terraformdsl 0.0.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/.gitignore +8 -0
- data/.travis.yml +7 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +21 -0
- data/README.md +370 -0
- data/Rakefile +10 -0
- data/bin/console +14 -0
- data/bin/setup +8 -0
- data/examples/Rakefile +42 -0
- data/examples/aws-infra.rb +204 -0
- data/examples/aws-infra.tf +472 -0
- data/examples/terraform.tfvars +4 -0
- data/lib/terraformdsl.rb +8 -0
- data/lib/terraformdsl/aws.rb +1072 -0
- data/lib/terraformdsl/common.rb +112 -0
- data/lib/terraformdsl/version.rb +5 -0
- data/terraformdsl.gemspec +30 -0
- metadata +103 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: cac188fd315648a60e2be39f4c535d6fc3f7aee5e5b826255a6d9ed153644165
|
4
|
+
data.tar.gz: c62c572f5c28893028df300968007b5259484adce6ee5a48b43b971542de87bf
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 5cef917f057abdcf7a8dffdb92834a88587ffa283ddd240039bdaa6bf1910970124da31e88eaec7121455229c24c021d4fa7055aa4382d75f23cb90ba61c9267
|
7
|
+
data.tar.gz: 423b2be57b3cb2f6ec739c358dae2e4d4cd5c24b2dad072a46ca420d25b00b51c13f344165767e8ad7501da43f7d22ba6054aa9f573f253f5d3a6cc50ee7e34b
|
data/.gitignore
ADDED
data/.travis.yml
ADDED
data/Gemfile
ADDED
data/LICENSE.txt
ADDED
@@ -0,0 +1,21 @@
|
|
1
|
+
The MIT License (MIT)
|
2
|
+
|
3
|
+
Copyright (c) 2019 Kauplan Agency
|
4
|
+
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
7
|
+
in the Software without restriction, including without limitation the rights
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
10
|
+
furnished to do so, subject to the following conditions:
|
11
|
+
|
12
|
+
The above copyright notice and this permission notice shall be included in
|
13
|
+
all copies or substantial portions of the Software.
|
14
|
+
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
21
|
+
THE SOFTWARE.
|
data/README.md
ADDED
@@ -0,0 +1,370 @@
|
|
1
|
+
# Terraformdsl.rb README
|
2
|
+
|
3
|
+
Overview
|
4
|
+
--------
|
5
|
+
|
6
|
+
Terraformdsl.rb is a DSL library to generate *.tf files of Terraform.
|
7
|
+
|
8
|
+
See 'examples/' directory for examples.
|
9
|
+
|
10
|
+
|
11
|
+
Installation
|
12
|
+
------------
|
13
|
+
|
14
|
+
Add this line to your application's Gemfile:
|
15
|
+
|
16
|
+
```ruby
|
17
|
+
gem 'terraformdsl'
|
18
|
+
```
|
19
|
+
|
20
|
+
And then execute:
|
21
|
+
|
22
|
+
$ bundle
|
23
|
+
|
24
|
+
Or install it yourself as:
|
25
|
+
|
26
|
+
$ gem install terraformdsl
|
27
|
+
|
28
|
+
|
29
|
+
Examples
|
30
|
+
--------
|
31
|
+
|
32
|
+
See 'examples/' directory for practical examples.
|
33
|
+
|
34
|
+
myproj-infra.rb:
|
35
|
+
|
36
|
+
```ruby
|
37
|
+
require 'terraformdsl/aws'
|
38
|
+
|
39
|
+
region = ENV['AWS_DEFAULT_REGION']
|
40
|
+
prefix = "myproj"
|
41
|
+
vpc = nil
|
42
|
+
public_dns_records = []
|
43
|
+
private_dns_records = []
|
44
|
+
|
45
|
+
output = TerraformDSL::Outputs.new
|
46
|
+
var = TerraformDSL::Variables.new
|
47
|
+
var.define :base_domain , "ex: example.com"
|
48
|
+
var.define :office_ip , "ex: 123.123.123.123"
|
49
|
+
|
50
|
+
aws_infra = TerraformDSL::AWS.infra()
|
51
|
+
aws_infra.region(region) {
|
52
|
+
|
53
|
+
## Availability Zone
|
54
|
+
az_a = AZ("#{region}a") # ex: 'ap-east-1a'
|
55
|
+
az_b = AZ("#{region}b") # ex: 'ap-east-1b'
|
56
|
+
az_c = AZ("#{region}c") # ex: 'ap-east-1c'
|
57
|
+
az_d = AZ("#{region}d") # ex: 'ap-east-1d'
|
58
|
+
|
59
|
+
## AMI
|
60
|
+
ubuntu_ami = AMI('ubuntu18lts', "099720109477",
|
61
|
+
"ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20190212.1"
|
62
|
+
)
|
63
|
+
|
64
|
+
## VPC
|
65
|
+
vpc = VPC("#{prefix}-vpc", "10.0.0.0/16") {|vpc|
|
66
|
+
sshkey_name = "#{prefix}-ubuntu"
|
67
|
+
|
68
|
+
### Internet Gateway
|
69
|
+
gateway = InternetGateway("#{prefix}-gateway")
|
70
|
+
|
71
|
+
## Route Table
|
72
|
+
public_rt = RouteTable("#{prefix}-public-routing") {
|
73
|
+
Route(nil, gateway: gateway)
|
74
|
+
}
|
75
|
+
private_rt = RouteTable("#{prefix}-private-routing") {
|
76
|
+
#Route(nil, gateway: gateway)
|
77
|
+
}
|
78
|
+
|
79
|
+
### Subnet
|
80
|
+
public_a = Subnet("#{prefix}-public-a" , "10.0.1.0/24" , az_a, public_rt)
|
81
|
+
public_b = Subnet("#{prefix}-public-b" , "10.0.2.0/24" , az_b, public_rt)
|
82
|
+
private_a = Subnet("#{prefix}-private-a", "10.0.11.0/24", az_a, private_rt)
|
83
|
+
private_b = Subnet("#{prefix}-private-b", "10.0.12.0/24", az_b, private_rt)
|
84
|
+
|
85
|
+
## Security Group
|
86
|
+
public_secgrp = SecurityGroup("#{prefix}-public-secgrp", "allows http,https") {
|
87
|
+
Ingress(:any , 0, :self)
|
88
|
+
Ingress(:tcp , 22, "#{var.office_ip}/32")
|
89
|
+
Ingress(:tcp , 80, nil)
|
90
|
+
Ingress(:tcp , 443, nil)
|
91
|
+
Ingress(:icmp, nil, vpc.cidr)
|
92
|
+
Egress( :any , 0, nil)
|
93
|
+
}
|
94
|
+
|
95
|
+
### EC2 and EIP
|
96
|
+
let public_a, public_secgrp, ubuntu_ami, sshkey_name do
|
97
|
+
|sn, sg, ami, kn|
|
98
|
+
www_ec2 = EC2("#{prefix}-www-ec2" , "t3.micro", ami, sn, sg, kn)
|
99
|
+
www_ip = EIP("#{prefix}-www-ip" , www_ec2)
|
100
|
+
public_dns_records << [:A, "www" , www_ip]
|
101
|
+
private_dns_records << [:A, "www" , www_ec2]
|
102
|
+
output[:www_ip] = www_ip.attr(:public_ip)
|
103
|
+
end
|
104
|
+
|
105
|
+
}#vpc
|
106
|
+
|
107
|
+
}#region
|
108
|
+
|
109
|
+
|
110
|
+
aws_infra.global {
|
111
|
+
|
112
|
+
## DNS
|
113
|
+
Route53() {
|
114
|
+
|
115
|
+
Zone("public-dns", var.base_domain) {
|
116
|
+
public_dns_records.each do |type, name, value|
|
117
|
+
Record(type, name, value)
|
118
|
+
end
|
119
|
+
}
|
120
|
+
|
121
|
+
PrivateZone("private-dns", "internal", vpc) {
|
122
|
+
private_dns_records.each do |type, name, value|
|
123
|
+
Record(type, name, value)
|
124
|
+
end
|
125
|
+
}
|
126
|
+
|
127
|
+
}
|
128
|
+
|
129
|
+
}
|
130
|
+
|
131
|
+
|
132
|
+
if __FILE__ == $0
|
133
|
+
puts var.generate_tf()
|
134
|
+
puts aws_infra.generate_tf()
|
135
|
+
puts output.generate_tf()
|
136
|
+
end
|
137
|
+
```
|
138
|
+
|
139
|
+
Generate *.tf file:
|
140
|
+
|
141
|
+
```terminal
|
142
|
+
$ ruby myproj-infra.rb > myproj-infra.tf
|
143
|
+
```
|
144
|
+
|
145
|
+
myproj-infra.tf (genareated)
|
146
|
+
|
147
|
+
```terraform
|
148
|
+
variable "base_domain" {
|
149
|
+
description = "ex: example.com"
|
150
|
+
}
|
151
|
+
variable "office_ip" {
|
152
|
+
description = "ex: 123.123.123.123"
|
153
|
+
}
|
154
|
+
|
155
|
+
provider "aws" {
|
156
|
+
#access_key = "${var.access_key}"
|
157
|
+
#secret_key = "${var.secret_key}"
|
158
|
+
region = "us-east-1"
|
159
|
+
}
|
160
|
+
|
161
|
+
data "aws_ami" "ubuntu18lts" {
|
162
|
+
most_recent = true
|
163
|
+
owners = ["099720109477"]
|
164
|
+
filter {
|
165
|
+
name = "name"
|
166
|
+
values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-20190212.1"]
|
167
|
+
}
|
168
|
+
}
|
169
|
+
|
170
|
+
resource "aws_vpc" "myproj-vpc" {
|
171
|
+
cidr_block = "10.0.0.0/16"
|
172
|
+
enable_dns_support = true
|
173
|
+
enable_dns_hostnames = true
|
174
|
+
tags {
|
175
|
+
Name = "myproj-vpc"
|
176
|
+
}
|
177
|
+
}
|
178
|
+
|
179
|
+
resource "aws_internet_gateway" "myproj-gateway" {
|
180
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
181
|
+
tags {
|
182
|
+
Name = "myproj-gateway"
|
183
|
+
}
|
184
|
+
}
|
185
|
+
|
186
|
+
resource "aws_route_table" "myproj-public-routing" {
|
187
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
188
|
+
tags {
|
189
|
+
Name = "myproj-public-routing"
|
190
|
+
}
|
191
|
+
route {
|
192
|
+
cidr_block = "0.0.0.0/0"
|
193
|
+
gateway_id = "${aws_internet_gateway.myproj-gateway.id}"
|
194
|
+
}
|
195
|
+
}
|
196
|
+
|
197
|
+
resource "aws_route_table" "myproj-private-routing" {
|
198
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
199
|
+
tags {
|
200
|
+
Name = "myproj-private-routing"
|
201
|
+
}
|
202
|
+
}
|
203
|
+
|
204
|
+
resource "aws_subnet" "myproj-public-a" {
|
205
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
206
|
+
availability_zone = "us-east-1a"
|
207
|
+
cidr_block = "10.0.1.0/24"
|
208
|
+
tags {
|
209
|
+
Name = "myproj-public-a"
|
210
|
+
}
|
211
|
+
}
|
212
|
+
|
213
|
+
resource "aws_route_table_association" "myproj-public-routing-myproj-public-a" {
|
214
|
+
route_table_id = "${aws_route_table.myproj-public-routing.id}"
|
215
|
+
subnet_id = "${aws_subnet.myproj-public-a.id}"
|
216
|
+
}
|
217
|
+
|
218
|
+
resource "aws_subnet" "myproj-public-b" {
|
219
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
220
|
+
availability_zone = "us-east-1b"
|
221
|
+
cidr_block = "10.0.2.0/24"
|
222
|
+
tags {
|
223
|
+
Name = "myproj-public-b"
|
224
|
+
}
|
225
|
+
}
|
226
|
+
|
227
|
+
resource "aws_route_table_association" "myproj-public-routing-myproj-public-b" {
|
228
|
+
route_table_id = "${aws_route_table.myproj-public-routing.id}"
|
229
|
+
subnet_id = "${aws_subnet.myproj-public-b.id}"
|
230
|
+
}
|
231
|
+
|
232
|
+
resource "aws_subnet" "myproj-private-a" {
|
233
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
234
|
+
availability_zone = "us-east-1a"
|
235
|
+
cidr_block = "10.0.11.0/24"
|
236
|
+
tags {
|
237
|
+
Name = "myproj-private-a"
|
238
|
+
}
|
239
|
+
}
|
240
|
+
|
241
|
+
resource "aws_route_table_association" "myproj-private-routing-myproj-private-a" {
|
242
|
+
route_table_id = "${aws_route_table.myproj-private-routing.id}"
|
243
|
+
subnet_id = "${aws_subnet.myproj-private-a.id}"
|
244
|
+
}
|
245
|
+
|
246
|
+
resource "aws_subnet" "myproj-private-b" {
|
247
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
248
|
+
availability_zone = "us-east-1b"
|
249
|
+
cidr_block = "10.0.12.0/24"
|
250
|
+
tags {
|
251
|
+
Name = "myproj-private-b"
|
252
|
+
}
|
253
|
+
}
|
254
|
+
|
255
|
+
resource "aws_route_table_association" "myproj-private-routing-myproj-private-b" {
|
256
|
+
route_table_id = "${aws_route_table.myproj-private-routing.id}"
|
257
|
+
subnet_id = "${aws_subnet.myproj-private-b.id}"
|
258
|
+
}
|
259
|
+
|
260
|
+
resource "aws_security_group" "myproj-public-secgrp" {
|
261
|
+
name = "myproj-public-secgrp"
|
262
|
+
description = "allows http,https"
|
263
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
264
|
+
tags {
|
265
|
+
Name = "myproj-public-secgrp"
|
266
|
+
}
|
267
|
+
ingress {
|
268
|
+
from_port = "0"
|
269
|
+
to_port = "0"
|
270
|
+
protocol = "-1"
|
271
|
+
self = true
|
272
|
+
}
|
273
|
+
ingress {
|
274
|
+
from_port = "22"
|
275
|
+
to_port = "22"
|
276
|
+
protocol = "tcp"
|
277
|
+
cidr_blocks = ["${var.office_ip}/32"]
|
278
|
+
}
|
279
|
+
ingress {
|
280
|
+
from_port = "80"
|
281
|
+
to_port = "80"
|
282
|
+
protocol = "tcp"
|
283
|
+
cidr_blocks = ["0.0.0.0/0"]
|
284
|
+
}
|
285
|
+
ingress {
|
286
|
+
from_port = "443"
|
287
|
+
to_port = "443"
|
288
|
+
protocol = "tcp"
|
289
|
+
cidr_blocks = ["0.0.0.0/0"]
|
290
|
+
}
|
291
|
+
ingress {
|
292
|
+
from_port = "-1"
|
293
|
+
to_port = "-1"
|
294
|
+
protocol = "icmp"
|
295
|
+
cidr_blocks = ["10.0.0.0/16"]
|
296
|
+
}
|
297
|
+
egress {
|
298
|
+
from_port = "0"
|
299
|
+
to_port = "0"
|
300
|
+
protocol = "-1"
|
301
|
+
cidr_blocks = ["0.0.0.0/0"]
|
302
|
+
}
|
303
|
+
}
|
304
|
+
|
305
|
+
resource "aws_instance" "myproj-www-ec2" {
|
306
|
+
instance_type = "t3.micro"
|
307
|
+
ami = "${data.aws_ami.ubuntu18lts.image_id}"
|
308
|
+
subnet_id = "${aws_subnet.myproj-public-a.id}"
|
309
|
+
vpc_security_group_ids = ["${aws_security_group.myproj-public-secgrp.id}"]
|
310
|
+
key_name = "myproj-ubuntu"
|
311
|
+
credit_specification {
|
312
|
+
cpu_credits = "unlimited"
|
313
|
+
}
|
314
|
+
tags {
|
315
|
+
Name = "myproj-www-ec2"
|
316
|
+
}
|
317
|
+
}
|
318
|
+
|
319
|
+
resource "aws_eip" "myproj-www-ip" {
|
320
|
+
vpc = true
|
321
|
+
instance = "${aws_instance.myproj-www-ec2.id}"
|
322
|
+
tags {
|
323
|
+
Name = "myproj-www-ip"
|
324
|
+
}
|
325
|
+
}
|
326
|
+
|
327
|
+
resource "aws_route53_zone" "public-dns" {
|
328
|
+
name = "${var.base_domain}"
|
329
|
+
tags {
|
330
|
+
Name = "public-dns"
|
331
|
+
}
|
332
|
+
}
|
333
|
+
|
334
|
+
resource "aws_route53_record" "public-dns-www-A" {
|
335
|
+
zone_id = "${aws_route53_zone.public-dns.zone_id}"
|
336
|
+
type = "A"
|
337
|
+
name = "www"
|
338
|
+
ttl = "5"
|
339
|
+
records = ["${aws_eip.myproj-www-ip.public_ip}"]
|
340
|
+
}
|
341
|
+
|
342
|
+
resource "aws_route53_zone" "private-dns" {
|
343
|
+
name = "internal"
|
344
|
+
vpc {
|
345
|
+
vpc_id = "${aws_vpc.myproj-vpc.id}"
|
346
|
+
}
|
347
|
+
tags {
|
348
|
+
Name = "private-dns"
|
349
|
+
}
|
350
|
+
}
|
351
|
+
|
352
|
+
resource "aws_route53_record" "private-dns-www-A" {
|
353
|
+
zone_id = "${aws_route53_zone.private-dns.zone_id}"
|
354
|
+
type = "A"
|
355
|
+
name = "www"
|
356
|
+
ttl = "5"
|
357
|
+
records = ["${aws_instance.myproj-www-ec2.private_ip}"]
|
358
|
+
}
|
359
|
+
|
360
|
+
output "www_ip" {
|
361
|
+
value = "${aws_eip.myproj-www-ip.public_ip}"
|
362
|
+
}
|
363
|
+
|
364
|
+
```
|
365
|
+
|
366
|
+
|
367
|
+
License
|
368
|
+
-------
|
369
|
+
|
370
|
+
MIT License
|
data/Rakefile
ADDED
data/bin/console
ADDED
@@ -0,0 +1,14 @@
|
|
1
|
+
#!/usr/bin/env ruby
|
2
|
+
|
3
|
+
require "bundler/setup"
|
4
|
+
require "terraformdsl"
|
5
|
+
|
6
|
+
# You can add fixtures and/or initialization code here to make experimenting
|
7
|
+
# with your gem easier. You can also use a different console, if you like.
|
8
|
+
|
9
|
+
# (If you use this, don't forget to add pry to your Gemfile!)
|
10
|
+
# require "pry"
|
11
|
+
# Pry.start
|
12
|
+
|
13
|
+
require "irb"
|
14
|
+
IRB.start(__FILE__)
|