-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprovision.tf
62 lines (52 loc) · 1.69 KB
/
provision.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
data "cloudflare_zones" "main" {
filter {
name = var.domain
}
}
data "uptimerobot_alert_contact" "main" {
friendly_name = var.email
}
locals {
cloudflare_zone = data.cloudflare_zones.main.zones[0]
}
module "server" {
source = "./provision/server"
hostname = var.hostname
cloudflare_zone = local.cloudflare_zone
ssh_public_key_path = var.ssh_public_key_path
firewall_ports = var.ports
}
module "monitoring" {
source = "./provision/monitoring"
alert_contact = data.uptimerobot_alert_contact.main
monitored_ports = { for name, port_spec in var.ports : name => port_spec if lookup(port_spec, "monitored", false) }
server_record = module.server.a_record
cloudflare_zone = local.cloudflare_zone
}
module "ansible" {
source = "./provision/ansible"
server_a_record = module.server.a_record
backup_config = merge(
var.backup_host_config,
{ passphrase = var.backup_passphrase },
{ private_key_path = var.ssh_private_key_path }
)
mail_forwarding_config = merge(
var.mail_forwarding_host_config,
{ passphrase = var.mail_forwarding_passphrase }
)
}
resource "cloudflare_record" "aliases" {
zone_id = local.cloudflare_zone.id
name = each.key
type = "CNAME"
value = module.server.a_record.hostname
for_each = var.domain_aliases
}
module "compose" {
source = "./provision/compose"
server_record = module.server.a_record
domain_alias_records = values(cloudflare_record.aliases)
app_ports = { for name, port_spec in var.ports : name => port_spec if lookup(port_spec, "app", false) }
extra_env = merge(var.compose_env, {"status_page_url": module.monitoring.status_page_url})
}