first commit

This commit is contained in:
Ryan Malloy 2024-11-09 12:23:43 -07:00
commit ff79f4fd31
3 changed files with 226 additions and 0 deletions

155
main.tf Normal file
View File

@ -0,0 +1,155 @@
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "4.45.0"
}
}
}
provider "aws" {
region = var.aws_region
access_key = var.aws_access_key
secret_key = var.aws_secret_key
}
resource "aws_vpc" "main_vpc" {
cidr_block = var.vpc_cidr
tags = {
Name = "main-vpc"
}
}
resource "aws_internet_gateway" "igw" {
vpc_id = aws_vpc.main_vpc.id
tags = {
Name = "main-igw"
}
}
resource "aws_subnet" "public_subnet" {
vpc_id = aws_vpc.main_vpc.id
cidr_block = var.public_cidr
availability_zone = "${var.aws_region}a"
map_public_ip_on_launch = true
tags = {
Name = "public-subnet"
}
}
# Create a route table with a route to the internet through the Internet Gateway
resource "aws_route_table" "public_rt" {
vpc_id = aws_vpc.main_vpc.id
route {
cidr_block = "0.0.0.0/0"
gateway_id = aws_internet_gateway.igw.id
}
}
# Associate route table with the public subnet, enabling outgoing traffic to reach the internet.
resource "aws_route_table_association" "public_rt_association" {
subnet_id = aws_subnet.public_subnet.id
route_table_id = aws_route_table.public_rt.id
}
resource "tls_private_key" "ssh_key" {
algorithm = "RSA"
rsa_bits = 4096
}
resource "local_file" "private_key" {
content = tls_private_key.ssh_key.private_key_pem
filename = "./.ssh/terraform_rsa"
}
resource "local_file" "public_key" {
content = tls_private_key.ssh_key.public_key_openssh
filename = "./.ssh/terraform_rsa.pub"
}
resource "aws_key_pair" "deployer" {
key_name = "ubuntu_ssh_key"
public_key = tls_private_key.ssh_key.public_key_openssh
}
# Firewall
resource "aws_security_group" "allow_ssh_http_https" {
vpc_id = aws_vpc.main_vpc.id
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
data "aws_ami" "latest_ecs" {
most_recent = true
owners = ["591542846629"] # AWS
filter {
name = "name"
values = ["*amazon-ecs-optimized"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
}
data "aws_ami" "ubuntu" {
most_recent = true
owners = ["099720109477"] # Cannonical / Ubuntu
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-focal-24.04-amd64-server-*"]
}
filter {
name = "virtualization-type"
values = ["hvm"]
}
}
resource "aws_instance" "ubuntu_instance" {
ami = data.aws_ami.ubuntu.ami # Ubuntu "ami-0a0e5d9c7acc336f1"
# ami = data.aws_ami.latest_ecs.ami # Amazon Linux
instance_type = var.instance_size
subnet_id = aws_subnet.public_subnet.id
vpc_security_group_ids = [aws_security_group.allow_ssh_http_https.id]
key_name = aws_key_pair.deployer.key_name
associate_public_ip_address = true
depends_on = [
aws_security_group.allow_ssh_http_https,
aws_internet_gateway.igw
]
user_data = var.user_data
}

19
outputs.tf Normal file
View File

@ -0,0 +1,19 @@
output "ubuntu_ami" {
value = data.aws_ami.ubuntu
description = "AMI selected to build instance from"
}
output "private_key" {
value = tls_private_key.ssh_key.private_key_pem
description = "SSH Private Key (PEM format)"
}
output "public_key" {
value = tls_private_key.ssh_key.public_key_openssh
description "SSH Public Key (OpenSSH format)"
}
output "ubuntu_instance_public_ip" {
value = aws_instance.ubuntu_instance.public_ip
}

52
variables.tf Normal file
View File

@ -0,0 +1,52 @@
# Variables
variable "user_data" {
description = "Cloud Init 'user_data'"
default = <<-EOF
#!/bin/bash
sudo apt update -y
sudo apt-get -y install ca-certificates curl
sudo install -y -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
# Add the repository to Apt sources:
echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
$(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update
sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
EOF
}
variable "instance_size" {
description = "Size of instance to create"
default = "t2.micro"
}
variable "vpc_cidr" {
description = "CIDR of VPC Subnet"
default = "10.0.0.0/16"
}
variable "public_cidr" {
description = "CIDR of Public Subnet"
default = "10.0.1.0/24"
}
variable "aws_region" {
description = "Region Preference"
default = "us-west-2"
}
variable "aws_access_key" {
description = "AWS Access Key"
type = string
}
variable "aws_secret_key" {
description = "AWS Secret Key"
type = string
}