-
Notifications
You must be signed in to change notification settings - Fork 0
/
.terraform-docs.yml
88 lines (81 loc) · 3.18 KB
/
.terraform-docs.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
formatter: "markdown table" # this is required
header-from: main.tf
footer-from: ""
recursive:
enabled: false
path: ""
sections:
hide: []
show: []
content: |-
{{ .Requirements }}
## Usage
Basic usage of this module is as follows:
```hcl
module "ec2" {
source = "../module"
instance_type = "t3.medium"
vpc_id = "vpc-abcdef123456"
subnet_id = "subnet-abcdef123"
allow_ingress_ip = "0.0.0.0/0"
create_iam_instance_profile = true
php_version = "8.2"
domain_name = "example.com"
root_block_device = [
{
encrypted = true
volume_type = "gp3"
throughput = 200
volume_size = 50
},
]
}
```
This project was created for 5 minutes ec2 instance setup with installed php, mysql, nginx, backups.
To run this project - you need to install [terraform](https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli)
Full working example you can find in terraform/example.com directory. Ajust parameters in main.tf and backend.tf files and run `terraform init` and `terraform apply`
After applying the Terraform configuration, an SSH key will be generated and saved in the directory from which you applied the code.
To connect to the server, use the following SSH command, replacing `<server_ip>` with the IP address of the server:
```bash
ssh <server_ip> -l ubuntu -i example.com.pem
```
After the server created - it will run self-setup ansible script used EC2 [user data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html#user-data-shell-scripts)
## Ansible installation:
- The PHP version to set up can be defined by the php_version parameter. Supported versions include 8.1, 8.2, and 8.3.
- The php.ini file will be configured to implement basic security changes.
- MySQL root and user password will be generated automatically, root password will be saved to `/root/.my.cnf`, user password will be saved to `/var/www/vhosts/example.com/index.php`.
- A MySQL backup script will be installed to `/root/bin/mysql-maint.sh` and added as a cronjob to execute at midnight.
- An Nginx configuration file will be created at /etc/nginx/conf.d/example.com.conf, and the virtual host will be served from /var/www/vhosts/example.com/.
- After the autosetup is finished, you can point the DNS of your example.com and www.example.com to the IP address and issue HTTPS certificates by running certbot --nginx.
## Debug:
If something was not configured properly - you can review ansible log in /var/log/cloud-init-output.log.
{{ .Resources }}
{{ .Inputs }}
{{ .Outputs }}
output:
file: README.md
mode: inject
template: |-
<!-- BEGIN_AUTOMATED_TF_DOCS_BLOCK -->
{{ .Content }}
<!-- END_AUTOMATED_TF_DOCS_BLOCK -->
output-values:
enabled: false
from: ""
sort:
enabled: true
by: name
settings:
anchor: true
color: true
default: true
description: true
escape: true
hide-empty: false
html: true
indent: 2
lockfile: true
read-comments: true
required: true
sensitive: true
type: true