2.8 KiB
2.8 KiB
Containerized Nginx with self-signed TLS on Container Optimized OS
This module manages a cloud-config configuration that starts a containerized Nginx with a self-signed TLS cert on Container Optimized OS.
This can be useful if you need quickly a VM or instance group answering HTTPS for prototyping.
The generated cloud config is rendered in the cloud_config output, and is meant to be used in instances or instance templates via the user-data metadata.
This module depends on the cos-generic-metadata module being in the parent folder. If you change its location be sure to adjust the source attribute in main.tf.
Examples
Default configuration
# Nginx with self-signed TLS config
module "cos-nginx-tls" {
source = "./fabric/modules/cloud-config-container/nginx-tls"
}
# COS VM
module "vm-nginx-tls" {
source = "./fabric/modules/compute-vm"
project_id = local.project_id
zone = local.zone
name = "cos-nginx-tls"
network_interfaces = [{
network = local.vpc.self_link,
subnetwork = local.vpc.subnet_self_link,
nat = false,
addresses = null
}]
metadata = {
user-data = module.cos-nginx-tls.cloud_config
google-logging-enabled = true
}
boot_disk = {
image = "projects/cos-cloud/global/images/family/cos-stable"
type = "pd-ssd"
size = 10
}
service_account_scopes = ["https://www.googleapis.com/auth/cloud-platform"]
}
Variables
| name | description | type | required | default |
|---|---|---|---|---|
| files | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | map(object({…})) |
null |
|
| nginx_image | Nginx container image to use. | string |
"nginx:1.23.1" |
|
| runcmd_post | Extra commands to run after starting nginx. | list(string) |
[] |
|
| runcmd_pre | Extra commands to run before starting nginx. | list(string) |
[] |
|
| users | Additional list of usernames to be created. | list(object({…})) |
[…] |
Outputs
| name | description | sensitive |
|---|---|---|
| cloud_config | Rendered cloud-config file to be passed as user-data instance metadata. |