3.0 KiB
3.0 KiB
Containerized Nginx with self-signed TLS on Container Optimized OS
This module manages a cloud-config
configuration that starts a containerized Nginx with a self-signed TLS cert on Container Optimized OS.
This can be useful if you need quickly a VM or instance group answering HTTPS for prototyping.
The generated cloud config is rendered in the cloud_config
output, and is meant to be used in instances or instance templates via the user-data
metadata.
This module depends on the cos-generic-metadata
module being in the parent folder. If you change its location be sure to adjust the source
attribute in main.tf
.
Examples
Default configuration
# Nginx with self-signed TLS config
module "cos-nginx-tls" {
source = "./fabric/modules/cloud-config-container/nginx-tls"
}
# COS VM
module "vm-nginx-tls" {
source = "./fabric/modules/compute-vm"
project_id = local.project_id
zone = local.zone
name = "cos-nginx-tls"
network_interfaces = [{
network = local.vpc.self_link,
subnetwork = local.vpc.subnet_self_link,
nat = false,
addresses = null
}]
metadata = {
user-data = module.cos-nginx-tls.cloud_config
}
boot_disk = {
image = "projects/cos-cloud/global/images/family/cos-stable"
type = "pd-ssd"
size = 10
}
service_account_scopes = ["https://www.googleapis.com/auth/cloud-platform"]
}
Variables
name | description | type | required | default |
---|---|---|---|---|
docker_logging | Log via the Docker gcplogs driver. Disable if you use the legacy Logging Agent instead. | bool |
true |
|
files | Map of extra files to create on the instance, path as key. Owner and permissions will use defaults if null. | map(object({…})) |
null |
|
nginx_image | Nginx container image to use. | string |
"nginx:1.23.1" |
|
runcmd_post | Extra commands to run after starting nginx. | list(string) |
[] |
|
runcmd_pre | Extra commands to run before starting nginx. | list(string) |
[] |
|
users | Additional list of usernames to be created. | list(object({…})) |
[…] |
Outputs
name | description | sensitive |
---|---|---|
cloud_config | Rendered cloud-config file to be passed as user-data instance metadata. |