roleypoly/v3
1
0
Fork 0
mirror of https://github.com/roleypoly/roleypoly.git synced 2025-04-25 03:49:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

make terraform stuff

Browse source
This commit is contained in:
41666 2020-12-06 04:20:12 -05:00
parent d4e9f38a65
commit 8870f6b640
8 changed files with 257 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

75
terraform/.terraform.lock.hcl generated Executable file
View file

@ -0,0 +1,75 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.
provider "registry.terraform.io/cloudflare/cloudflare" {
version = "2.14.0"
constraints = ">= 2.14.0"
hashes = [
"h1:yCRAzW0sfs3LvDBKOMMlEIBhu5JFNhV7LCDb7Gk7wo0=",
"zh:061d269ab25d0a9b0bc72f7833c72f71facd467e3c3e40c8ab6e2de9fa6b6818",
"zh:299299f7881097367cc619b30ea9e1cdc3f575da2513b155897ed5339ee606d3",
"zh:52f9c07667cd6f67ee0f80725fc45b067ecfbba08f0af66f808b06b0ccc88c20",
"zh:54fbbf932c6ab5681ad96bd5d2111642c65379e2fe5239aa717a47a07831bee7",
"zh:6edd716fde5dea1a1eed955c9d87893871462716d8069e5960072536e343fa57",
"zh:6fc6bfc4ef7a8a105f1b1722442413efed7a496eaef768328e362f412a832ad9",
"zh:8473d2db5cc55859facc6ef00c3757d19d88ea49e9144f8f7997030fccbcfe02",
"zh:91a2b18020939457d62b4596193474c096fc86f64f9990261389b0e7ef01819e",
"zh:afe1708986117da60e1790ec274083e7c3921ee20f9389eca1e34b4aeee7f7b9",
"zh:f7a54f5c3ddc212a56f43669a754d0c3552e76a6154cdf747bdbdeae80338796",
"zh:f8ec3bebbbc52caca49030a65c2ffa79cea046516035832181388037065ff5e7",
]
}
provider "registry.terraform.io/hashicorp/google" {
version = "3.49.0"
constraints = ">= 3.49.0"
hashes = [
"h1:MgihBNqO052m2jthWBu00wWYkz+eNrETwLqBfWmvMMY=",
"zh:00ea68b3a3b6e11ea469f47ee949c7f8f5751f935a3366152f9d3c6660c27e9b",
"zh:1ef3efc2e81fa31ceb04e39ae25acd0f061629f104827e127bdb4345e95f37d0",
"zh:6bf00943baa776adef0bbc914886359cf95c505b0494f3936cedac5cd1e01a00",
"zh:7d2cce5a9be476d8eee67435d854d094f82b5814a0e34964d10f28c1e88a2c8f",
"zh:841d074e3fb06f0df7c930bc0c4a9733ce0c5f1a19d6af98632a7931d2ca6a59",
"zh:8920ccd27c8904fcf5d701d71baee4f64d9d6f1383e66c4673909d9c53895057",
"zh:91d4479d2d461ad582d127d47aa7094bd74a1278cc8d78ad36a1c4f31301f4f0",
"zh:a97c19cdb42b5f7e4e297183d60eaa45843ee7b0adde1120e47026c4cae456c1",
"zh:cbd862cc4d21866bb832e3e7fe4e6ed959f5e5363bcf3d74e476b42fec716efe",
"zh:ec3c63ba6db74b353fafff6aedbb30e3eb1a4e5c856b4920c7ffa10d7081cbbd",
]
}
provider "registry.terraform.io/hashicorp/null" {
version = "3.0.0"
constraints = ">= 3.0.0"
hashes = [
"h1:ysHGBhBNkIiJLEpthB/IVCLpA1Qoncp3KbCTFGFZTO0=",
"zh:05fb7eab469324c97e9b73a61d2ece6f91de4e9b493e573bfeda0f2077bc3a4c",
"zh:1688aa91885a395c4ae67636d411475d0b831e422e005dcf02eedacaafac3bb4",
"zh:24a0b1292e3a474f57c483a7a4512d797e041bc9c2fbaac42fe12e86a7fb5a3c",
"zh:2fc951bd0d1b9b23427acc93be09b6909d72871e464088171da60fbee4fdde03",
"zh:6db825759425599a326385a68acc6be2d9ba0d7d6ef587191d0cdc6daef9ac63",
"zh:85985763d02618993c32c294072cc6ec51f1692b803cb506fcfedca9d40eaec9",
"zh:a53186599c57058be1509f904da512342cfdc5d808efdaf02dec15f0f3cb039a",
"zh:c2e07b49b6efa676bdc7b00c06333ea1792a983a5720f9e2233db27323d2707c",
"zh:cdc8fe1096103cf5374751e2e8408ec4abd2eb67d5a1c5151fe2c7ecfd525bef",
"zh:dbdef21df0c012b0d08776f3d4f34eb0f2f229adfde07ff252a119e52c0f65b7",
]
}
provider "registry.terraform.io/hashicorp/random" {
version = "3.0.0"
constraints = ">= 3.0.0"
hashes = [
"h1:grDzxfnOdFXi90FRIIwP/ZrCzirJ/SfsGBe6cE0Shg4=",
"zh:0fcb00ff8b87dcac1b0ee10831e47e0203a6c46aafd76cb140ba2bab81f02c6b",
"zh:123c984c0e04bad910c421028d18aa2ca4af25a153264aef747521f4e7c36a17",
"zh:287443bc6fd7fa9a4341dec235589293cbcc6e467a042ae225fd5d161e4e68dc",
"zh:2c1be5596dd3cca4859466885eaedf0345c8e7628503872610629e275d71b0d2",
"zh:684a2ef6f415287944a3d966c4c8cee82c20e393e096e2f7cdcb4b2528407f6b",
"zh:7625ccbc6ff17c2d5360ff2af7f9261c3f213765642dcd84e84ae02a3768fd51",
"zh:9a60811ab9e6a5bfa6352fbb943bb530acb6198282a49373283a8fa3aa2b43fc",
"zh:c73e0eaeea6c65b1cf5098b101d51a2789b054201ce7986a6d206a9e2dacaefd",
"zh:e8f9ed41ac83dbe407de9f0206ef1148204a0d51ba240318af801ffb3ee5f578",
"zh:fbdd0684e62563d3ac33425b0ac9439d543a3942465f4b26582bcfabcb149515",
]
}

52
terraform/providers.tf Normal file
View file

@ -0,0 +1,52 @@
terraform {
required_version = ">=0.14"
required_providers {
google = {
version = ">=3.49.0"
source = "hashicorp/google"
}
cloudflare = {
version = ">=2.14.0"
source = "cloudflare/cloudflare"
}
random = {
version = ">=3.0.0"
source = "hashicorp/random"
}
null = {
version = ">=3.0.0"
source = "hashicorp/null"
}
}
}
variable "cloudflare_email" {
type = string
sensitive = true
}
variable "cloudflare_api_token" {
type = string
sensitive = true
}
variable "cloudflare_account_id" {
type = string
sensitive = true
}
variable "cloudflare_zone_id" {
type = string
sensitive = true
}
provider "cloudflare" {
email = var.cloudflare_email
api_token = var.cloudflare_api_token
account_id = var.cloudflare_account_id
}

40
terraform/variables.tf Normal file
View file

@ -0,0 +1,40 @@
variable "environment_tag" {
type = string
description = "Environment to deploy. One of: stage, prod"
validation {
condition = var.environment_tag == "stage" || var.environment_tag == "prod" || var.environment_tag == "test"
error_message = "You must set environment_tag to one of: test, stage, or prod."
}
}
variable "ui_regions" {
type = list(string)
description = "Cloud Run regions to deploy UI to"
}
variable "bot_client_id" {
type = string
description = "Bot Client ID"
}
variable "bot_client_secret" {
type = string
description = "Bot Client Secret"
sensitive = true
}
variable "ui_public_uri" {
type = string
description = "UI Public Base Path"
}
variable "api_public_uri" {
type = string
description = "API Public Base Path"
}
variable "root_users" {
type = list(string)
description = "Root users to use for role elevation calculations"
}

2
terraform/variables/.gitignore vendored Normal file
View file

@ -0,0 +1,2 @@
# Do not commit your test environments.
test.tfvars

3
terraform/variables/global.tfvars Normal file
View file

@ -0,0 +1,3 @@
root_users = [
"62601275618889728"
]

11
terraform/variables/prod.tfvars Normal file
View file

@ -0,0 +1,11 @@
environment_tag = "prod"
ui_regions = [
"us-east4",
"us-central1",
"us-west1",
"europe-west2",
"europe-west3",
"australia-southeast1",
"asia-northeast1",
"asia-southeast1"
]

4
terraform/variables/stage.tfvars Normal file
View file

@ -0,0 +1,4 @@
environment_tag = "stage"
ui_regions = [
"us-east4"
]

70
terraform/workers.tf Normal file
View file

@ -0,0 +1,70 @@
resource "cloudflare_workers_kv_namespace" "sessions" {
title = "roleypoly-sessions-${var.environment_tag}"
}
resource "cloudflare_workers_kv_namespace" "guilds" {
title = "roleypoly-guilds-${var.environment_tag}"
}
resource "cloudflare_workers_kv_namespace" "guild_data" {
title = "roleypoly-guild_data-${var.environment_tag}"
}
resource "cloudflare_worker_script" "backend" {
name = "roleypoly-backend-${var.environment_tag}"
content = file("${path.module}/../worker/script.js")
kv_namespace_binding {
name = "KV_SESSIONS"
namespace_id = cloudflare_workers_kv_namespace.sessions.id
}
kv_namespace_binding {
name = "KV_GUILDS"
namespace_id = cloudflare_workers_kv_namespace.guilds.id
}
kv_namespace_binding {
name = "KV_GUILD_DATA"
namespace_id = cloudflare_workers_kv_namespace.guild_data.id
}
plain_text_binding {
name = "BOT_CLIENT_ID"
text = var.bot_client_id
}
secret_text_binding {
name = "BOT_CLIENT_SECRET"
text = var.bot_client_secret
}
plain_text_binding {
name = "UI_PUBLIC_URI"
text = var.ui_public_uri
}
plain_text_binding {
name = "API_PUBLIC_URI"
text = var.api_public_uri
}
plain_text_binding {
name = "ROOT_USERS"
text = join(",", var.root_users)
}
}
resource "cloudflare_record" "api" {
zone_id = var.cloudflare_zone_id
name = "api-${var.environment_tag}"
type = "AAAA"
value = "100::"
proxied = true
}
resource "cloudflare_worker_route" "backend" {
zone_id = var.cloudflare_zone_id
pattern = "api-${var.environment_tag}.roleypoly.com/*"
script_name = cloudflare_worker_script.backend.name
}