-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathmain.tf
More file actions
129 lines (118 loc) · 4.59 KB
/
main.tf
File metadata and controls
129 lines (118 loc) · 4.59 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "5.94.1"
}
}
backend "s3" {
bucket = "svm-abnmo-iac-bucket"
key = "state/terraform.tfstate"
region = "us-east-1"
encrypt = true
}
}
provider "aws" {
region = var.aws_region
}
locals {
backend_configs = {
development = {
cors_allow_origins = ["https://staging.${var.app_domain}"]
environment_variables = {
NODE_ENV = "development"
APP_ENVIRONMENT = "lambda"
MAINTENANCE = "false"
APP_URL = "https://staging.${var.app_domain}"
COOKIE_DOMAIN = var.app_domain
COOKIE_SECRET = var.dev_cookie_secret
JWT_SECRET = var.dev_jwt_secret
DB_HOST = "db-development.${var.db_domain}"
DB_PORT = "3306"
DB_DATABASE = "abnmo_dev"
DB_USERNAME = "abnmo_dev"
DB_PASSWORD = var.dev_db_password
ENABLE_EMAILS = "true"
EMAIL_PROVIDER = "resend"
RESEND_KEY = var.resend_key
AWS_SES_REGION = var.aws_region
AWS_SES_ACCESS_KEY_ID = var.aws_ses_access_key_id
AWS_SES_SECRET_ACCESS_KEY = var.aws_ses_secret_access_key
AWS_SES_FROM_EMAIL = var.aws_ses_sender
}
}
homolog = {
cors_allow_origins = ["https://homolog.${var.app_domain}"]
environment_variables = {
NODE_ENV = "homolog"
APP_ENVIRONMENT = "lambda"
MAINTENANCE = "false"
APP_URL = "https://homolog.${var.app_domain}"
COOKIE_DOMAIN = var.app_domain
COOKIE_SECRET = var.homolog_cookie_secret
JWT_SECRET = var.homolog_jwt_secret
DB_HOST = "db-homolog.${var.db_domain}"
DB_PORT = "3306"
DB_DATABASE = "abnmo_homolog"
DB_USERNAME = "abnmo_homolog"
DB_PASSWORD = var.homolog_db_password
ENABLE_EMAILS = "true"
EMAIL_PROVIDER = "resend"
RESEND_KEY = var.resend_key
AWS_SES_REGION = var.aws_region
AWS_SES_ACCESS_KEY_ID = var.aws_ses_access_key_id
AWS_SES_SECRET_ACCESS_KEY = var.aws_ses_secret_access_key
AWS_SES_FROM_EMAIL = var.aws_ses_sender
}
}
production = {
cors_allow_origins = ["https://${var.app_domain}"]
environment_variables = {
NODE_ENV = "production"
APP_ENVIRONMENT = "lambda"
MAINTENANCE = "false"
APP_URL = "https://${var.app_domain}"
COOKIE_DOMAIN = var.app_domain
COOKIE_SECRET = var.prod_cookie_secret
JWT_SECRET = var.prod_jwt_secret
DB_HOST = "db-production.${var.db_domain}"
DB_PORT = "3306"
DB_DATABASE = var.prod_db_name
DB_USERNAME = var.prod_db_user
DB_PASSWORD = var.prod_db_password
ENABLE_EMAILS = "true"
EMAIL_PROVIDER = "resend"
RESEND_KEY = var.resend_key
AWS_SES_REGION = var.aws_region
AWS_SES_ACCESS_KEY_ID = var.aws_ses_access_key_id
AWS_SES_SECRET_ACCESS_KEY = var.aws_ses_secret_access_key
AWS_SES_FROM_EMAIL = var.aws_ses_sender
}
}
}
domain_mappings = {
development = "api-dev.${var.app_domain}"
homolog = "api-homolog.${var.app_domain}"
production = "api.${var.app_domain}"
}
}
module "abnmo_svm_backend" {
for_each = var.backend_environments
source = "./modules/backend"
environment = each.key
custom_domain_name = var.dns_validation_complete ? local.domain_mappings[each.key] : null
certificate_arn = aws_acm_certificate.wildcard_api.arn
github_oidc_provider_arn = aws_iam_openid_connect_provider.github.arn
cors_allow_origins = local.backend_configs[each.key].cors_allow_origins
environment_variables = local.backend_configs[each.key].environment_variables
budget_limit = var.budget_limit
budget_emails = var.budget_emails
}
module "ses_abnmo" {
source = "./modules/ses"
domain = "abnmo.org"
manage_dns = false
email_identities = [
var.aws_ses_sender
]
}