-
Notifications
You must be signed in to change notification settings - Fork 0
/
instance_template.tf
46 lines (46 loc) · 2.36 KB
/
instance_template.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
resource "google_compute_region_instance_template" "app_instance_template" {
name = var.instance_template_name
machine_type = var.instance_template_machine_type
region = var.gcp_region
tags = [var.firewall_target_tag]
depends_on = [google_sql_database_instance.main, google_sql_database.database, google_sql_user.user, random_password.password, google_service_account.vm_service_account, google_project_iam_binding.loggingAdmin, google_project_iam_binding.metricWriter, google_pubsub_topic_iam_binding.pubsub_publisher, google_project_iam_binding.compute_engine_service_agent_iam_binding, google_kms_crypto_key_iam_binding.vm_key_iam_binding]
disk {
source_image = var.custom_image
disk_type = var.compute_instance_disktype
disk_size_gb = var.compute_instance_size
disk_encryption_key {
kms_key_self_link = google_kms_crypto_key.vm_key.id
}
}
service_account {
email = google_service_account.vm_service_account.email
scopes = ["cloud-platform"]
}
metadata = {
db_name = google_sql_database.database.name
db_private_ipv4 = google_sql_database_instance.main.private_ip_address
db_user = google_sql_user.user.name
db_password = random_password.password.result
}
metadata_startup_script = <<-EOT
#!/bin/bash
if ! test -f /var/www/webapp/.env; then
DATABASE=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/db_name" -H "Metadata-Flavor: Google")
USER=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/db_user" -H "Metadata-Flavor: Google")
PASSWORD=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/db_password" -H "Metadata-Flavor: Google")
HOST=$(curl "http://metadata.google.internal/computeMetadata/v1/instance/attributes/db_private_ipv4" -H "Metadata-Flavor: Google")
sudo echo "DATABASE=$DATABASE" >> /var/www/webapp/.env
sudo echo "USER=$USER" >> /var/www/webapp/.env
sudo echo "PASSWORD=$PASSWORD" >> /var/www/webapp/.env
sudo echo "HOST=$HOST" >> /var/www/webapp/.env
sudo chown csye6225 /var/www/webapp/.env
sudo chgrp csye6225 /var/www/webapp/.env
fi
EOT
network_interface {
access_config {
network_tier = var.access_config_network_tire
}
subnetwork = google_compute_subnetwork.backend_subnet.id
}
}