|
| 1 | +locals { |
| 2 | + vpc_id = "your_vpc_id" |
| 3 | + subnet_id1 = "your_subnetid1" |
| 4 | + subnet_id2 = "yout_subnet_id2" |
| 5 | + ssh_user = "ubuntu" |
| 6 | + key_name ="prv-key" |
| 7 | + private_key_path = "path/to/key/prv-key.pem" |
| 8 | +} |
| 9 | + |
| 10 | +# Configure the AWS provider |
| 11 | +provider "aws" { |
| 12 | + region = "us-east-1" |
| 13 | + access_key = "your_access" |
| 14 | + secret_key = "your_secret" |
| 15 | +} |
| 16 | + |
| 17 | +resource "aws_security_group" "nginx" { |
| 18 | + name = "nginx_access" |
| 19 | + vpc_id = local.vpc_id |
| 20 | + |
| 21 | + ingress { |
| 22 | + from_port = 22 |
| 23 | + to_port = 22 |
| 24 | + protocol = "tcp" |
| 25 | + cidr_blocks = ["0.0.0.0/0"] |
| 26 | + } |
| 27 | + |
| 28 | + ingress { |
| 29 | + from_port = 80 |
| 30 | + to_port = 80 |
| 31 | + protocol = "tcp" |
| 32 | + cidr_blocks = ["0.0.0.0/0"] |
| 33 | + } |
| 34 | + |
| 35 | + ingress { |
| 36 | + from_port = 8000 |
| 37 | + to_port = 8000 |
| 38 | + protocol = "tcp" |
| 39 | + cidr_blocks = ["0.0.0.0/0"] |
| 40 | + } |
| 41 | + |
| 42 | + egress { |
| 43 | + from_port = 0 |
| 44 | + to_port = 0 |
| 45 | + protocol = "-1" |
| 46 | + cidr_blocks = ["0.0.0.0/0"] |
| 47 | + } |
| 48 | +} |
| 49 | + |
| 50 | + |
| 51 | +# Create an EC2 instance |
| 52 | +resource "aws_instance" "nginx" { |
| 53 | + ami = "ami-0557a15b87f6559cf" |
| 54 | + subnet_id = local.subnet_id1 |
| 55 | + associate_public_ip_address = true |
| 56 | + instance_type = "t2.micro" |
| 57 | + key_name = local.key_name |
| 58 | + security_groups = [aws_security_group.nginx.id] |
| 59 | + |
| 60 | +provisioner "remote-exec" { |
| 61 | + inline = ["echo 'Wait until SSH is ready'"] |
| 62 | + |
| 63 | + connection { |
| 64 | + type = "ssh" |
| 65 | + user = local.ssh_user |
| 66 | + private_key = file(local.private_key_path) |
| 67 | + host = aws_instance.nginx.public_ip |
| 68 | + } |
| 69 | + } |
| 70 | +provisioner "local-exec" { |
| 71 | + command = "ansible-playbook -i ${aws_instance.nginx.public_ip}, --private-key ${local.private_key_path} playbook.yml" |
| 72 | + } |
| 73 | +} |
| 74 | + |
| 75 | +#Create S3 Bucket |
| 76 | + |
| 77 | +resource "aws_s3_bucket" "terrabucket" { |
| 78 | + bucket = "terraform_bucket" |
| 79 | + force_destroy = true |
| 80 | + |
| 81 | + tags = { |
| 82 | + Name = "My bucket" |
| 83 | + Environment = "Dev" |
| 84 | + } |
| 85 | +} |
| 86 | +resource "aws_s3_bucket_server_side_encryption_configuration" "example"{ #By default it is off, so providing |
| 87 | + bucket = aws_s3_bucket.b.bucket |
| 88 | + rule { |
| 89 | + apply_server_side_encryption_by_default { |
| 90 | + sse_algorithm = "AES256" |
| 91 | + } |
| 92 | + } |
| 93 | +} |
| 94 | + |
| 95 | +data "aws_vpc" "default_vpc" { |
| 96 | + default = true |
| 97 | +} |
| 98 | + |
| 99 | +#Setup Load Balancer |
| 100 | + |
| 101 | + |
| 102 | +#Define load balancer target group |
| 103 | +resource "aws_lb_target_group" "instances" { |
| 104 | + name = "my-target-group" |
| 105 | + port = 80 |
| 106 | + protocol = "HTTP" |
| 107 | + target_type = "instance" |
| 108 | + vpc_id = data.aws_vpc.default_vpc.id |
| 109 | +} |
| 110 | + |
| 111 | +#Define load balancer target group attachment |
| 112 | +resource "aws_lb_target_group_attachment" "nginx" { |
| 113 | + target_group_arn = aws_lb_target_group.instances.arn |
| 114 | + target_id = aws_instance.nginx.id |
| 115 | + port = 80 |
| 116 | +} |
| 117 | + |
| 118 | +#Define listener where default action is to forward traffic to target group |
| 119 | +resource "aws_lb_listener" "http" { |
| 120 | + load_balancer_arn = aws_lb.load_balancer.arn |
| 121 | + port = 80 |
| 122 | + protocol ="HTTP" |
| 123 | + |
| 124 | + default_action { |
| 125 | + target_group_arn = aws_lb_target_group.instances.arn |
| 126 | + type = "forward" |
| 127 | + } |
| 128 | +} |
| 129 | + |
| 130 | +resource "aws_lb" "load_balancer" { |
| 131 | + name = "my-load-balancer" |
| 132 | + internal = false |
| 133 | + load_balancer_type = "application" |
| 134 | + security_groups = [aws_security_group.nginx.id] |
| 135 | + subnets = [local.subnet_id1, local.subnet_id2] |
| 136 | + |
| 137 | + tags = { |
| 138 | + Name = "my-load-balancer" |
| 139 | + } |
| 140 | +} |
| 141 | + |
| 142 | +# Define the Ansible playbook |
| 143 | +data "template_file" "playbook" { |
| 144 | + template = file("playbook.yml") |
| 145 | + vars = { |
| 146 | + django_secret_key = "mysecretkey" |
| 147 | + db_name = "mydb" |
| 148 | + db_user = "myuser" |
| 149 | + db_password = "mypassword" |
| 150 | + allowed_hosts = aws_instance.nginx.public_ip |
| 151 | + static_root = "/var/www/myapp/static" |
| 152 | + } |
| 153 | +} |
| 154 | + |
| 155 | + |
| 156 | +# Output the public IP address of the instance |
| 157 | +output "nginx_ip" { |
| 158 | + value = aws_instance.nginx.public_ip |
| 159 | +} |
| 160 | + |
| 161 | +output "nginx_port" { |
| 162 | + value = "80" |
| 163 | +} |
| 164 | + |
| 165 | +output "django_ip" { |
| 166 | + value = aws_instance.nginx.public_ip |
| 167 | +} |
| 168 | + |
| 169 | +output "django_port" { |
| 170 | + value = "8000" |
| 171 | +} |
0 commit comments