Skip to content
This repository has been archived by the owner on Nov 8, 2018. It is now read-only.

crossgovernmentservices/csd-notes-infrastructure

BranchesTags

Repository files navigation

CSD Notes Infrastructure

Terraform templates to create and manage CSD Notes infrastructure.

Requirements

  • Terraform

    Install on OSX with:

    $ brew install terraform

  • BlackBox

  • AWS account credentials

    Place in ~/.aws/credentials:

    [default]
aws_access_key_id = ACCESS_KEY
aws_secret_access_key = SECRET_KEY

Usage (scripted)

The infra.sh script will take care of the manual steps below. It assumes the following filesystem layout, where CSD Notes Config is checked out alongside this repo:

./
  ./csd-notes-infrastructure
  ./csd-notes-config

To create or update an environment:

$ ./infra.sh apply $ENV_NAME

To delete an environment:

$ ./infra.sh destroy $ENV_NAME

The above commands will use database username and password from a matching envs/$ENV_NAME.env file in the CSD Notes Config repo, if present. If not present, envs/default.env will be used.

Usage (manual)

Variables

Variables that are not environment-specific are stored in terraform.tfvars.

Secrets

Secrets are stored in terraform.tfvars, encrypted with GPG and managed with BlackBox. Ask an admin to add your GPG key so you can decrypt.

Shared environment state

Env-specific state files are used to keep environments separate. Terraform's remote state storage is used to store Terraform state in Amazon S3, keeping environments in sync between different uses and users.

Managing environments

Decrypt secrets:

$ blackbox_edit_start terraform.tfvars

or to decrypt all BlackBox-managed files:

$ blackbox_postdeploy

Define env:

$ export ENV=dev  # or ENV=test, ENV=production, etc.

Configure remote storage:

$ terraform remote config
    -backend=s3 -backend-config="bucket=csd-notes-terraform" \
    -backend-config="key=${ENV}.tfstate" -backend-config="region=eu-west-1"

Sync local state with remote:

$ terraform remote pull

To see changes to be made (if any):

$ terraform plan -var "rds_username=${DB_USER}" \
    -var "rds_password=${DB_PASSWORD}" \
    -var "environment=${ENV}" -var "domain_prefix=${ENV}"

To create or update an environment:

$ terraform apply -var "rds_username=${DB_USER}"
    -var "rds_password=${DB_PASSWORD}" \
    -var "environment=${ENV}" -var "domain_prefix=${ENV}"

To delete an environment:

$ terraform destroy -var "rds_username=${DB_USER}" \
    -var "rds_password=${DB_PASSWORD}" \
    -var "environment=${ENV}" -var "domain_prefix=${ENV}"

Variables above are required, and will generally taken from the relevant .env file in the CSD Notes Config repo.

About

Terraform templates for csd-notes

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages