-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
d3d9286
commit 689c1fa
Showing
26 changed files
with
2,108 additions
and
0 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,68 @@ | ||
| terraform { | ||
|
|
||
| /*# | ||
| The "backend" block in the "01-providers.tf" must remain commented until the bucket and the DynamoDB table are created. | ||
| After all your resources will be created, you will need to replace empty values | ||
| for "region" and "bucket" in the "backend" block of the "00-providers.tf" since variables are not allowed in this block. | ||
| For "region" you need to specify the region where the S3 bucket and DynamoDB table are located. | ||
| You need to use the same value that you have in the "00-variables.tf" for the "region" variable. | ||
| For "bucket" you will get its values in the output after the first run of "terraform apply -auto-approve". | ||
| After your values are set, you can then uncomment the "backend" block and run again "terraform init" and then "terraform apply -auto-approve". | ||
| In this way, the "terraform.tfstate" file will be stored in an S3 bucket and DynamoDB will be used for state locking and consistency checking. | ||
| */ | ||
|
|
||
| /*# | ||
| backend "s3" { | ||
| region = "" | ||
| bucket = "" | ||
| key = "state/terraform.tfstate" | ||
| kms_key_id = "alias/terraform-bucket-key-gitlab-1" | ||
| dynamodb_table = "dynamodb-terraform-state-lock-gitlab-1" | ||
| encrypt = true | ||
| } | ||
| */ | ||
|
|
||
| # Terraform version (replace with yours) | ||
| required_version = "~> 1.6.1" | ||
|
|
||
| # Terraform providers | ||
| required_providers { | ||
| aws = { | ||
| source = "hashicorp/aws" | ||
|
|
||
| # Provider versions (replace with yours) | ||
| version = "~> 5.38.0" | ||
| } | ||
|
|
||
| tls = { | ||
| source = "hashicorp/tls" | ||
|
|
||
| # Provider versions (replace with yours) | ||
| version = "~> 4.0.4" | ||
| } | ||
|
|
||
| local = { | ||
| source = "hashicorp/local" | ||
|
|
||
| # Provider versions (replace with yours) | ||
| version = "~> 2.4.0" | ||
| } | ||
|
|
||
| random = { | ||
| source = "hashicorp/random" | ||
|
|
||
| # Provider versions (replace with yours) | ||
| version = "~> 3.6.0" | ||
| } | ||
| } | ||
| } | ||
|
|
||
| # Providers region (replace with yours) | ||
| provider "aws" { | ||
| region = var.region | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| # VPC creation | ||
| resource "aws_vpc" "vpc_1" { | ||
| cidr_block = var.vpc_1_cidr | ||
|
|
||
| enable_dns_support = true | ||
| enable_dns_hostnames = true | ||
|
|
||
| tags = { | ||
| Name = "vpc-gitlab-1" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,71 @@ | ||
| # Private subnet creation | ||
| resource "aws_subnet" "private_subnet_1a" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
| cidr_block = var.private_subnet_1a_cidr | ||
| availability_zone = "${var.region}a" | ||
| map_public_ip_on_launch = false | ||
|
|
||
| tags = { | ||
| "Name" = "private-gitlab-1-${var.region}a" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } | ||
|
|
||
| # Private subnet creation | ||
| resource "aws_subnet" "private_subnet_1b" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
| cidr_block = var.private_subnet_1b_cidr | ||
| availability_zone = "${var.region}b" | ||
| map_public_ip_on_launch = false | ||
|
|
||
| tags = { | ||
| "Name" = "private-gitlab-1-${var.region}b" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } | ||
|
|
||
| # Private subnet creation | ||
| resource "aws_subnet" "private_subnet_1c" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
| cidr_block = var.private_subnet_1c_cidr | ||
| availability_zone = "${var.region}c" | ||
| map_public_ip_on_launch = false | ||
|
|
||
| tags = { | ||
| "Name" = "private-gitlab-1-${var.region}c" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } | ||
|
|
||
| # Public subnet creation | ||
| resource "aws_subnet" "public_subnet_1a" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
| cidr_block = var.public_subnet_1a_cidr | ||
| availability_zone = "${var.region}a" | ||
| #tfsec:ignore:aws-ec2-no-public-ip-subnet | ||
| map_public_ip_on_launch = true | ||
|
|
||
| tags = { | ||
| "Name" = "public-gitlab-1-${var.region}a" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } | ||
|
|
||
| # Public subnet creation | ||
| resource "aws_subnet" "public_subnet_1b" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
| cidr_block = var.public_subnet_1b_cidr | ||
| availability_zone = "${var.region}b" | ||
| #tfsec:ignore:aws-ec2-no-public-ip-subnet | ||
| map_public_ip_on_launch = true | ||
|
|
||
| tags = { | ||
| "Name" = "public-gitlab-1-${var.region}b" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,41 @@ | ||
| # RDS Subnet Group | ||
| resource "aws_db_subnet_group" "rds_subnet_group_1" { | ||
| name = var.subnet_group_1_name | ||
|
|
||
| subnet_ids = [ | ||
| aws_subnet.private_subnet_1a.id, | ||
| aws_subnet.private_subnet_1b.id, | ||
| aws_subnet.private_subnet_1c.id | ||
| ] | ||
|
|
||
| tags = { | ||
| Name = "rds-subnet-group-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.private_subnet_1a, | ||
| aws_subnet.private_subnet_1b, | ||
| aws_subnet.private_subnet_1c | ||
| ] | ||
| } | ||
|
|
||
| # Redis Subnet Group | ||
| resource "aws_elasticache_subnet_group" "redis_subnet_group_1" { | ||
| name = var.subnet_group_2_name | ||
|
|
||
| subnet_ids = [ | ||
| aws_subnet.private_subnet_1a.id, | ||
| aws_subnet.private_subnet_1b.id, | ||
| aws_subnet.private_subnet_1c.id | ||
| ] | ||
|
|
||
| tags = { | ||
| Name = "redis-subnet-group-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.private_subnet_1a, | ||
| aws_subnet.private_subnet_1b, | ||
| aws_subnet.private_subnet_1c | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| # Internet gateway creation | ||
| resource "aws_internet_gateway" "igw_1" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
|
|
||
| tags = { | ||
| Name = "igw-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| # Elastic IP allocation | ||
| resource "aws_eip" "nat_eip_1" { | ||
| domain = "vpc" | ||
|
|
||
| tags = { | ||
| Name = "nat-eip-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [aws_vpc.vpc_1] | ||
| } | ||
|
|
||
| # Public NAT creation | ||
| resource "aws_nat_gateway" "nat_1" { | ||
| allocation_id = aws_eip.nat_eip_1.id | ||
| subnet_id = aws_subnet.public_subnet_1a.id | ||
|
|
||
| tags = { | ||
| Name = "nat-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [ | ||
| aws_internet_gateway.igw_1, | ||
| aws_eip.nat_eip_1, | ||
| aws_subnet.public_subnet_1a | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,86 @@ | ||
| # Private route table creation | ||
| resource "aws_route_table" "private_route_1" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
|
|
||
| route { | ||
| cidr_block = var.private_route_1_cidr | ||
| nat_gateway_id = aws_nat_gateway.nat_1.id | ||
| } | ||
|
|
||
| tags = { | ||
| Name = "private-route-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [aws_nat_gateway.nat_1] | ||
| } | ||
|
|
||
| # Public route table creation | ||
| resource "aws_route_table" "public_route_1" { | ||
| vpc_id = aws_vpc.vpc_1.id | ||
|
|
||
| route { | ||
| cidr_block = var.public_route_1_cidr | ||
| gateway_id = aws_internet_gateway.igw_1.id | ||
| } | ||
|
|
||
| tags = { | ||
| Name = "public-route-gitlab-1" | ||
| } | ||
|
|
||
| depends_on = [aws_internet_gateway.igw_1] | ||
| } | ||
|
|
||
| # Private route table association | ||
| resource "aws_route_table_association" "private_subnet_1a" { | ||
| subnet_id = aws_subnet.private_subnet_1a.id | ||
| route_table_id = aws_route_table.private_route_1.id | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.private_subnet_1a, | ||
| aws_route_table.private_route_1 | ||
| ] | ||
| } | ||
|
|
||
| # Private route table association | ||
| resource "aws_route_table_association" "private_subnet_1b" { | ||
| subnet_id = aws_subnet.private_subnet_1b.id | ||
| route_table_id = aws_route_table.private_route_1.id | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.private_subnet_1b, | ||
| aws_route_table.private_route_1 | ||
| ] | ||
| } | ||
|
|
||
| # Private route table association | ||
| resource "aws_route_table_association" "private_subnet_1c" { | ||
| subnet_id = aws_subnet.private_subnet_1c.id | ||
| route_table_id = aws_route_table.private_route_1.id | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.private_subnet_1c, | ||
| aws_route_table.private_route_1 | ||
| ] | ||
| } | ||
|
|
||
| # Public route table association | ||
| resource "aws_route_table_association" "public_subnet_1a" { | ||
| subnet_id = aws_subnet.public_subnet_1a.id | ||
| route_table_id = aws_route_table.public_route_1.id | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.public_subnet_1a, | ||
| aws_route_table.public_route_1 | ||
| ] | ||
| } | ||
|
|
||
| # Public route table association | ||
| resource "aws_route_table_association" "public_subnet_1b" { | ||
| subnet_id = aws_subnet.public_subnet_1b.id | ||
| route_table_id = aws_route_table.public_route_1.id | ||
|
|
||
| depends_on = [ | ||
| aws_subnet.public_subnet_1b, | ||
| aws_route_table.public_route_1 | ||
| ] | ||
| } |
Oops, something went wrong.