diff --git a/.gitignore b/.gitignore index 397af32..dd601bd 100644 --- a/.gitignore +++ b/.gitignore @@ -11,12 +11,6 @@ # Crash log files crash.log -# Exclude all .tfvars files, which are likely to contain sentitive data, such as -# password, private keys, and other secrets. These should not be part of version -# control as they are data points which are potentially sensitive and subject -# to change depending on the environment. -*.tfvars - # Ignore override files as they are usually used to override resources locally and so # are not checked in override.tf diff --git a/examples/dns/README.md b/examples/dns/README.md new file mode 100644 index 0000000..efdfa01 --- /dev/null +++ b/examples/dns/README.md @@ -0,0 +1,47 @@ +# DNS + +Configuration in this directory creates a 2 Private DNS zones and one Public with a couple of record sets. + +## Usage + +To run this example you need to execute: + +```bash +$ terraform init +$ terraform plan +$ terraform apply +``` + +Note that this example will create resources which can cost money. Run `terraform destroy` when you don't need these resources. + +## Requirements + +| Name | Version | +| ---------------------------------------------------------------------------------------------- |-----------| +| [terraform](#requirement\_terraform) | >= 0.13.0 | +| [opentelekomcloud](#requirement\_opentelekomcloud) | >= 1.23.9 | + +## Providers + +No providers. + +## Modules + +| Name | Source | Version | +|-----------------------------------------------|---------------------|---------| +| [dns](#module\_dns) | "../../modules/dns" | 0.0.1 | + +## Resources + +No resources. + +## Inputs + +No inputs. + +## Outputs + +| Name | Description | +|----------------------------------------------------------------------------------------------------|----------------------------------| +| [dns\_zone\_ids](#output\_zone\_ids) | The Ids of created Zones | +| [dns\_recordset\_names](#output\_recordset\_names) | The Names of created Record sets | diff --git a/examples/dns/dns.auto.tfvars b/examples/dns/dns.auto.tfvars new file mode 100644 index 0000000..7690e62 --- /dev/null +++ b/examples/dns/dns.auto.tfvars @@ -0,0 +1,82 @@ +/*================================= +DNS PREPARED MAP +==================================*/ + +dns_settings = { + private = { + name = "example.opentelekomcloud" + description = "Example Zone" + type = "private" + ttl = 500 + email = "email_prv@example.com" + vpc_id = "REWRITE_IN_LOCALS" + region = "REWRITE_IN_LOCALS" + tags = { + "Zone" = "test" + } + recordsets = [ + { + subdomain = "first_a" + type = "A" + description = "a record set" + ttl = 380 + records = ["10.1.0.0"] + tags = { + "Recordset" = "private_a" + } + }, + { + subdomain = "first_txt" + type = "txt" + description = "txt record set" + ttl = 3000 + records = ["v=spf1 include:my.example.try.com -none"] + tags = { + "Recordset" = "private_txt" + } + }, + ] + } + private_another = { + name = "another.opentelekomcloud" + description = "Example Zone other" + type = "private" + ttl = 450 + email = "email_oth@example.com" + vpc_id = "REWRITE_IN_LOCALS" + region = "REWRITE_IN_LOCALS" + tags = {} + recordsets = [ + { + subdomain = "cname" + type = "cname" + description = "cname record set" + ttl = 3600 + records = ["server1.example.com."] + tags = { + "Recordset" = "private_cname" + } + }, + ] + } + public = { + name = "public.opentelekomcloud" + description = "Example Zone" + type = "public" + ttl = 300 + email = "email_pub@example.com" + tags = {} + recordsets = [ + { + subdomain = "second_a" + type = "A" + description = "a record set" + ttl = 380 + records = ["10.1.1.0"] + tags = { + "Recordset" = "public_a" + } + }, + ] + } +} diff --git a/examples/dns/main.tf b/examples/dns/main.tf new file mode 100644 index 0000000..e16fe23 --- /dev/null +++ b/examples/dns/main.tf @@ -0,0 +1,89 @@ +/*================================= +DNS VARIABLES +==================================*/ + +variable "dns_settings" { + default = {} + description = "Main settings for private DNS." +} + +variable "dns_subnet" { + default = "subnet-do-not-delete-pls" + description = "Main settings for public DNS." +} + +variable "default_tags_set" { + default = { + "Managed_by" = "terraform" + } + description = "Set of default tags for most of all resources" +} + +/*================================= +DNS LOCALS +==================================*/ + +locals { + local_dns_settings = { + private_one = { + name = var.dns_settings["private"]["name"] + description = var.dns_settings["private"]["description"] + type = var.dns_settings["private"]["type"] + ttl = var.dns_settings["private"]["ttl"] + email = var.dns_settings["private"]["email"] + vpc_id = data.opentelekomcloud_vpc_subnet_v1.subnet.vpc_id + region = data.opentelekomcloud_identity_project_v3.current.region + tags = var.dns_settings["private"]["tags"] + recordsets = var.dns_settings["private"]["recordsets"] + } + private_two = { + name = var.dns_settings["private_another"]["name"] + description = var.dns_settings["private_another"]["description"] + type = var.dns_settings["private_another"]["type"] + ttl = var.dns_settings["private_another"]["ttl"] + email = var.dns_settings["private_another"]["email"] + vpc_id = data.opentelekomcloud_vpc_subnet_v1.subnet.vpc_id + region = data.opentelekomcloud_identity_project_v3.current.region + tags = var.dns_settings["private_another"]["tags"] + recordsets = var.dns_settings["private_another"]["recordsets"] + } + public_one = { + name = var.dns_settings["public"]["name"] + description = var.dns_settings["public"]["description"] + type = var.dns_settings["public"]["type"] + ttl = var.dns_settings["public"]["ttl"] + email = var.dns_settings["public"]["email"] + tags = var.dns_settings["public"]["tags"] + recordsets = var.dns_settings["public"]["recordsets"] + } + } + dns_settings = merge(var.dns_settings, local.local_dns_settings) +} + +/*================================= +DNS MODULES +==================================*/ + +data "opentelekomcloud_identity_project_v3" "current" {} + +data "opentelekomcloud_vpc_subnet_v1" "subnet" { + name = var.dns_subnet +} + +module "dns" { + source = "../../modules/dns" + dns_zone_settings = local.local_dns_settings + default_tags_set = var.default_tags_set +} + +/*================================= +DNS OUTPUTS +==================================*/ + +output "dns_zone_ids" { + value = { for k, v in module.dns.zone : k => v.id } +} + +output "dns_zone_recordsets_names" { + value = { for k, v in module.dns.recordset : k => v.name } +} diff --git a/examples/dns/versions.tf b/examples/dns/versions.tf new file mode 100644 index 0000000..5ca3bdb --- /dev/null +++ b/examples/dns/versions.tf @@ -0,0 +1,13 @@ +terraform { + required_providers { + opentelekomcloud = { + source = "opentelekomcloud/opentelekomcloud" + version = ">=1.34.4" + } + } +} + +# Configure the OpenTelekomCloud Provider +provider "opentelekomcloud" { + cloud = "terraform" +} diff --git a/modules/dns/README.md b/modules/dns/README.md new file mode 100644 index 0000000..6d3ebf6 --- /dev/null +++ b/modules/dns/README.md @@ -0,0 +1,148 @@ +# OpenTelekomCloud DNS Terraform module + +![GitHub tag (latest by date)](https://img.shields.io/github/v/tag/opentelekomcloud/terraform-opentelekomcloud-modules) +![Build (latest by date)](https://zuul.otc-service.com/api/tenant/eco/badge?project=opentelekomcloud/terraform-opentelekomcloud-modules&pipeline=check&branch=main) + +_This module aims to create a module to create public or private DNS zones with records on OpenTelekomCloud provider._ + +_These types of resources are supported:_ + +* [Zone](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/dns_zone_v2) +* [Record](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/dns_recordset_v2) + + +[//]: # (## Where to find module documentations) + +[//]: # (You can find different documentations versioned by terraform registry [here](https://registry.terraform.io/modules/terraform-opentelekomcloud-modules/dns/latest).) + +## Terraform versions + +Terraform 0.13 or higher. + +## Usage + +```hcl +dns_settings = { + private = { + name = "another.opentelekomcloud" + description = "Example Zone other" + type = "private" + ttl = 450 + email = "email_oth@example.com" + vpc_id = "REWRITE_IN_LOCALS" + region = "REWRITE_IN_LOCALS" + tags = {} + recordsets = [ + { + subdomain = "cname" + type = "cname" + description = "cname record set" + ttl = 3600 + records = ["server1.example.com."] + tags = { + "Recordset" = "private_cname" + } + }, + ] + } +} + +data "opentelekomcloud_identity_project_v3" "current" {} + +data "opentelekomcloud_vpc_subnet_v1" "subnet" { + name = "my-subnet" +} + +locals { + local_dns_settings = { + private_one = { + name = var.dns_settings["private"]["name"] + description = var.dns_settings["private"]["description"] + type = var.dns_settings["private"]["type"] + ttl = var.dns_settings["private"]["ttl"] + email = var.dns_settings["private"]["email"] + vpc_id = data.opentelekomcloud_vpc_subnet_v1.subnet.vpc_id + region = data.opentelekomcloud_identity_project_v3.current.region + tags = var.dns_settings["private"]["tags"] + recordsets = var.dns_settings["private"]["recordsets"] + } + } + dns_settings = merge(var.dns_settings, local.local_dns_settings) +} + +module "dns" { + source = "../../modules/dns" + + dns_zone_settings = local.local_dns_settings + default_tags_set = var.default_tags_set +} +``` + +## Examples + +* [DNS](https://github.com/opentelekomcloud/terraform-opentelekomcloud-modules/blob/main/examples/dns) + +## Requirements + +| Name | Version | +| ---------------------------------------------------------------------------------------------- |-----------| +| [terraform](#requirement\_terraform) | >= 0.13.0 | +| [opentelekomcloud](#requirement\_opentelekomcloud) | >= 1.23.9 | + +## Modules + +No modules. + +## Resources + +| Name | Type | Count | +|--------------------------------------------------------------------------------------------------------------------------------------------------------------|----------|-----------| +| [opentelekomcloud_dns_zone_v2.zone](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/dns_zone_v2) | resource | 1 or more | +| [opentelekomcloud_dns_recordset_v2.record](https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/dns_recordset_v2) | resource | 1 or more | + +## Inputs + +| Name | Description | Type | Default | Required | +|--------------------------------------------------------------------------------------|------------------------------------------------|---------------|---------|:--------:| +| [dns_zone_settings](#input\dns_zone_settings) | Map with necessary for DNS zone settings. | `map(object)` | `{}` | yes | +| [default_tags_set](#input\default_tags_set) | Set of default tags for most of all resources. | `map(string)` | `{}` | no | + +### dns_zone_settings + +| Name | Description | Type | Default | Required | +|--------------------------------------------------------------------------------------|-------------------------------------------------------|----------------|---------|:--------:| +| [dns_zone_settings.name](#input\name) | Zone domain name. | `string` | `null` | yes | +| [dns_zone_settings.description](#input\description) | Zone description. | `string` | `""` | no | +| [dns_zone_settings.type](#input\type) | Type of the zone. | `string` | `null` | yes | +| [dns_zone_settings.ttl](#input\ttl) | Caching period of the SOA record set (in seconds). | `number` | `null` | yes | +| [dns_zone_settings.email](#input\email) | Email address of the administrator managing the zone. | `string` | `null` | yes | +| [dns_zone_settings.vpc_id](#input\vpc_id) | Id of VPC. | `string` | `""` | no | +| [dns_zone_settings.region](#input\region) | Name of the current region. | `string` | `""` | no | +| [dns_zone_settings.tags](#input\tags) | Tags (will be merged with default_tags_set). | `map(any)` | `{}` | no | +| [dns_zone_settings.recordsets](#input\recordsets) | List of recordsets. | `list(object)` | `[]` | no | + +### dns_zone_settings.recordsets + +| Name | Description | Type | Default | Required | +|---------------------------------------------------------------------------------------------------------------------|----------------------------------------------|----------------|---------|:--------:| +| [dns_zone_settings.recordsets.subdomain](#input\subdomain) | Name of the record subdomain. | `string` | `null` | yes | +| [dns_zone_settings.recordsets.type](#input\recordset_type) | Type of the record set. | `string` | `null` | yes | +| [dns_zone_settings.recordsets.description](#input\recordset_description) | Description of the record set. | `string` | `null` | no | +| [dns_zone_settings.recordsets.ttl](#input\recordset_ttl) | Ttl of the record set. | `number` | `null` | no | +| [dns_zone_settings.recordsets.records](#input\recordset_records) | List of records. | `list(string)` | `[]` | yes | +| [dns_zone_settings.recordsets.tags](#input\recordsets_tags) | Tags (will be merged with default_tags_set). | `map(any)` | `{}` | no | + +## Outputs + +| Name | Description | +|--------------------------------------------------------------|------------------------| +| [dns\zone](#output\zone) | The all DNS zones | +| [dns\recordset](#output\recordset) | The all DNS recordsets | + +## Authors + +Module managed by [Anton Sidelnikov](https://github.com/anton-sidelnikov). + +## License + +Apache 2 Licensed. See LICENSE for full details. diff --git a/modules/dns/dns.tf b/modules/dns/dns.tf new file mode 100644 index 0000000..448be43 --- /dev/null +++ b/modules/dns/dns.tf @@ -0,0 +1,37 @@ +/*================================= +RESOURCES +==================================*/ + +resource "opentelekomcloud_dns_zone_v2" "zone" { + for_each = var.dns_zone_settings + name = each.value["name"] + description = each.value["description"] + ttl = each.value["ttl"] + email = each.value["email"] + type = lower(each.value["type"]) + + router { + router_region = each.value["region"] + router_id = each.value["vpc_id"] + } + + tags = merge( + var.default_tags_set, + each.value["tags"], + ) +} + +resource "opentelekomcloud_dns_recordset_v2" "record" { + for_each = {for k, v in local.recordsets : k => v} + zone_id = opentelekomcloud_dns_zone_v2.zone[each.value["zone_index"]].id + name = "${each.value["subdomain"]}.${each.value["domain"]}" + description = each.value["description"] + ttl = each.value["ttl"] + type = upper(each.value["type"]) + records = each.value["records"] + + tags = merge( + var.default_tags_set, + each.value["tags"], + ) +} diff --git a/modules/dns/locals.tf b/modules/dns/locals.tf new file mode 100644 index 0000000..3386c04 --- /dev/null +++ b/modules/dns/locals.tf @@ -0,0 +1,19 @@ +/*================================= +LOCALS +==================================*/ +locals { + recordsets = flatten([ + for zone_key, zone in var.dns_zone_settings : [ + for recordset_key, recordset in zone["recordsets"] : { + zone_index = zone_key + domain = var.dns_zone_settings[zone_key].name + subdomain = recordset["subdomain"] + type = recordset["type"] + description = recordset["description"] + ttl = recordset["ttl"] + records = recordset["records"] + tags = recordset["tags"] + } + ] + ]) +} diff --git a/modules/dns/outputs.tf b/modules/dns/outputs.tf new file mode 100644 index 0000000..a8409c3 --- /dev/null +++ b/modules/dns/outputs.tf @@ -0,0 +1,10 @@ +/*================================= +OUTPUTS +==================================*/ +output "zone" { + value = opentelekomcloud_dns_zone_v2.zone +} + +output "recordset" { + value = opentelekomcloud_dns_recordset_v2.record +} diff --git a/modules/dns/variables.tf b/modules/dns/variables.tf new file mode 100644 index 0000000..39aba4f --- /dev/null +++ b/modules/dns/variables.tf @@ -0,0 +1,58 @@ +/*================================= +VARIABLES +==================================*/ +variable "default_tags_set" { + default = {} + description = "Set of default tags for most of all resources" +} + +variable "dns_zone_settings" { + default = { + /*Example: + zone_name = { #You can use any string as key + name = "example.opentelekomcloud" #Zone domain name + description = "Example Zone" #Zone description + type = "private|public" #Type of the zone + ttl = 500 #Caching period of the SOA record set (in seconds) + email = "email1@example.com" #Email address of the administrator managing the zone + vpc_id = "19664294-0bf6-4271-ad3a-94b8c79c6558" #Id of VPC + region = "eu-de" #Name of the current region + tags = { #Tags (will be merged with default_tags_set) + "Environment" = "test" + "Managed_by" = "terraform" + } + recordsets = [ + { + subdomain = "subdomain" #Name of the record subdomain + type = "cname" #Type of the record set + description = "cname record set" #Description of the record set + ttl = 3600 #Ttl of the record set + records = ["server1.example.com"] #List of records + tags = { #Tags (will be merged with default_tags_set) + "Recordset" = "private_cname" + } + }, + ] + } + */ + } + type = map(object({ + name = string + description = optional(string, "") + type = string + ttl = number + email = string + vpc_id = optional(string, "") + region = optional(string, "") + tags = optional(map(any)) + recordsets = optional(list(object({ + subdomain = string + type = string + description = optional(string) + ttl = number + records = optional(list(string)) + tags = optional(map(any)) + }))) + })) + description = "Map with necessary for DNS zone settings (current values in top level vars file)" +} diff --git a/modules/dns/versions.tf b/modules/dns/versions.tf new file mode 100644 index 0000000..ff7929d --- /dev/null +++ b/modules/dns/versions.tf @@ -0,0 +1,11 @@ +/*================================= +PROVIDER SETTINGS +==================================*/ +terraform { + required_providers { + opentelekomcloud = { + source = "opentelekomcloud/opentelekomcloud" + version = ">=1.34.4" + } + } +} diff --git a/scripts/run-tflint.sh b/scripts/run-tflint.sh old mode 100644 new mode 100755