-
Notifications
You must be signed in to change notification settings - Fork 1
/
main.tf
159 lines (133 loc) · 4.24 KB
/
main.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
variable "app_name" {
description = "Name of this app"
type = string
default = "Trilium Notes"
}
variable "app" {
description = "URL friendly name of this app"
type = string
default = "trilium"
}
variable "stage" {
description = "Stage of deployment"
type = string
default = "production"
}
variable "domain" {
description = "Domain name to host this app"
type = string
default = "trilium.someone.me"
}
locals {
app_dir = "/opt/trilium"
}
module "root" {
source = "./modules/trilium-root"
app_name = var.app_name
app = var.app
stage = var.stage
vpc_cidr = "10.0.0.0/16"
vpc_subnets = 3
}
module "cert" {
source = "./modules/trilium-cert"
app_name = var.app_name
app = var.app
stage = var.stage
domain = var.domain
email_address = local.secret.letsencrypt_contact_email
}
module "app" {
source = "./modules/trilium-app"
app_name = var.app_name
app = var.app
stage = var.stage
subnet_id = module.root.public_subnet_ids[0]
sg_ids = module.root.app_instance_sg_ids
instance_type = "t3.micro"
pubkey = trimspace(local.secret.pubkey)
}
module "data" {
source = "./modules/trilium-data"
app_name = var.app_name
app = var.app
stage = var.stage
}
module "log" {
source = "./modules/trilium-log"
app_name = var.app_name
app = var.app
stage = var.stage
log_retention = 120 # days
}
module "end" {
source = "./modules/trilium-end"
app_name = var.app_name
app = var.app
stage = var.stage
domain = var.domain
app_instance_public_ip = module.app.instance_public_ip
}
module "provision" {
source = "./modules/trilium-provision"
depends_on = [
module.root,
module.app,
module.data,
module.log,
module.end,
]
app_name = var.app_name
app = var.app
stage = var.stage
domain = var.domain
cert = module.cert.cert
app_instance_username = module.app.instance_username
app_instance_public_ip = module.app.instance_public_ip
app_instance_keypair_path = local.keypair_path
app_dir = local.app_dir
app_image = "zadam/trilium:0.55.1"
proxy_image = "nginx:1.23.1-alpine"
log_group_region = module.log.log_group_region
app_log_group = module.log.app_log_group
proxy_log_group = module.log.proxy_log_group
}
output "app_url" {
description = "URL for this app"
value = "https://${var.domain}"
}
output "app_instance_username" {
description = "User name of the app instance"
value = module.app.instance_username
sensitive = true
}
output "app_instance_public_ip" {
description = "Public IP address of the app instance"
value = module.app.instance_public_ip
sensitive = true
}
output "cmd_trilium_installer" {
description = "Command to run to trilium installer playbook"
value = module.provision.cmd_trilium_installer
sensitive = true
}
output "cmd_ssh_to_app_instance" {
description = "Command to ssh into the app instance"
value = "ssh -i ${local.keypair_path} -o IdentitiesOnly=yes ${module.app.instance_username}@${module.app.instance_public_ip}"
sensitive = true
}
output "cmd_restart_app_container" {
description = "Command to restart the app instance"
value = "ssh -i ${local.keypair_path} -o IdentitiesOnly=yes ${module.app.instance_username}@${module.app.instance_public_ip} sudo docker restart app"
sensitive = true
}
output "cmd_download_app_db" {
description = "Command to download app db file (sqlite)"
value = "scp -i ${local.keypair_path} -o IdentitiesOnly=yes ${module.app.instance_username}@${module.app.instance_public_ip}:${local.app_dir}/data/document.db ."
sensitive = true
}
output "cmd_upload_app_db" {
description = "Command to upload app db file (sqlite)"
value = "scp -i ${local.keypair_path} -o IdentitiesOnly=yes document.db ${module.app.instance_username}@${module.app.instance_public_ip}:${local.app_dir}/data/document.db"
sensitive = true
}