Skip to content

Commit

Permalink
Merge branch 'main' into chore/update-private-demo
Browse files Browse the repository at this point in the history
  • Loading branch information
klejejs authored Dec 6, 2024
2 parents 5d8590e + abf6980 commit 6356b21
Show file tree
Hide file tree
Showing 28 changed files with 348 additions and 68 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4.1.7
uses: actions/checkout@v4.2.2

- name: Setup Terraform
uses: hashicorp/[email protected]
Expand Down
4 changes: 3 additions & 1 deletion .modules/service/module.tf
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
data "tfe_outputs" "infrastructure" {
organization = "home_assistant"
workspace = "infrastructure"
}
}

data "aws_region" "current" {}
6 changes: 3 additions & 3 deletions .modules/service/policy.tf
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ data "aws_iam_policy_document" "ecs-role-policy" {
}

resource "aws_iam_role" "ecs-execution" {
name = "${var.service_name}-ExecutionRole-role"
name = "${var.service_name}-${data.aws_region.current.name}-ExecutionRole-role"
assume_role_policy = data.aws_iam_policy_document.ecs-role-policy.json
}

Expand Down Expand Up @@ -46,11 +46,11 @@ data "aws_iam_policy_document" "task-assume-role" {
}

resource "aws_iam_role" "task-execution" {
name = "${var.service_name}-TaskRole-role"
name = "${var.service_name}-${data.aws_region.current.name}-TaskRole-role"
assume_role_policy = data.aws_iam_policy_document.task-assume-role.json
}

resource "aws_iam_role_policy" "task-role" {
policy = data.aws_iam_policy_document.task-policy.json
role = aws_iam_role.task-execution.id
}
}
3 changes: 2 additions & 1 deletion assist/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,12 @@ terraform {
}
}

required_version = "= 1.9.8"

required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 4"
version = "~> 4.0"
}
}
}
46 changes: 0 additions & 46 deletions cas_validator/main.tf

This file was deleted.

4 changes: 0 additions & 4 deletions cas_validator/variables.tf

This file was deleted.

2 changes: 1 addition & 1 deletion community/dns.tf
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ data "cloudflare_zone" "dns_zone" {
resource "cloudflare_record" "community" {
zone_id = data.cloudflare_zone.dns_zone.id
name = "community"
value = aws_eip.discourse.public_ip
content = aws_eip.discourse.public_ip
type = "A"
proxied = true
}
2 changes: 1 addition & 1 deletion community/ec2.tf
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,5 @@ resource "aws_instance" "discourse" {

resource "aws_eip" "discourse" {
instance = aws_instance.discourse.id
vpc = true
domain = "vpc"
}
6 changes: 4 additions & 2 deletions community/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,15 +7,17 @@ terraform {
}
}

required_version = "= 1.9.8"

required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
version = "~> 5.0"
}

cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion infrastructure/certificate.tf
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ resource "cloudflare_record" "dns_instance_validation" {

zone_id = data.cloudflare_zone.dns_zone.id
name = each.value.name
value = trimsuffix(each.value.record, ".")
content = trimsuffix(each.value.record, ".")
type = each.value.type
ttl = 1
proxied = false
Expand Down
2 changes: 1 addition & 1 deletion infrastructure/region/network.tf
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ resource "aws_route_table" "public" {
resource "aws_eip" "nat" {
count = 2

vpc = true
domain = "vpc"

tags = {
Region = data.aws_region.current.name
Expand Down
7 changes: 4 additions & 3 deletions infrastructure/versions.tf
Original file line number Diff line number Diff line change
@@ -1,14 +1,15 @@
terraform {
required_version = "= 1.7.5"
required_version = "= 1.9.8"

required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 4.0"
version = "~> 5.0"
}

cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
5 changes: 5 additions & 0 deletions ohf-public-assets/bucket.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
resource "cloudflare_r2_bucket" "ohf_public_assets" {
account_id = var.CLOUDFLARE_ACCOUNT_ID
name = "ohf-public-assets"
location = "ENAM"
}
18 changes: 18 additions & 0 deletions ohf-public-assets/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
terraform {
cloud {
organization = "home_assistant"

workspaces {
name = "ohf-public-assets"
}
}

required_version = "= 1.10.0"

required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 4.0"
}
}
}
4 changes: 4 additions & 0 deletions ohf-public-assets/variables.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
variable "CLOUDFLARE_ACCOUNT_ID" {
description = "Cloudflare Account Id"
type = string
}
3 changes: 2 additions & 1 deletion os-builds/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,12 @@ terraform {
}
}

required_version = "= 1.9.6"

required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 4"
version = "~> 4.0"
}
}
}
4 changes: 3 additions & 1 deletion static_dns/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@ terraform {
}
}

required_version = "= 1.9.6"

required_providers {
cloudflare = {
source = "cloudflare/cloudflare"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion static_dns/record._checkdns.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
resource "cloudflare_record" "_checkdns" {
zone_id = data.cloudflare_zone.dns_zone.id
name = "_checkdns"
value = "1.1.1.1"
content = "1.1.1.1"
type = "A"
ttl = 1
proxied = false
Expand Down
34 changes: 34 additions & 0 deletions stun_server/main.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
terraform {
cloud {
organization = "home_assistant"

workspaces {
name = "stun_server"
}
}
}

provider "aws" {
region = "us-east-1"
}

module "us_east_1" {
source = "./region"

region = "us-east-1"
image_tag = var.image_tag
}

module "eu_central_1" {
source = "./region"

region = "eu-central-1"
image_tag = var.image_tag
}

module "ap_southeast_1" {
source = "./region"

region = "ap-southeast-1"
image_tag = var.image_tag
}
8 changes: 8 additions & 0 deletions stun_server/outputs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
output "endpoints" {
description = "Endpoints of the Stun server"
value = {
"us-east-1" = module.us_east_1.stun_server_endpoint
"eu-central-1" = module.eu_central_1.stun_server_endpoint
"ap-southeast-1" = module.ap_southeast_1.stun_server_endpoint
}
}
51 changes: 51 additions & 0 deletions stun_server/region/ecs.tf
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
resource "aws_ecs_service" "stun-server-tcp" {
name = "${local.service_name}-tcp"
cluster = local.infrastructure_region_outputs.ecs_cluster
task_definition = module.stun_server_tcp.task_definition
desired_count = 1
deployment_minimum_healthy_percent = 100
deployment_maximum_percent = 200
launch_type = "FARGATE"
depends_on = [aws_lb_listener.stun_80, aws_lb_listener.stun_3478]

network_configuration {
security_groups = [aws_security_group.stun_sg.id]
subnets = local.infrastructure_region_outputs.private_subnets
}

load_balancer {
container_name = "${local.service_name}-tcp"
container_port = "3478"
target_group_arn = aws_lb_target_group.stun.arn
}

tags = {
region = data.aws_region.current.name
}
}

resource "aws_ecs_service" "stun-server-udp" {
name = "${local.service_name}-udp"
cluster = local.infrastructure_region_outputs.ecs_cluster
task_definition = module.stun_server_udp.task_definition
desired_count = 1
deployment_minimum_healthy_percent = 100
deployment_maximum_percent = 200
launch_type = "FARGATE"
depends_on = [aws_lb_listener.stun_80, aws_lb_listener.stun_3478]

network_configuration {
security_groups = [aws_security_group.stun_sg.id]
subnets = local.infrastructure_region_outputs.private_subnets
}

load_balancer {
container_name = "${local.service_name}-udp"
container_port = "3478"
target_group_arn = aws_lb_target_group.stun.arn
}

tags = {
region = data.aws_region.current.name
}
}
Loading

0 comments on commit 6356b21

Please sign in to comment.