Terraform format

3 years ago · 6f75fec8a2
7 changed files with 145 additions and 145 deletions
--- a/terraform/backend.tf
+++ b/terraform/backend.tf
@ -1,9 +1,9 @@
 terraform {
  backend "s3" {
-    bucket = "prod-env"
+    bucket                      = "prod-env"
-    key    = "./terraform.tfstate"
+    key                         = "./terraform.tfstate"
-    region = "us-east-1"                                # e.g. us-east-1  ## Region must be hardcoded to an AWS allowed region in order for this resource block to work.
+    region                      = "us-east-1"                        # e.g. us-east-1  ## Region must be hardcoded to an AWS allowed region in order for this resource block to work.
-    endpoint = "us-southeast-1.linodeobjects.com"       # e.g. us-east-1.linodeobjects.com
+    endpoint                    = "us-southeast-1.linodeobjects.com" # e.g. us-east-1.linodeobjects.com
-    skip_credentials_validation = true                  # Terraform will ask AWS about credential validation instead of Linode if this is enabled.
+    skip_credentials_validation = true                               # Terraform will ask AWS about credential validation instead of Linode if this is enabled.
  }
 }
--- a/terraform/firewall.tf
+++ b/terraform/firewall.tf
@ -1,63 +1,63 @@
 resource "linode_firewall_device" "site-firewall-vms" {
-    count = length(var.app_servers)
+  count       = length(var.app_servers)
-    firewall_id = linode_firewall.site-firewall.id
+  firewall_id = linode_firewall.site-firewall.id
-    entity_id = "${element(linode_instance.site-vm.*.id, count.index)}"
+  entity_id   = element(linode_instance.site-vm.*.id, count.index)
 }
 resource "linode_firewall" "site-firewall" {
-    label = "site-firewall"
+  label = "site-firewall"
-    tags = [
+  tags = [
-        "${var.site}-firewall"
+    "${var.site}-firewall"
-    ]
+  ]
-
+
-    inbound_policy = "DROP"
+  inbound_policy  = "DROP"
-    outbound_policy = "ACCEPT"
+  outbound_policy = "ACCEPT"
-
+
-    inbound {
+  inbound {
-        label = "inbound-http"
+    label    = "inbound-http"
-        protocol = "TCP"
+    protocol = "TCP"
-        action   = "ACCEPT"
+    action   = "ACCEPT"
-        ports = "80"
+    ports    = "80"
-        ipv4 = ["0.0.0.0/0"]
+    ipv4     = ["0.0.0.0/0"]
-    }
+  }
-
+
-    outbound {
+  outbound {
-        label = "outbound-http"
+    label    = "outbound-http"
-        protocol = "TCP"
+    protocol = "TCP"
-        action   = "ACCEPT"
+    action   = "ACCEPT"
-        ports = "80"
+    ports    = "80"
-        ipv4 = ["0.0.0.0/0"]
+    ipv4     = ["0.0.0.0/0"]
-    }
+  }
-
+
-    inbound {
+  inbound {
-        label = "inbound-https"
+    label    = "inbound-https"
-        protocol = "TCP"
+    protocol = "TCP"
-        action   = "ACCEPT"
+    action   = "ACCEPT"
-        ports = "443"
+    ports    = "443"
-        ipv4 = ["0.0.0.0/0"]
+    ipv4     = ["0.0.0.0/0"]
-    }
+  }
-
+
-    outbound {
+  outbound {
-        label = "outbound-https"
+    label    = "outbound-https"
-        protocol = "TCP"
+    protocol = "TCP"
-        action   = "ACCEPT"
+    action   = "ACCEPT"
-        ports = "443"
+    ports    = "443"
-        ipv4 = ["0.0.0.0/0"]
+    ipv4     = ["0.0.0.0/0"]
-    }
+  }
-
+
-    inbound {
+  inbound {
-        label = "inbound-ssh-22"
+    label    = "inbound-ssh-22"
-        protocol = "TCP"
+    protocol = "TCP"
-        action   = "ACCEPT"
+    action   = "ACCEPT"
-        ports = "22"
+    ports    = "22"
-        ipv4 = ["0.0.0.0/0"]
+    ipv4     = ["0.0.0.0/0"]
-    }
+  }
-
+
-    inbound {
+  inbound {
-        label = "inbound-ssh-8822"
+    label    = "inbound-ssh-8822"
-        protocol = "TCP"
+    protocol = "TCP"
-        action   = "ACCEPT"
+    action   = "ACCEPT"
-        ports = "8822"
+    ports    = "8822"
-        ipv4 = ["0.0.0.0/0"]
+    ipv4     = ["0.0.0.0/0"]
-    }
+  }
 }
--- a/terraform/node-balancer.tf
+++ b/terraform/node-balancer.tf
@ -1,55 +1,55 @@
 resource "linode_nodebalancer" "site-nodebalancer" {
-    label = "site-nodebalancer"
+  label  = "site-nodebalancer"
-    region = var.region
+  region = var.region
-    tags = [
+  tags = [
-        "${var.site}-nodebalancer"
+    "${var.site}-nodebalancer"
-    ]
+  ]
 }
 resource "linode_nodebalancer_config" "site-nodebalancer-config-http" {
-    nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
+  nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
-    port = 80
+  port            = 80
-    protocol = "tcp"
+  protocol        = "tcp"
-    check = "connection"
+  check           = "connection"
-    check_path = "/"
+  check_path      = "/"
-    check_attempts = 3
+  check_attempts  = 3
-    check_timeout = 25
+  check_timeout   = 25
-    check_interval = 30
+  check_interval  = 30
-    stickiness = "none"
+  stickiness      = "none"
-    algorithm = "leastconn"
+  algorithm       = "leastconn"
 }
 resource "linode_nodebalancer_config" "site-nodebalancer-config-https" {
-    nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
+  nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
-    port = 443
+  port            = 443
-    protocol = "tcp"
+  protocol        = "tcp"
-    check = "connection"
+  check           = "connection"
-    check_path = "/"
+  check_path      = "/"
-    check_attempts = 3
+  check_attempts  = 3
-    check_timeout = 25
+  check_timeout   = 25
-    check_interval = 30
+  check_interval  = 30
-    stickiness = "none"
+  stickiness      = "none"
-    algorithm = "leastconn"
+  algorithm       = "leastconn"
 }
 resource "linode_nodebalancer_node" "site-nodebalancer-nodes-http" {
-    count = length(var.app_servers)
+  count           = length(var.app_servers)
-    nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
+  nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
-    config_id = linode_nodebalancer_config.site-nodebalancer-config-http.id
+  config_id       = linode_nodebalancer_config.site-nodebalancer-config-http.id
-    label = "app${count.index}"
+  label           = "app${count.index}"
-    address = "${element(linode_instance.site-vm.*.private_ip_address, count.index)}:80"
+  address         = "${element(linode_instance.site-vm.*.private_ip_address, count.index)}:80"
-    mode = "accept"
+  mode            = "accept"
 }
 resource "linode_nodebalancer_node" "site-nodebalancer-nodes-https" {
-    count = length(var.app_servers)
+  count           = length(var.app_servers)
-    nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
+  nodebalancer_id = linode_nodebalancer.site-nodebalancer.id
-    config_id = linode_nodebalancer_config.site-nodebalancer-config-https.id
+  config_id       = linode_nodebalancer_config.site-nodebalancer-config-https.id
-    label = "app${count.index}"
+  label           = "app${count.index}"
-    address = "${element(linode_instance.site-vm.*.private_ip_address, count.index)}:443"
+  address         = "${element(linode_instance.site-vm.*.private_ip_address, count.index)}:443"
-    mode = "accept"
+  mode            = "accept"
 }
 output "nodebalancer_ip_address" {
-    value = linode_nodebalancer.site-nodebalancer.ipv4
+  value = linode_nodebalancer.site-nodebalancer.ipv4
 }
--- a/terraform/provider.tf
+++ b/terraform/provider.tf
@ -1,7 +1,7 @@
 terraform {
  required_providers {
    linode = {
-      source = "linode/linode"
+      source  = "linode/linode"
      version = "1.25.2"
    }
  }
@ -12,6 +12,6 @@ provider "linode" {
 }
 resource "linode_sshkey" "main_key" {
-  label = "ssh_key"
+  label   = "ssh_key"
  ssh_key = chomp(file(var.ssh_key))
 }
--- a/terraform/site-vm.tf
+++ b/terraform/site-vm.tf
@ -1,18 +1,18 @@
 resource "linode_instance" "site-vm" {
-    count = length(var.app_servers)
+  count = length(var.app_servers)
-    label = "${var.site}-app${count.index}"
+  label = "${var.site}-app${count.index}"
-    tags = [
+  tags = [
-      "${var.site}-app${count.index}"
+    "${var.site}-app${count.index}"
-    ]
+  ]
-    region = var.region
+  region     = var.region
-    private_ip = true
+  private_ip = true
-    type = var.app_servers[count.index].type
+  type       = var.app_servers[count.index].type
-    image = var.app_servers[count.index].image
+  image      = var.app_servers[count.index].image
-    authorized_keys = [
+  authorized_keys = [
-      linode_sshkey.main_key.ssh_key
+    linode_sshkey.main_key.ssh_key
-    ]
+  ]
 }
 output "linode_instance_ip_address" {
-    value = linode_instance.site-vm.*.ipv4
+  value = linode_instance.site-vm.*.ipv4
 }
--- a/terraform/site.auto.tfvars
+++ b/terraform/site.auto.tfvars
@ -1,18 +1,18 @@
-site = "example.com"
+site        = "example.com"
-region = "us-southeast"
+region      = "us-southeast"
 environment = "production"
 app_servers = [
-    {
+  {
-        type = "g6-nanode-1"
+    type  = "g6-nanode-1"
-        image = "linode/ubuntu20.04"
+    image = "linode/ubuntu20.04"
-    },
+  },
-    {
+  {
-        type = "g6-nanode-1"
+    type  = "g6-nanode-1"
-        image = "linode/ubuntu20.04"
+    image = "linode/ubuntu20.04"
-    }
+  }
 ]
 bastion_server = {
-    type = "g6-nanode-1"
+  type  = "g6-nanode-1"
-    image = "linode/ubuntu20.04"
+  image = "linode/ubuntu20.04"
 }
 ssh_key = "~/.ssh/id_rsa.pub"
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@ -1,39 +1,39 @@
 variable "token" {
-    description = "API token of the Linode Account"
+  description = "API token of the Linode Account"
-    type = string
+  type        = string
 }
 variable "site" {
-    description = "FQDN of the static site"
+  description = "FQDN of the static site"
-    type = string
+  type        = string
 }
 variable "environment" {
-    description = "Environment of the infrastructure (staging/production/dev/etc..)"
+  description = "Environment of the infrastructure (staging/production/dev/etc..)"
-    type = string
+  type        = string
 }
 variable "region" {
-    description = "Region to host the infrastructure"
+  description = "Region to host the infrastructure"
-    type = string
+  type        = string
 }
 variable "root_pass" {
-    description = "The root password for the bastion instance."
+  description = "The root password for the bastion instance."
-    default = "default-root-password"
+  default     = "default-root-password"
-    type = string
+  type        = string
-    sensitive = true
+  sensitive   = true
 }
 variable "ssh_key" {
-    description = "Filepath of id_rsa.pub for root access to VMs."
+  description = "Filepath of id_rsa.pub for root access to VMs."
 }
 variable "app_servers" {
-    description = "Details describing the vm instances for the app"
+  description = "Details describing the vm instances for the app"
-    type = list
+  type        = list(any)
 }
 variable "bastion_server" {
-    description = "Details describing the bastion instance."
+  description = "Details describing the bastion instance."
-    type = map
+  type        = map(any)
 }