mirror of
https://github.com/ryboe/private-ip-cloud-sql-db.git
synced 2025-12-19 18:14:59 -05:00
20a7c64c9a
* Upgrade db from Postgres 11 -> 13 * Upgrade tfe and google provider plugins * Remove google-beta provider since it's no longer needed * Add .terraform-version file to support tfenv * Add .vscode/ settings to play nice with VSCode * Clean up .gitignore
74 lines
2.1 KiB
HCL
74 lines
2.1 KiB
HCL
// root module
|
|
|
|
terraform {
|
|
required_version = ">= 0.14.0"
|
|
required_providers {
|
|
tfe = {
|
|
source = "hashicorp/tfe"
|
|
version = ">= 0.23.0"
|
|
}
|
|
google = {
|
|
source = "hashicorp/google"
|
|
version = ">= 3.49.0"
|
|
}
|
|
}
|
|
backend "remote" {
|
|
organization = "my-terraform-cloud-org"
|
|
workspaces {
|
|
name = "private-ip-cloud-sql-db"
|
|
}
|
|
}
|
|
}
|
|
|
|
locals {
|
|
db_username = "my_user" # Postgres username
|
|
gcp_project_name = "my-gcp-project-274601"
|
|
gcp_region = "us-central1"
|
|
gcp_zone = "us-central1-b"
|
|
}
|
|
|
|
provider "google" {
|
|
project = local.gcp_project_name
|
|
region = local.gcp_region
|
|
zone = local.gcp_zone
|
|
}
|
|
|
|
module "vpc" {
|
|
source = "./modules/vpc"
|
|
|
|
name = "main-vpc"
|
|
}
|
|
|
|
module "db" {
|
|
source = "./modules/db"
|
|
|
|
disk_size = 10
|
|
instance_type = "db-f1-micro"
|
|
password = var.db_password # This is a variable because it's a secret. It's stored here: https://app.terraform.io/app/<YOUR-ORGANIZATION>/workspaces/<WORKSPACE>/variables
|
|
user = local.db_username
|
|
vpc_name = module.vpc.name
|
|
vpc_link = module.vpc.link
|
|
|
|
# There's a dependency relationship between the db and the VPC that
|
|
# terraform can't figure out. The db instance depends on the VPC because it
|
|
# uses a private IP from a block of IPs defined in the VPC. If we just giving
|
|
# the db a public IP, there wouldn't be a dependency. The dependency exists
|
|
# because we've configured private services access. We need to explicitly
|
|
# specify the dependency here. For details, see the note in the docs here:
|
|
# https://www.terraform.io/docs/providers/google/r/sql_database_instance.html#private-ip-instance
|
|
db_depends_on = module.vpc.private_vpc_connection
|
|
}
|
|
|
|
module "dbproxy" {
|
|
source = "./modules/dbproxy"
|
|
|
|
machine_type = "f1-micro"
|
|
db_instance_name = module.db.connection_name # e.g. my-project:us-central1:my-db
|
|
region = local.gcp_region
|
|
zone = local.gcp_zone
|
|
|
|
# By passing the VPC name ("main-vpc") as the output of the VPC module
|
|
# (module.vpc.name), we ensure the VPC will be created before the proxy.
|
|
vpc_name = module.vpc.name
|
|
}
|