move ec2 key generation to Terraform, unhardcode region

This commit is contained in:
Arsenii Petrovich 2019-02-24 21:07:30 +03:00
parent eb582ce199
commit b6b065f98b
9 changed files with 18 additions and 13 deletions

View File

@ -4,9 +4,8 @@
- { role: check }
- { role: s3, when: "backend|bool == true" }
- { role: dynamodb, when: "backend|bool == true" }
- { role: ec2_key }
- { role: main_infra }
environment:
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
AWS_REGION: "us-east-1"
AWS_REGION: "{{ region }}"

View File

@ -9,4 +9,4 @@
environment:
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
AWS_REGION: "us-east-1"
AWS_REGION: "{{ region }}"

View File

@ -48,6 +48,9 @@ use_ssl: "false"
alb_ssl_policy: "ELBSecurityPolicy-2016-08"
alb_certificate_arn: "arn:aws:acm:us-east-1:290379793816:certificate/6d1bab74-fb46-4244-aab2-832bf519ab24"
# Region. It is recommended to deploy to us-east-1 as some of the other regions fails due to varied reasons
region: "us-east-1"
## Size of the EC2 instance EBS root volume
root_block_size: 120

View File

@ -1,2 +0,0 @@
ec2_ssh_key_name: "sokol-test"
ec2_ssh_key_content: ""

View File

@ -1,6 +0,0 @@
- name: Creating a keypair
ec2_key:
name: "{{ ec2_ssh_key_name }}"
key_material: "{{ ec2_ssh_key_content }}"
force: true
when: ec2_ssh_key_content != ""

View File

@ -4,7 +4,6 @@ bucket: "poa-terraform-state"
terraform_location: "/usr/local/bin/terraform"
region: "us-east-1"
prefix: "sokol"
ec2_ssh_key_name: "sokol-test"
vpc_cidr: "10.0.0.0/16"
public_subnet_cidr: "10.0.0.0/24"
db_subnet_cidr: "10.0.2.0/16"
@ -12,6 +11,8 @@ dns_zone_name: "poa.internal"
instance_type: "m5.xlarge"
root_block_size: 8
pool_size: 30
ec2_ssh_key_name: "sokol-test"
ec2_ssh_key_content: ""
db_id: "poa"
db_name: "poa"

View File

@ -0,0 +1,5 @@
resource "aws_key_pair" "blockscout" {
count = "${var.key_content == "" ? 0 : 1}"
key_name = "${var.key_name}"
public_key = "${var.key_content}"
}

View File

@ -9,6 +9,10 @@ variable "instance_type" {}
variable "root_block_size" {}
variable "pool_size" {}
variable "key_content" {
default = ""
}
variable "chain_jsonrpc_variant" {
default = {}
}
@ -53,4 +57,4 @@ variable "new_relic_license_key" {}
variable "secret_key_base" {}
variable "alb_ssl_policy" {}
variable "alb_certificate_arn" {}
variable "use_ssl" {}
variable "use_ssl" {}

View File

@ -1,6 +1,7 @@
region = "{{ ansible_env.AWS_REGION }}"
prefix = "{{ prefix }}"
key_name = "{{ ec2_ssh_key_name }}"
key_content = "{{ ec2_ssh_key_content }}"
vpc_cidr = "{{ vpc_cidr }}"
public_subnet_cidr = "{{ public_subnet_cidr }}"
db_subnet_cidr = "{{ db_subnet_cidr }}"