Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(terraform): stg and prd networks #925

Merged
merged 1 commit into from
Oct 24, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file not shown.
2 changes: 1 addition & 1 deletion terraform/prd-cluster-ahoyworld/network.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ resource "digitalocean_vpc" "prd_vpc" {
name = "prd-ahoyworld-vpc"
region = "nyc3"
description = "Production VPC for AhoyWorld"
ip_range = "10.0.0.0/20"
ip_range = "10.0.0.0/22"
}

resource "digitalocean_firewall" "prd_fw_internal" {
Expand Down
69 changes: 69 additions & 0 deletions terraform/stg-cluster-ahoyworld/.terraform.lock.hcl

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions terraform/stg-cluster-ahoyworld/backend.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
terraform {
cloud {
organization = "freecodecamp"
workspaces {
name = "tfws-stg-ahoyworld"
project = "DigitalOcean"
}
}
}
77 changes: 77 additions & 0 deletions terraform/stg-cluster-ahoyworld/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,77 @@
locals {
zone = "freecodecamp.net"
}

data "hcp_packer_artifact" "do_ubuntu" {
bucket_name = "digitalocean-ubuntu"
channel_name = "latest"
platform = "digitalocean"
region = "nyc3"
}

data "cloudflare_zone" "cf_zone" {
name = local.zone
}

# data "linode_instances" "ops_standalone_backoffice" {
# filter {
# name = "label"
# values = [
# "ops-vm-backoffice",
# ]
# }
# }

locals {
pxy_node_count = 3 # number of proxy nodes
api_node_count = 3 # number of api nodes
clt_node_count = 2 # number of client nodes for EACH LANGUAGE!
jms_node_count = 3 # number of JAMStack nodes
}

locals {
ipam_block_pxy = 10 # 10.0.0.11, 10.0.0.12, ...
ipam_block_api = 20 # 10.0.0.21, 10.0.0.22, ...
ipam_block_clt = 40 # 10.0.0.41, 10.0.0.42, ...
ipam_block_nws = 100 # 10.0.0.100, 10.0.0.102, ...
ipam_block_jms = 120 # 10.0.0.120, 10.0.0.121, ...
}

// When removing an item, DO NOT change the IPAM number.
locals {
nws_instances = {
# eng = { name = "eng", ipam_id = 0 }, # 10.0.0.100
chn = { name = "chn", ipam_id = 1 }, # 10.0.0.101
esp = { name = "esp", ipam_id = 2 }, # ...
ita = { name = "ita", ipam_id = 3 },
jpn = { name = "jpn", ipam_id = 4 },
kor = { name = "kor", ipam_id = 5 },
por = { name = "por", ipam_id = 6 },
ukr = { name = "ukr", ipam_id = 7 },
# ger = { name = "ger", ipam_id = 8 }
}

clt_config_meta = {
eng = { name = "eng", ipam_id = 0, node_count = local.clt_node_count }, # 10.0.0.40, 10.0.0.41, ...
chn = { name = "chn", ipam_id = 5, node_count = local.clt_node_count }, # 10.0.0.45, 10.0.0.46, ...
esp = { name = "esp", ipam_id = 10, node_count = local.clt_node_count }, # 10.0.0.50, 10.0.0.51, ...
ita = { name = "ita", ipam_id = 15, node_count = local.clt_node_count }, # 10.0.0.55, 10.0.0.56, ...
jpn = { name = "jpn", ipam_id = 20, node_count = local.clt_node_count }, # 10.0.0.60, 10.0.0.61, ...
# kor = { name = "kor", ipam_id = 6, node_count = local.clt_node_count },
por = { name = "por", ipam_id = 25, node_count = local.clt_node_count }, # 10.0.0.65, 10.0.0.66, ...
ukr = { name = "ukr", ipam_id = 30, node_count = local.clt_node_count }, # 10.0.0.70, 10.0.0.71, ...
ger = { name = "ger", ipam_id = 35, node_count = local.clt_node_count }, # 10.0.0.75, 10.0.0.76, ...
cnt = { name = "cnt", ipam_id = 40, node_count = local.clt_node_count } # 10.0.0.80, 10.0.0.81, ...
swa = { name = "swa", ipam_id = 45, node_count = local.clt_node_count } # 10.0.0.85, 10.0.0.86, ...
}

clt_instances = flatten([
[for k, v in local.clt_config_meta : [
for i in range(v.node_count) : {
name = v.name
ipam_id = v.ipam_id + i
instance = "${k}-${i}"
}
]],
])
}
58 changes: 58 additions & 0 deletions terraform/stg-cluster-ahoyworld/network.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
resource "digitalocean_vpc" "stg_vpc" {
name = "stg-ahoyworld-vpc"
region = "nyc3"
description = "Staging VPC for AhoyWorld"
ip_range = "10.0.8.0/22"
}

resource "digitalocean_firewall" "stg_fw_internal" {
name = "stg-ahoyworld-fw-internal"

inbound_rule {
protocol = "tcp"
port_range = "22"
source_addresses = [
"0.0.0.0/0",
"::/0",
]
}

inbound_rule {
protocol = "tcp"
port_range = "1-65535"
source_addresses = [
digitalocean_vpc.stg_vpc.ip_range
]
}
}

resource "digitalocean_firewall" "stg_fw_external" {
name = "stg-ahoyworld-fw-external"

inbound_rule {
protocol = "tcp"
port_range = "22"
source_addresses = [
"0.0.0.0/0",
"::/0",
]
}

inbound_rule {
protocol = "tcp"
port_range = "80"
source_addresses = [
"0.0.0.0/0",
"::/0",
]
}

inbound_rule {
protocol = "tcp"
port_range = "443"
source_addresses = [
"0.0.0.0/0",
"::/0",
]
}
}
1 change: 1 addition & 0 deletions terraform/stg-cluster-ahoyworld/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

12 changes: 12 additions & 0 deletions terraform/stg-cluster-ahoyworld/providers.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
provider "digitalocean" {
token = var.do_token
}

provider "hcp" {
client_id = var.hcp_client_id
client_secret = var.hcp_client_secret
}

provider "cloudflare" {
api_token = var.cloudflare_api_token
}
Empty file.
27 changes: 27 additions & 0 deletions terraform/stg-cluster-ahoyworld/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
variable "do_token" {
description = "The Digital Ocean API token."
type = string
sensitive = true
}

variable "hcp_client_id" {
description = "The client ID for the HCP API."
type = string
sensitive = true
}

variable "hcp_client_secret" {
description = "The client secret for the HCP API."
type = string
sensitive = true
}

variable "cloudflare_api_token" {
type = string
description = "Cloudflare API Token"
}

variable "cloudflare_account_id" {
type = string
description = "Cloudflare Account ID"
}
19 changes: 19 additions & 0 deletions terraform/stg-cluster-ahoyworld/versions.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
terraform {
required_providers {
digitalocean = {
source = "digitalocean/digitalocean"
version = "2.43.0"
}

cloudflare = {
source = "cloudflare/cloudflare"
version = "4.44.0"
}

hcp = {
source = "hashicorp/hcp"
version = "0.97.0"
}
}
required_version = ">= 1"
}