"
  base_url         = "https://spoke.example.org"
  resource_prefix  = "example-spoke-"
  region           = "nyc1"
  ssh_keys         = [file("path/to/id_rsa.pub")]
  cert_private_key = file("path/to/cert.key")
  cert_certificate = file("path/to/cert.crt")
  env = {
    AUTH0_CLIENT_ID            = "8570285697946a0cc03f8049b9309d7e"
    AUTH0_CLIENT_SECRET        = "1194435d32479ab99ed51a0a5f244cd5"
    AUTH0_DOMAIN               = "example.auth0.com"
    EMAIL_FROM                 = "admin@example.org"
    EMAIL_HOST                 = "mail.example.org"
    EMAIL_HOST_PASSWORD        = "b5090d80c82e608a1acd2f59ac366083"
    EMAIL_HOST_PORT            = "123"
    EMAIL_HOST_SECURE          = "true"
    EMAIL_HOST_USER            = "admin"
    DEFAULT_SERVICE            = "twilio",
    PASSPORT_STRATEGY          = "auth0",
    PHONE_NUMBER_COUNTRY       = "US",
    SUPPRESS_SELF_INVITE       = "true",
    TWILIO_API_KEY             = "6babd5fa8226c66406edcce7390675b3"
    TWILIO_APPLICATION_SID     = "be2d8e141ab5b45287d06ee649c48b82"
    TWILIO_AUTH_TOKEN          = "17381f485e35f89608b88b45f5a00873"
    TWILIO_MESSAGE_SERVICE_SID = "b2b551ca3228aa8d130b5739e1a20cdd"
    TWILIO_STATUS_CALLBACK_URL = "https://callback.example.org"
  }
}

Requirements

Name Version
terraform >= 0.13
digitalocean >= 1.22

Providers

Name Version
digitalocean 2.25.2
null 3.2.1
random 3.4.3

Modules

No modules.

Resources

Name Type
digitalocean_droplet.app resource
digitalocean_firewall.app resource
digitalocean_floating_ip.app resource
digitalocean_ssh_key.app resource
null_resource.app_provision resource
random_string.pg_password resource
random_string.session_secret resource

Inputs

Name Description Type Default Required
base_url Fully qualified https URL of the app string n/a yes
cert_certificate Certificate with leaf and intermediates to pass to nginx string n/a yes
cert_private_key Certificate key to pass to nginx string n/a yes
droplet_image Image to use when provisioning app droplet string "ubuntu-20-04-x64" no
droplet_size Size value passed when provisioning app droplet string "s-1vcpu-1gb" no
env Arbitrary additional environment variables passed at build time and run time map(string) {} no
nginx_site_override_conf Complete nginx site configuration override string "" no
node_env Value defined at build time and run time as NODE_ENV string "production" no
node_options Value defined at build time and run time as NODE_OPTIONS string "--max_old_space_size=8192" no
port TCP port used to communicate between droplet and nginx string "3000" no
region Region in which all resources will be provisioned string "nyc1" no
resource_prefix Prefix prepended to resource names string "spoke-" no
server_name Server name used in nginx config string n/a yes
spoke_version Git ref of MoveOnOrg/Spoke to deploy string "v8.0" no
ssh_keys List of ssh public keys to pass to droplet provisioning list(string) n/a yes

Outputs

Name Description
droplet_ipv4_address ipv4 address of the droplet
droplet_urn urn of the droplet suitable for adding to project resources
floating_ip_address floating IP address assigned to the droplet suitable for creating a DNS A record
floating_ip_urn urn of the floating IP address assigned to the droplet suitable for adding to project resources