adding docs tf deployment

Reviewed By: a8m Differential Revision: D16709221 fbshipit-source-id: fb946974eb13319c1c30597ecadc93d76056761e
2026-05-24 09:31:56 +03:00 · 2019-08-08 06:52:56 -07:00
parent be1d86b3b3
commit fd91886c2c
6 changed files with 84 additions and 0 deletions
--- a/doc/tf/.gitignore
+++ b/doc/tf/.gitignore
@@ -0,0 +1,34 @@
+# Created by https://www.gitignore.io/api/terraform
+# Edit at https://www.gitignore.io/?templates=terraform
+
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# End of https://www.gitignore.io/api/terraform
--- a/doc/tf/bucket.tf
+++ b/doc/tf/bucket.tf
@@ -0,0 +1,38 @@
+resource "aws_s3_bucket" "website" {
+  bucket = "entgo.io"
+  acl    = "public-read"
+
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
+
+  versioning {
+    enabled = true
+  }
+}
+
+data "aws_iam_policy_document" "website" {
+  statement {
+    actions = [
+      "s3:GetObject",
+    ]
+
+    resources = [
+      format("%s/*", aws_s3_bucket.website.arn)
+    ]
+
+    principals {
+      identifiers = ["*"]
+      type        = "AWS"
+    }
+  }
+}
+
+resource "aws_s3_bucket_policy" "website" {
+  bucket = aws_s3_bucket.website.id
+  policy = data.aws_iam_policy_document.website.json
+}
--- a/doc/tf/main.tf
+++ b/doc/tf/main.tf
@@ -0,0 +1,8 @@
+terraform {
+  backend "s3" {
+    bucket         = "entgo.tfstate"
+    region         = "eu-central-1"
+    key            = "terraform.tfstate"
+    dynamodb_table = "entgo.terraform.lock"
+  }
+}
--- a/doc/tf/providers.tf
+++ b/doc/tf/providers.tf
@@ -0,0 +1,4 @@
+provider "aws" {
+  region  = "eu-central-1"
+  version = "~> 2.0"
+}