Skip to content

infrahouse/terraform-aws-bookstack

Folders and files

NameName
Last commit message
Last commit date

Latest commit

3079429 · Feb 17, 2025

History

12 Commits
May 24, 2024
May 24, 2024
Jun 12, 2024
May 24, 2024
May 24, 2024
May 24, 2024
Feb 6, 2025
Jun 12, 2024
Jan 28, 2025
Feb 6, 2025
May 24, 2024
Jun 12, 2024
Feb 6, 2025
Feb 17, 2025
Jun 12, 2024
May 24, 2024
Jun 12, 2024
Jun 12, 2024
May 24, 2024
Feb 6, 2025

Repository files navigation

terraform-aws-bookstack

Requirements

Name Version
terraform ~> 1.5
aws ~> 5.11
cloudinit ~> 2.3
null ~> 3.2
random ~> 3.6
tls ~> 4.0

Providers

Name Version
aws ~> 5.11
aws.dns ~> 5.11
random ~> 3.6
tls ~> 4.0

Modules

Name Source Version
bookstack registry.infrahouse.com/infrahouse/website-pod/aws 4.0.0
bookstack-userdata registry.infrahouse.com/infrahouse/cloud-init/aws 1.12.4
bookstack_app_key registry.infrahouse.com/infrahouse/secret/aws 0.5.0
db_user registry.infrahouse.com/infrahouse/secret/aws 0.5.0
ses_smtp_password registry.infrahouse.com/infrahouse/secret/aws 0.5.0

Resources

Name Type
aws_db_instance.db resource
aws_db_parameter_group.mysql resource
aws_db_subnet_group.db resource
aws_efs_file_system.bookstack-uploads resource
aws_efs_mount_target.bookstack-uploads resource
aws_iam_access_key.bookstack-emailer resource
aws_iam_policy.bookstack-emailer resource
aws_iam_user.bookstack-emailer resource
aws_iam_user_policy_attachment.bookstack-emailer resource
aws_key_pair.deployer resource
aws_security_group.db resource
aws_security_group.efs resource
aws_vpc_security_group_egress_rule.efs resource
aws_vpc_security_group_egress_rule.outgoing resource
aws_vpc_security_group_ingress_rule.efs resource
aws_vpc_security_group_ingress_rule.efs_icmp resource
aws_vpc_security_group_ingress_rule.mysql resource
random_id.bookstack_app_key resource
random_password.db_user resource
random_string.role-suffix resource
tls_private_key.rsa resource
aws_ami.ubuntu data source
aws_availability_zones.available data source
aws_caller_identity.current data source
aws_iam_policy_document.bookstack-emailer-permissions data source
aws_iam_policy_document.instance_permissions data source
aws_region.current data source
aws_route53_zone.current data source
aws_secretsmanager_secret.google_client data source
aws_ses_domain_identity.zone data source
aws_subnet.selected data source
aws_vpc.selected data source

Inputs

Name Description Type Default Required
asg_ami Image for EC2 instances string null no
asg_health_check_grace_period ASG will wait up to this number of minutes for instance to become healthy number 600 no
asg_max_size Maximum number of instances in ASG number null no
asg_min_size Minimum number of instances in ASG number null no
backend_subnet_ids List of subnet ids where the webserver and database instances will be created list(string) n/a yes
db_instance_type Instance type to run the database instances string "db.t3.micro" no
dns_a_records A list of A records the BookStack application will be accessible at. E.g. ["wiki"] or ["bookstack", "docs"]. By default, it will be [var.service_name]. list(string) null no
environment Name of environment. string "development" no
extra_files Additional files to create on an instance.
list(object({
content = string
path = string
permissions = string
}))
[] no
extra_repos Additional APT repositories to configure on an instance.
map(object({
source = string
key = string
}))
{} no
google_oauth_client_secret AWS secretsmanager secret name with a Google Oauth 'client id' and 'client secret'. string n/a yes
instance_type Instance type to run the webserver instances string "t3.micro" no
internet_gateway_id Not used, but AWS Internet Gateway must be present. Ensure by passing its id. string n/a yes
key_pair_name SSH keypair name to be deployed in EC2 instances string null no
lb_subnet_ids List of subnet ids where the load balancer will be created list(string) n/a yes
packages List of packages to install when the instances bootstraps. list(string) [] no
puppet_debug_logging Enable debug logging if true. bool false no
puppet_hiera_config_path Path to hiera configuration file. string "{root_directory}/environments/{environment}/hiera.yaml" no
puppet_module_path Path to common puppet modules. string "{root_directory}/modules" no
puppet_root_directory Path where the puppet code is hosted. string "/opt/puppet-code" no
service_name DNS hostname for the service. It's also used to name some resources like EC2 instances. string "bookstack" no
smtp_credentials_secret AWS secret name with SMTP credentials. The secret must contain a JSON with user and password keys. string null no
ssh_cidr_block CIDR range that is allowed to SSH into the backend instances. Format is a.b.c.d/. string null no
storage_encryption_key_arn KMS key ARN to encrypt RDS instance storage. string null no
ubuntu_codename Ubuntu version to use for the elasticsearch node string "jammy" no
zone_id Domain name zone ID where the website will be available string n/a yes

Outputs

Name Description
bookstack_instance_role_arn IAM role ARN assigned to bookstack EC2 instances.
bookstack_urls List of URLs where bookstack is available.