Terraform: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
|||
Line 3: | Line 3: | ||
| sudo tee /etc/apt/keyrings/hashicorp.asc >/dev/null | | sudo tee /etc/apt/keyrings/hashicorp.asc >/dev/null | ||
cat << | cat << SRC | sudo tee /etc/apt/sources.list.d/hashicorp.list >/dev/null | ||
deb [arch=$(dpkg --print-architecture)\ | deb [arch=$(dpkg --print-architecture)\ | ||
signed-by=/etc/apt/keyrings/hashicorp.asc]\ | signed-by=/etc/apt/keyrings/hashicorp.asc]\ | ||
https://apt.releases.hashicorp.com $(lsb_release -cs) main | https://apt.releases.hashicorp.com $(lsb_release -cs) main | ||
SRC | |||
sudo apt update && sudo apt list --upgradeable | sudo apt update && sudo apt list --upgradeable | ||
Line 87: | Line 87: | ||
==Backend » HTTP== | ==Backend » HTTP== | ||
<syntaxhighlight lang=" | <syntaxhighlight lang="bash"> | ||
cat << HCL | tee -a ./variables.tf >/dev/null | |||
variable "backend_http_tfstate_repository_unlock" { | |||
type = string | |||
description = "Terraform State Repository Unlock" | |||
} | |||
variable "backend_http_tfstate_repository_lock" { | |||
type = string | |||
description = "Terraform State Repository Lock" | |||
} | |||
variable "backend_http_tfstate_repository_base" { | |||
type = string | |||
description = "Terraform State Repository Base" | |||
} | |||
variable "backend_http_username" { | |||
type = string | |||
description = "Terraform State Repository Username" | |||
} | |||
variable "backend_http_password" { | |||
type = string | |||
description = "Terraform State Repository Password" | |||
} | |||
HCL | |||
</syntaxhighlight> | |||
---- | |||
<syntaxhighlight lang="bash"> | |||
cat << HCL | tee -a ./backend.tf >/dev/null | |||
terraform { | terraform { | ||
backend "http" { | backend "http" { | ||
Line 100: | Line 126: | ||
} | } | ||
} | } | ||
HCL | |||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang="terraform | <syntaxhighlight lang="bash"> | ||
cat << HCL | tee -a ./{terraform,academia.auto}.tfvars >/dev/null | |||
backend_http_tfstate_repository_unlock = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/unlock" | backend_http_tfstate_repository_unlock = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/unlock" | ||
backend_http_tfstate_repository_lock = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/lock" | backend_http_tfstate_repository_lock = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/lock" | ||
Line 108: | Line 136: | ||
backend_http_username = "academia" | backend_http_username = "academia" | ||
backend_http_password = "sadaqah!" | backend_http_password = "sadaqah!" | ||
HCL | |||
</syntaxhighlight> | </syntaxhighlight> | ||
---- | ---- | ||
<syntaxhighlight lang="terraform | <syntaxhighlight lang="bash"> | ||
cat << HCL | tee -a ./{terraform,academia.auto}.tfvars >/dev/null | |||
backend_http_tfstate_repository_unlock = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/unlock" | backend_http_tfstate_repository_unlock = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/unlock" | ||
backend_http_tfstate_repository_lock = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/lock" | backend_http_tfstate_repository_lock = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/lock" | ||
Line 116: | Line 146: | ||
backend_http_username = "[email protected]" | backend_http_username = "[email protected]" | ||
backend_http_password = "sadaqah!" | backend_http_password = "sadaqah!" | ||
HCL | |||
</syntaxhighlight> | </syntaxhighlight> | ||
Revision as of 22:07, 20 July 2024
curl -fsSL https://apt.releases.hashicorp.com/gpg\
| sudo tee /etc/apt/keyrings/hashicorp.asc >/dev/null
cat << SRC | sudo tee /etc/apt/sources.list.d/hashicorp.list >/dev/null
deb [arch=$(dpkg --print-architecture)\
signed-by=/etc/apt/keyrings/hashicorp.asc]\
https://apt.releases.hashicorp.com $(lsb_release -cs) main
SRC
sudo apt update && sudo apt list --upgradeable
sudo apt upgrade && sudo apt install terraform
terraform version
Structure
sdlc/
├─ main.tf # Main Terraform config file
├─ variables.tf # Variable declarations
├─ terraform.tfvars # Variable assigned
├─ outputs.tf # Output definitions
├─ provider.tf # Provider-specific config
├─ terraform.tfstate # Terraform state file
├─ academia.auto.tfvars # User Sensitive Data
├─ dev.tf # Dev Env config for development
├─ prod.tf # Prod Env config for production
├─ modules/ # Directory for custom modules
│ ├─ module1/ # Custom module 1
│ │ ├─ main.tf # Module-specific Terraform config
│ │ ├─ variables.tf # Module-specific variables
│ │ └─ outputs.tf # Module-specific outputs
│ └─ module2/ # Custom module 2
│ ├─ main.tf
│ ├─ variables.tf
│ └─ outputs.tf
├─ environments/ # Directory for env
│ ├─ dev/ # Development env
│ │ ├─ main.tf # Env specific Terraform config
│ │ ├─ variables.tf
│ │ └─ outputs.tf
│ └─ prod/ # Production env
│ ├─ main.tf
│ ├─ variables.tf
│ └─ outputs.tf
├─ scripts/ # Scripts or utility for IaC
└── README.md
Summary
Backend » HTTPcat << HCL | tee -a ./variables.tf >/dev/null
variable "backend_http_tfstate_repository_unlock" {
type = string
description = "Terraform State Repository Unlock"
}
variable "backend_http_tfstate_repository_lock" {
type = string
description = "Terraform State Repository Lock"
}
variable "backend_http_tfstate_repository_base" {
type = string
description = "Terraform State Repository Base"
}
variable "backend_http_username" {
type = string
description = "Terraform State Repository Username"
}
variable "backend_http_password" {
type = string
description = "Terraform State Repository Password"
}
HCL
cat << HCL | tee -a ./backend.tf >/dev/null
terraform {
backend "http" {
unlock_address = var.backend_http_tfstate_repository_unlock
lock_address = var.backend_http_tfstate_repository_lock
address = var.backend_http_tfstate_repository_base
username = var.backend_http_username
password = var.backend_http_password
unlock_method = DELETE
lock_method = POST
retry_wait_min = 5
}
}
HCL
cat << HCL | tee -a ./{terraform,academia.auto}.tfvars >/dev/null
backend_http_tfstate_repository_unlock = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/unlock"
backend_http_tfstate_repository_lock = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke/lock"
backend_http_tfstate_repository_base = "https://gitlab.chorke.org/api/v4/projects/123/terraform/state/aws-chorke"
backend_http_username = "academia"
backend_http_password = "sadaqah!"
HCL
cat << HCL | tee -a ./{terraform,academia.auto}.tfvars >/dev/null
backend_http_tfstate_repository_unlock = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/unlock"
backend_http_tfstate_repository_lock = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke/lock"
backend_http_tfstate_repository_base = "https://nexus.chorke.org/repository/terraform/chorke-sdlc/state/aws-chorke"
backend_http_username = "[email protected]"
backend_http_password = "sadaqah!"
HCL
Playground
References |