github.com/mre-fog/trillianxx@v1.1.2-0.20180615153820-ae375a99d36a/examples/deployment/aws/terraform.tf (about) 1 variable "WHITELIST_CIDR" { 2 description="Your IP block to whitelist access from" 3 } 4 variable "DB_PASSWORD" { } 5 6 provider "aws" { 7 region = "us-west-2" 8 } 9 10 /* The Database */ 11 12 resource "aws_rds_cluster" "trillian" { 13 cluster_identifier = "trillian" 14 database_name = "test" 15 master_username = "root" 16 master_password = "${var.DB_PASSWORD}" 17 skip_final_snapshot = true 18 port = 3306 19 vpc_security_group_ids = ["${aws_security_group.trillian_db.id}"] 20 availability_zones = ["us-west-2a", "us-west-2b", "us-west-2c"] 21 storage_encrypted = true 22 apply_immediately = true 23 24 } 25 26 resource "aws_rds_cluster_instance" "cluster_instances" { 27 count = 2 28 identifier = "trillian-${count.index}" 29 cluster_identifier = "${aws_rds_cluster.trillian.id}" 30 instance_class = "db.r3.large" 31 publicly_accessible = true 32 apply_immediately = true 33 } 34 35 resource "aws_security_group" "trillian_db" { 36 name = "trillian-db" 37 description = "Allow MySQL from Trillian and Development CIDR" 38 39 ingress { 40 from_port = 3306 41 to_port = 3306 42 protocol = "tcp" 43 cidr_blocks = ["${var.WHITELIST_CIDR}"] 44 } 45 46 ingress { 47 from_port = 3306 48 to_port = 3306 49 protocol = "tcp" 50 security_groups = ["${aws_security_group.trillian.id}"] 51 } 52 53 egress { 54 from_port = 0 55 to_port = 0 56 protocol = "-1" 57 cidr_blocks = ["0.0.0.0/0"] 58 } 59 } 60 61 resource "aws_rds_cluster_parameter_group" "trillian" { 62 name = "trillian-pg" 63 family = "aurora5.6" 64 65 # Whether InnoDB returns errors rather than warnings for exceptional conditions. 66 # replaces: `sql_mode = STRICT_ALL_TABLES` 67 parameter { 68 name = "innodb_strict_mode" 69 value = "1" 70 } 71 } 72 73 /* The Instance */ 74 75 /* select the latest official hvm amazon linux release */ 76 data "aws_ami" "trillian" { 77 most_recent = true 78 executable_users = ["all"] 79 80 name_regex = "^amzn-ami-hvm" 81 owners = ["amazon"] 82 } 83 84 resource "aws_security_group" "trillian" { 85 name = "trillian" 86 description = "Expose Rest, TPC and SSH endpoint to local cidr" 87 88 ingress { 89 from_port = 8090 90 to_port = 8091 91 protocol = "tcp" 92 cidr_blocks = ["${var.WHITELIST_CIDR}"] 93 } 94 ingress { 95 from_port = 22 96 to_port = 22 97 protocol = "tcp" 98 cidr_blocks = ["${var.WHITELIST_CIDR}"] 99 } 100 101 egress { 102 from_port = 0 103 to_port = 0 104 protocol = "-1" 105 cidr_blocks = ["0.0.0.0/0"] 106 } 107 } 108 109 resource "aws_instance" "trillian" { 110 ami = "${data.aws_ami.trillian.id}" 111 instance_type = "t2.medium" 112 vpc_security_group_ids = ["${aws_security_group.trillian.id}"] 113 associate_public_ip_address = true 114 115 tags { 116 Name = "trillian" 117 } 118 119 user_data = <<EOF 120 #!/bin/bash 121 122 set -e 123 124 yum update -y 125 yum install -y git mysql 126 127 # install golang 128 curl -o /tmp/go.tar.gz https://storage.googleapis.com/golang/go1.8.3.linux-amd64.tar.gz 129 tar -C /usr/local -xzf /tmp/go.tar.gz 130 export PATH=$PATH:/usr/local/go/bin 131 mkdir -p /go 132 export GOPATH=/go 133 134 # Install Trillian 135 go get github.com/google/trillian/server/trillian_log_server 136 137 # Setup the DB 138 cd /go/src/github.com/google/trillian 139 export DB_USER=root 140 export DB_PASSWORD=${var.DB_PASSWORD} 141 export DB_HOST=${aws_rds_cluster.trillian.endpoint} 142 export DB_DATABASE=test 143 ./scripts/resetdb.sh --verbose --force -h $DB_HOST 144 145 # Startup the Server 146 RPC_PORT=8090 147 HTTP_PORT=8091 148 /go/bin/trillian_log_server \ 149 --mysql_uri="${DB_USER}:${DB_PASSWORD}@tcp(${DB_HOST})/${DB_DATABASE}" \ 150 --rpc_endpoint="$HOST:$RPC_PORT" \ 151 --http_endpoint="$HOST:$HTTP_PORT" \ 152 --alsologtostderr 153 EOF 154 155 }