initial commit ...
This commit is contained in:
commit
64e874f708
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.terraform
|
53
illevpn.tf
Normal file
53
illevpn.tf
Normal file
@ -0,0 +1,53 @@
|
||||
# Dieses terraform file richtet eine graviton arm64 Maschine bei amazon ein
|
||||
# Vor Aufruf müssen die AWS-Zugangsdaten als Umgebungsvariable gesetzt sein:
|
||||
|
||||
# export AWS_ACCESS_KEY_ID='AKGEHEIMGEHEIMGEHEIM'
|
||||
# export AWS_SECRET_ACCESS_KEY='NOCHMEHRGEHEIM/GEHEIMGEHEIM'
|
||||
|
||||
# dann kann mit :
|
||||
# terraform init
|
||||
# terraform apply
|
||||
# die Maschine gestartet werden und mit
|
||||
# ansible provisioniert werden
|
||||
|
||||
###############
|
||||
# Some defaults
|
||||
###############
|
||||
|
||||
provider "aws" {
|
||||
region = var.aws_region
|
||||
}
|
||||
|
||||
data "aws_route53_zone" "zone" {
|
||||
name = var.vpn_zone_name
|
||||
}
|
||||
|
||||
resource "aws_key_pair" "illevpn-aws-key" {
|
||||
key_name = "vpn-aws-key"
|
||||
public_key = var.vpn_public_key
|
||||
}
|
||||
|
||||
###############
|
||||
# Server
|
||||
###############
|
||||
resource "aws_instance" "vpnserver" {
|
||||
ami = "ami-01069be104eb25898" # ubuntu 20.10/arm64 us-east-1
|
||||
instance_type = "t4g.nano"
|
||||
availability_zone = "us-east-1a"
|
||||
key_name = aws_key_pair.vpn-aws-key.id
|
||||
}
|
||||
|
||||
###############
|
||||
# DNS Eintrag
|
||||
###############
|
||||
resource "aws_route53_record" "vpnserver" {
|
||||
zone_id = data.aws_route53_zone.zone.zone_id
|
||||
name = "${var_vpn_host_name}.${data.aws_route53_zone.zone.name}"
|
||||
type = "CNAME"
|
||||
ttl = "30"
|
||||
records = [aws_instance.vpnserver.public_dns]
|
||||
}
|
||||
|
||||
output "vpnserver_dns" {
|
||||
value = aws_instance.vpnserver.public_dns
|
||||
}
|
19
variables.tf
Normal file
19
variables.tf
Normal file
@ -0,0 +1,19 @@
|
||||
variable "vpn_public_key" {
|
||||
description = "Public ssh key for usage on aws instances"
|
||||
default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCusAQBVqRtFHb1gr4p6cowXSsX4VxRhKAGRcjPUVCF7NPHsi4UphkhLC6goyLmLZiUi03DnHXTfQ338s+nLMZpYejqbtErT1DuieMYlfkjUN5EtJphzgOwME0hY12GYsDY7mlSRmWuK5R100AMUqnMtGny4FktYZcUMTgXqJ6eEs7N0JjwF0cZJVbzUv4HRK5A0EebcTuvI2E8dYrzAGBaHAzna6zBouqEN9iRjVnzItSKO8rFAzlfxYC1+NkwTclFvYNMpPRzMw+5JCaKfKTB9nrYW3dHcvk4aF1Q5I39hfc5NIFosB96Ex4296VCDqa2Q/J20Sk01h7yU8fLJX45 stefan@keevan.netpioneer.de"
|
||||
}
|
||||
|
||||
variable "vpn_zone_name" {
|
||||
description = "route53 zone in which the hostname is registered"
|
||||
default = "appments.net"
|
||||
}
|
||||
|
||||
variable "vpn_host_name" {
|
||||
description = "route53 host name that is registered for the VPN server"
|
||||
default = "illevpn"
|
||||
}
|
||||
|
||||
variable "aws_region" {
|
||||
description = "AWS region in which we start the VPN server"
|
||||
default = "us-east-1"
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user