Mail-in-a-Box Digital Ocean Terraform module
This repo will create a Digital Ocean Droplet running Ubuntu 18.04 that has the following configuration:
Floating IP for the Droplet address.
Spaces bucket for /home/user-data/backups
to avoid filling up a small disk with backups.
Yes, you could definitely use rsync
, but this way we don't have to ship the backup data anywhere.
Domain and DNS configuration via Digital Ocean DNS .
Reads your local SSH key and creates a new SSH key on Digital Ocean.
Terraform version 0.12+
Digital Ocean token
Digital Ocean Spaces access id
Digital Ocean Spaces secret key
Infrastructure provisioned by Terraform
digitalocean_domain
- Digital Ocean DNS domain name to use for MIAB
digitalocean_record
- DNS A record for domain
digitalocean_floating_ip
- Static IP for Droplet
digitalocean_ssh_key
- Separate SSH key created for the droplet
digitalocean_spaces_bucket
- Object storage for MIAB backup directory
digitalocean_droplet
- VM that will run MIAB
Install terraform version 0.12 .
cp varfile.tfvars terraform.tfvars
Add Digital Ocean API key and Digital Ocean Spaces key info.
Run terraform init
.
Run terraform plan
.
Run terraform apply
if there were no errors during terraform plan
.
Pre-commit hook to generate terraform graph files
Requires graphviz
on your local system, which can be installed with sudo apt install graphviz
or brew install graphviz
.
Put this script in the file .git/hooks/pre-commit
and run chmod +x
to automatically add graphs for every git commit.
#! /usr/bin/env bash
COMMIT_HASH=$( git rev-parse HEAD | cut -b 1-6)
if ! command dot > /dev/null 2>&1 ; then
echo " graphviz not found, terraform graph will not be generated."
else
# Only run terraform graph when *.tf files change
git diff --cached --name-only | if grep --silent \. tf; then
mkdir -p graphs
terraform graph > graphs/miab-${COMMIT_HASH} .dot
dot graphs/miab-${COMMIT_HASH} .dot -Tsvg -o graphs/miab-${COMMIT_HASH} .svg
git add graphs/miab-${COMMIT_HASH} .{svg,dot}
fi
fi
No modules.
Name
Description
Type
Default
Required
do_region
Digital Ocean region where the MiaB droplet will be hosted.
any
n/a
yes
do_token
Token to authenticate with your Digital Ocean account.
any
n/a
yes
droplet_image
Base OS image to use for the MiaB droplet.
string
"ubuntu-22-04-x64"
no
droplet_private_networking
Enable private networking for miab droplet.
string
"true"
no
droplet_size
CPU and memory sizing for the MiaB droplet.
string
"s-1vcpu-1gb"
no
ipv6_enabled
Enable IPv6 for MiaB and the Droplet
bool
false
no
miab_primary_hostname
Fully-qualified domain name for your email server. This is typically box.example.com, and your email address would be [email protected] .
string
n/a
yes
miab_storage_root
Base directory for MiaB files.
string
"/root/miab/"
no
miab_storage_user
MiaB storage username
string
"user-data"
no
spaces_access_id
Digital Ocean Spaces access ID.
any
n/a
yes
spaces_backup_enabled
If enabled, a spaces bucket will be created, and miab will send backups there.
bool
false
no
spaces_secret_key
Digital Ocean Spaces secret key.
any
n/a
yes
ssh_port
Non-default port for SSH
any
n/a
yes
ssh_private_key
The path to the SSH key you'd like to access the MiaB host with.
any
n/a
yes