Skip to content
Snippets Groups Projects
Normal view Permalink
main.tf 3.07 KiB
Newer Older
Nathan Rodet's avatar
Initial commit
Nathan Rodet committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 
############
# Terraform SSH key
############

resource "scaleway_account_ssh_key" "ssh_key" {
  name       = "FORGE alpha_project_manager"
  public_key = var.SCW_SSH_PUB_KEY
}

############
# Public IP
############

resource "scaleway_instance_ip" "public_ip" {
  count      = var.INSTANCES_COUNT
  project_id = var.SCW_PROJECT_ID
}

################
# DOMAIN RECORD
################

resource "scaleway_domain_record" "subdomain_record" {
  count    = var.INSTANCES_COUNT
  dns_zone = "daag.alpha.grandlyon.com"
  name     = "lab-${count.index}-daag-${var.ENVIRONMENT}"
  type     = "A"
  data     = scaleway_instance_ip.public_ip[count.index].address
  ttl      = 3600
}

resource "scaleway_domain_record" "host_subdomain_record" {
  count    = var.INSTANCES_COUNT
  dns_zone = "daag.alpha.grandlyon.com"
  name     = "*.lab-${count.index}-daag-${var.ENVIRONMENT}"
  type     = "A"
  data     = scaleway_instance_ip.public_ip[count.index].address
  ttl      = 3600
}

##################################
## Security group - Allowed ports
##################################

resource "scaleway_instance_security_group" "www" {
  project_id              = var.SCW_PROJECT_ID
  name                    = "security-group-daag-lab-${var.ENVIRONMENT}"
  inbound_default_policy  = "drop"
  outbound_default_policy = "accept"

  inbound_rule {
    action = "accept"
    port   = "22"
  }

  inbound_rule {
    action = "accept"
    port   = "80"
  }

  inbound_rule {
    action = "accept"
    port   = "8080"
  }

  inbound_rule {
    action = "accept"
    port   = "443"
  }
}

##############################
## VM Instance - User Machine
##############################

resource "scaleway_instance_server" "user_instance_server" {
  count             = var.INSTANCES_COUNT
  project_id        = var.SCW_PROJECT_ID
  name              = "instance-${count.index}-daag-lab-${var.ENVIRONMENT}"
  type              = "DEV1-L"
  image             = "ubuntu_jammy"
  ip_id             = scaleway_instance_ip.public_ip[count.index].id
  security_group_id = scaleway_instance_security_group.www.id

  depends_on = [
    scaleway_account_ssh_key.ssh_key,
    scaleway_instance_security_group.www
  ]
}

resource "null_resource" "provisioner" {
  count      = var.INSTANCES_COUNT
  depends_on = [
    scaleway_instance_server.user_instance_server
  ]

  connection {
    host        = element(scaleway_instance_ip.public_ip.*.address, count.index)
    type        = "ssh"
    user        = "root"
    private_key = var.SCW_SSH_PRIVATE_KEY
    timeout     = "2m"
  }

  // Install Rust
  provisioner "remote-exec" {
    inline = [
      "apt-get update -y'",
      "curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y'",
      "source \"$HOME/.cargo/env\"",
    ]
  }

  // Install Code-server
  provisioner "remote-exec" {
    inline = [
      "curl -fsSL https://code-server.dev/install.sh | sh",
      "mkdir -p  /root/.config/code-server/",
      "echo 'bind-addr: 0.0.0.0:8080\nauth: password\npassword: yfB4W23G\ncert: false\n' > /root/.config/code-server/config.yaml",
      "systemctl enable --now code-server@$USER"
    ]
  }
}