move ec2 key generation to Terraform, unhardcode region
This commit is contained in:
parent
eb582ce199
commit
b6b065f98b
|
@ -4,9 +4,8 @@
|
|||
- { role: check }
|
||||
- { role: s3, when: "backend|bool == true" }
|
||||
- { role: dynamodb, when: "backend|bool == true" }
|
||||
- { role: ec2_key }
|
||||
- { role: main_infra }
|
||||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "us-east-1"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
|
|
@ -9,4 +9,4 @@
|
|||
environment:
|
||||
AWS_ACCESS_KEY_ID: "{{ aws_access_key }}"
|
||||
AWS_SECRET_ACCESS_KEY: "{{ aws_secret_key }}"
|
||||
AWS_REGION: "us-east-1"
|
||||
AWS_REGION: "{{ region }}"
|
||||
|
|
|
@ -48,6 +48,9 @@ use_ssl: "false"
|
|||
alb_ssl_policy: "ELBSecurityPolicy-2016-08"
|
||||
alb_certificate_arn: "arn:aws:acm:us-east-1:290379793816:certificate/6d1bab74-fb46-4244-aab2-832bf519ab24"
|
||||
|
||||
# Region. It is recommended to deploy to us-east-1 as some of the other regions fails due to varied reasons
|
||||
region: "us-east-1"
|
||||
|
||||
## Size of the EC2 instance EBS root volume
|
||||
root_block_size: 120
|
||||
|
||||
|
|
|
@ -1,2 +0,0 @@
|
|||
ec2_ssh_key_name: "sokol-test"
|
||||
ec2_ssh_key_content: ""
|
|
@ -1,6 +0,0 @@
|
|||
- name: Creating a keypair
|
||||
ec2_key:
|
||||
name: "{{ ec2_ssh_key_name }}"
|
||||
key_material: "{{ ec2_ssh_key_content }}"
|
||||
force: true
|
||||
when: ec2_ssh_key_content != ""
|
|
@ -4,7 +4,6 @@ bucket: "poa-terraform-state"
|
|||
terraform_location: "/usr/local/bin/terraform"
|
||||
region: "us-east-1"
|
||||
prefix: "sokol"
|
||||
ec2_ssh_key_name: "sokol-test"
|
||||
vpc_cidr: "10.0.0.0/16"
|
||||
public_subnet_cidr: "10.0.0.0/24"
|
||||
db_subnet_cidr: "10.0.2.0/16"
|
||||
|
@ -12,6 +11,8 @@ dns_zone_name: "poa.internal"
|
|||
instance_type: "m5.xlarge"
|
||||
root_block_size: 8
|
||||
pool_size: 30
|
||||
ec2_ssh_key_name: "sokol-test"
|
||||
ec2_ssh_key_content: ""
|
||||
|
||||
db_id: "poa"
|
||||
db_name: "poa"
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
resource "aws_key_pair" "blockscout" {
|
||||
count = "${var.key_content == "" ? 0 : 1}"
|
||||
key_name = "${var.key_name}"
|
||||
public_key = "${var.key_content}"
|
||||
}
|
|
@ -9,6 +9,10 @@ variable "instance_type" {}
|
|||
variable "root_block_size" {}
|
||||
variable "pool_size" {}
|
||||
|
||||
variable "key_content" {
|
||||
default = ""
|
||||
}
|
||||
|
||||
variable "chain_jsonrpc_variant" {
|
||||
default = {}
|
||||
}
|
||||
|
@ -53,4 +57,4 @@ variable "new_relic_license_key" {}
|
|||
variable "secret_key_base" {}
|
||||
variable "alb_ssl_policy" {}
|
||||
variable "alb_certificate_arn" {}
|
||||
variable "use_ssl" {}
|
||||
variable "use_ssl" {}
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
region = "{{ ansible_env.AWS_REGION }}"
|
||||
prefix = "{{ prefix }}"
|
||||
key_name = "{{ ec2_ssh_key_name }}"
|
||||
key_content = "{{ ec2_ssh_key_content }}"
|
||||
vpc_cidr = "{{ vpc_cidr }}"
|
||||
public_subnet_cidr = "{{ public_subnet_cidr }}"
|
||||
db_subnet_cidr = "{{ db_subnet_cidr }}"
|
||||
|
|
Loading…
Reference in New Issue