From fd91886c2cd54870a28a9d82210db54cccc7ebd3 Mon Sep 17 00:00:00 2001 From: Alex Snast Date: Thu, 8 Aug 2019 06:52:56 -0700 Subject: [PATCH] adding docs tf deployment Reviewed By: a8m Differential Revision: D16709221 fbshipit-source-id: fb946974eb13319c1c30597ecadc93d76056761e --- doc/Dockerfile | 0 doc/docker-compose.yml | 0 doc/tf/.gitignore | 34 ++++++++++++++++++++++++++++++++++ doc/tf/bucket.tf | 38 ++++++++++++++++++++++++++++++++++++++ doc/tf/main.tf | 8 ++++++++ doc/tf/providers.tf | 4 ++++ 6 files changed, 84 insertions(+) mode change 100755 => 100644 doc/Dockerfile mode change 100755 => 100644 doc/docker-compose.yml create mode 100644 doc/tf/.gitignore create mode 100644 doc/tf/bucket.tf create mode 100644 doc/tf/main.tf create mode 100644 doc/tf/providers.tf diff --git a/doc/Dockerfile b/doc/Dockerfile old mode 100755 new mode 100644 diff --git a/doc/docker-compose.yml b/doc/docker-compose.yml old mode 100755 new mode 100644 diff --git a/doc/tf/.gitignore b/doc/tf/.gitignore new file mode 100644 index 000000000..ffdcd5522 --- /dev/null +++ b/doc/tf/.gitignore @@ -0,0 +1,34 @@ +# Created by https://www.gitignore.io/api/terraform +# Edit at https://www.gitignore.io/?templates=terraform + +### Terraform ### +# Local .terraform directories +**/.terraform/* + +# .tfstate files +*.tfstate +*.tfstate.* + +# Crash log files +crash.log + +# Ignore any .tfvars files that are generated automatically for each Terraform run. Most +# .tfvars files are managed as part of configuration and so should be included in +# version control. +# +# example.tfvars + +# Ignore override files as they are usually used to override resources locally and so +# are not checked in +override.tf +override.tf.json +*_override.tf +*_override.tf.json + +# Include override files you do wish to add to version control using negated pattern +# !example_override.tf + +# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan +# example: *tfplan* + +# End of https://www.gitignore.io/api/terraform diff --git a/doc/tf/bucket.tf b/doc/tf/bucket.tf new file mode 100644 index 000000000..1d3f32d14 --- /dev/null +++ b/doc/tf/bucket.tf @@ -0,0 +1,38 @@ +resource "aws_s3_bucket" "website" { + bucket = "entgo.io" + acl = "public-read" + + server_side_encryption_configuration { + rule { + apply_server_side_encryption_by_default { + sse_algorithm = "AES256" + } + } + } + + versioning { + enabled = true + } +} + +data "aws_iam_policy_document" "website" { + statement { + actions = [ + "s3:GetObject", + ] + + resources = [ + format("%s/*", aws_s3_bucket.website.arn) + ] + + principals { + identifiers = ["*"] + type = "AWS" + } + } +} + +resource "aws_s3_bucket_policy" "website" { + bucket = aws_s3_bucket.website.id + policy = data.aws_iam_policy_document.website.json +} \ No newline at end of file diff --git a/doc/tf/main.tf b/doc/tf/main.tf new file mode 100644 index 000000000..4c0437643 --- /dev/null +++ b/doc/tf/main.tf @@ -0,0 +1,8 @@ +terraform { + backend "s3" { + bucket = "entgo.tfstate" + region = "eu-central-1" + key = "terraform.tfstate" + dynamodb_table = "entgo.terraform.lock" + } +} diff --git a/doc/tf/providers.tf b/doc/tf/providers.tf new file mode 100644 index 000000000..a4922bc8f --- /dev/null +++ b/doc/tf/providers.tf @@ -0,0 +1,4 @@ +provider "aws" { + region = "eu-central-1" + version = "~> 2.0" +}