commit 64e874f7083734d2c5dc3d695ebf711ac41739c8 Author: Stefan Märkle Date: Wed Dec 2 15:22:51 2020 +0100 initial commit ... diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..3fa8c86 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.terraform diff --git a/illevpn.tf b/illevpn.tf new file mode 100644 index 0000000..a015225 --- /dev/null +++ b/illevpn.tf @@ -0,0 +1,53 @@ +# Dieses terraform file richtet eine graviton arm64 Maschine bei amazon ein +# Vor Aufruf müssen die AWS-Zugangsdaten als Umgebungsvariable gesetzt sein: + +# export AWS_ACCESS_KEY_ID='AKGEHEIMGEHEIMGEHEIM' +# export AWS_SECRET_ACCESS_KEY='NOCHMEHRGEHEIM/GEHEIMGEHEIM' + +# dann kann mit : +# terraform init +# terraform apply +# die Maschine gestartet werden und mit +# ansible provisioniert werden + +############### +# Some defaults +############### + +provider "aws" { + region = var.aws_region +} + +data "aws_route53_zone" "zone" { + name = var.vpn_zone_name +} + +resource "aws_key_pair" "illevpn-aws-key" { + key_name = "vpn-aws-key" + public_key = var.vpn_public_key +} + +############### +# Server +############### +resource "aws_instance" "vpnserver" { + ami = "ami-01069be104eb25898" # ubuntu 20.10/arm64 us-east-1 + instance_type = "t4g.nano" + availability_zone = "us-east-1a" + key_name = aws_key_pair.vpn-aws-key.id +} + +############### +# DNS Eintrag +############### +resource "aws_route53_record" "vpnserver" { + zone_id = data.aws_route53_zone.zone.zone_id + name = "${var_vpn_host_name}.${data.aws_route53_zone.zone.name}" + type = "CNAME" + ttl = "30" + records = [aws_instance.vpnserver.public_dns] +} + +output "vpnserver_dns" { + value = aws_instance.vpnserver.public_dns +} diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..f1b71dc --- /dev/null +++ b/variables.tf @@ -0,0 +1,19 @@ +variable "vpn_public_key" { + description = "Public ssh key for usage on aws instances" + default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCusAQBVqRtFHb1gr4p6cowXSsX4VxRhKAGRcjPUVCF7NPHsi4UphkhLC6goyLmLZiUi03DnHXTfQ338s+nLMZpYejqbtErT1DuieMYlfkjUN5EtJphzgOwME0hY12GYsDY7mlSRmWuK5R100AMUqnMtGny4FktYZcUMTgXqJ6eEs7N0JjwF0cZJVbzUv4HRK5A0EebcTuvI2E8dYrzAGBaHAzna6zBouqEN9iRjVnzItSKO8rFAzlfxYC1+NkwTclFvYNMpPRzMw+5JCaKfKTB9nrYW3dHcvk4aF1Q5I39hfc5NIFosB96Ex4296VCDqa2Q/J20Sk01h7yU8fLJX45 stefan@keevan.netpioneer.de" +} + +variable "vpn_zone_name" { + description = "route53 zone in which the hostname is registered" + default = "appments.net" +} + +variable "vpn_host_name" { + description = "route53 host name that is registered for the VPN server" + default = "illevpn" +} + +variable "aws_region" { + description = "AWS region in which we start the VPN server" + default = "us-east-1" +} \ No newline at end of file