Migrate to terraform-community-modules

sprutner · May 23, 2017 · c4d15b2 · c4d15b2
1 parent 2928d8f
commit c4d15b2
Show file tree

Hide file tree

Showing 5 changed files with 87 additions and 46 deletions.
diff --git a/LICENCE b/LICENCE
@@ -1,3 +1,7 @@
+Author:: Quentin Rousseau (<[email protected]>)
+
+Copyright 2017 Quentin Rousseau
+
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
 You may obtain a copy of the License at
@@ -8,4 +12,3 @@ Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
-limitations under the License.
diff --git a/README.md b/README.md
@@ -1,6 +1,8 @@
-## Terraform OpenVPN module for AWS
+# tf_aws_openvpn
 
-### This module is creating the following resources:
+Terraform module which creates OpenVPN on AWS
+
+## This module is creating the following resources:
 
 1. Two Route53 Records
   a. vpn-web.domain.com
@@ -9,7 +11,7 @@
 3. One EC2 Security Group
 4. One EC2 Instance
 
-### Architecture
+## Architecture
 
 ```plain
 
@@ -32,25 +34,37 @@ Internet --> |  DNS  | --> |  SG   | --> |  EC2  |
         vpn.domain.com -->  TCP:1194 -->  TCP:1194 OK
 ```
 
-### Usage
+## Usage
 
 ```hcl
 module "openvpn" {
-  source             = "github.com/kwent/terraform-openvpn-aws"
+  source             = "github.com/terraform-community-modules/tf_aws_openvpn"
   name               = "openVPN"
+  # VPC Inputs
   vpc_id             = "${var.vpc_id}"
   vpc_cidr           = "${var.vpc_cidr}"
   public_subnet_ids  = "${var.public_subnet_ids}"
-  cert_arn           = "${var.cert_arn}"
+  # EC2 Inputs
   key_name           = "${var.key_name}"
   private_key        = "${var.private_key}"
   ami                = "${var.ami}"
   instance_type      = "${var.instance_type}"
+  # ELB Inputs
+  cert_arn           = "${var.cert_arn}"
+  # DNS Inputs
+  domain_name        = "${var.public_domain_name}"
+  route_zone_id      = "${var.route_zone_id}"
+  # OpenVPN Inputs
   openvpn_user       = "${var.openvpn_user}"
-  openvpn_admin_user = "${var.openvpn_admin_user}"
+  openvpn_admin_user = "${var.openvpn_admin_user}" # Note: Don't choose "admin" username. Looks like it's already reserved.
   openvpn_admin_pw   = "${var.openvpn_admin_pw}"
-  vpn_cidr           = "${var.vpn_cidr}"
-  sub_domain         = "${var.public_domain_name}"
-  route_zone_id      = "${var.route_zone_id}"
 }
 ```
+
+## Authors
+
+Created and maintained by [Quentin Rousseau](https://github.com/kwent) ([email protected]).
+
+## License
+
+Apache 2 Licensed. See LICENSE for full details.
diff --git a/main.tf b/main.tf
@@ -3,11 +3,13 @@
 #----------------------------------------------------------------
 
 resource "aws_security_group" "openvpn" {
-  name   = "${var.name}"
-  vpc_id = "${var.vpc_id}"
+  name        = "${var.name}"
+  vpc_id      = "${var.vpc_id}"
   description = "OpenVPN security group"
 
-  tags { Name = "${var.name}" }
+  tags {
+    Name = "${var.name}"
+  }
 
   ingress {
     protocol    = -1
@@ -24,21 +26,18 @@ resource "aws_security_group" "openvpn" {
     to_port     = 22
     cidr_blocks = ["0.0.0.0/0"]
   }
-
   ingress {
     protocol    = "tcp"
     from_port   = 443
     to_port     = 443
     cidr_blocks = ["0.0.0.0/0"]
   }
-
   ingress {
     protocol    = "udp"
     from_port   = 1194
     to_port     = 1194
     cidr_blocks = ["0.0.0.0/0"]
   }
-
   egress {
     protocol    = -1
     from_port   = 0
@@ -55,7 +54,9 @@ resource "aws_instance" "openvpn" {
 
   vpc_security_group_ids = ["${aws_security_group.openvpn.id}"]
 
-  tags { Name = "${var.name}" }
+  tags {
+    Name = "${var.name}"
+  }
 
   # `admin_user` and `admin_pw` need to be passed in to the appliance through `user_data`, see docs -->
   # https://docs.openvpn.net/how-to-tutorialsguides/virtual-platforms/amazon-ec2-appliance-ami-quick-start-guide/
@@ -66,27 +67,31 @@ USERDATA
 
   provisioner "remote-exec" {
     connection {
-      user         = "${var.openvpn_user}"
-      host         = "${self.public_ip}"
-      private_key  = "${var.private_key}"
-      timeout      = "10m"
+      user        = "${var.openvpn_user}"
+      host        = "${self.public_ip}"
+      private_key = "${var.private_key}"
+      timeout     = "10m"
     }
+
     inline = [
       # Sleep 60 seconds until AMI is ready
       "sleep 60",
+
       # Set VPN network info
       "sudo /usr/local/openvpn_as/scripts/sacli -k vpn.daemon.0.client.network -v ${element(split("/", var.vpn_cidr), 0)} ConfigPut",
+
       "sudo /usr/local/openvpn_as/scripts/sacli -k vpn.daemon.0.client.netmask_bits -v ${element(split("/", var.vpn_cidr), 1)} ConfigPut",
+
       # Do a warm restart so the config is picked up
       "sudo /usr/local/openvpn_as/scripts/sacli start",
     ]
   }
 }
 
 resource "aws_elb" "openvpn" {
-  name               = "openvpn-elb"
-  subnets            = ["${var.public_subnet_ids}"]
-  internal           = false
+  name                        = "openvpn-elb"
+  subnets                     = ["${var.public_subnet_ids}"]
+  internal                    = false
   idle_timeout                = 30
   connection_draining         = true
   connection_draining_timeout = 30
@@ -116,8 +121,9 @@ resource "aws_elb" "openvpn" {
 
 resource "aws_route53_record" "openvpn-web" {
   zone_id = "${var.route_zone_id}"
-  name    = "vpn-web.${var.sub_domain}"
+  name    = "vpn-web.${var.domain_name}"
   type    = "A"
+
   alias {
     name                   = "${aws_elb.openvpn.dns_name}"
     zone_id                = "${aws_elb.openvpn.zone_id}"
@@ -127,7 +133,7 @@ resource "aws_route53_record" "openvpn-web" {
 
 resource "aws_route53_record" "openvpn" {
   zone_id = "${var.route_zone_id}"
-  name    = "vpn.${var.sub_domain}"
+  name    = "vpn.${var.domain_name}"
   type    = "A"
   ttl     = 300
   records = ["${aws_instance.openvpn.public_ip}"]

diff --git a/outputs.tf b/outputs.tf
@@ -1,4 +1,15 @@
-output "private_ip"      { value = "${aws_instance.openvpn.private_ip}" }
-output "public_ip"       { value = "${aws_instance.openvpn.public_ip}" }
-output "public_web_fqdn" { value = "${aws_route53_record.openvpn-web.fqdn}" }
-output "public_fqdn"     { value = "${aws_route53_record.openvpn.fqdn}" }
+output "private_ip" {
+  value = "${aws_instance.openvpn.private_ip}"
+}
+
+output "public_ip" {
+  value = "${aws_instance.openvpn.public_ip}"
+}
+
+output "public_web_fqdn" {
+  value = "${aws_route53_record.openvpn-web.fqdn}"
+}
+
+output "public_fqdn" {
+  value = "${aws_route53_record.openvpn.fqdn}"
+}
diff --git a/variables.tf b/variables.tf
@@ -1,15 +1,22 @@
-variable "name"               { default = "openvpn" }
-variable "vpc_id"             { }
-variable "vpc_cidr"           { }
-variable "public_subnet_ids"  { type = "list" }
-variable "cert_arn"           { }
-variable "key_name"           { }
-variable "private_key"        { }
-variable "ami"                { }
-variable "instance_type"      { }
-variable "openvpn_user"       { }
-variable "openvpn_admin_user" { }
-variable "openvpn_admin_pw"   { }
-variable "vpn_cidr"           { }
-variable "sub_domain"         { }
-variable "route_zone_id"      { }
+variable "name" {
+  default = "openvpn"
+}
+
+variable "vpc_id" {}
+variable "vpc_cidr" {}
+
+variable "public_subnet_ids" {
+  type = "list"
+}
+
+variable "cert_arn" {}
+variable "key_name" {}
+variable "private_key" {}
+variable "ami" {}
+variable "instance_type" {}
+variable "openvpn_user" {}
+variable "openvpn_admin_user" {}
+variable "openvpn_admin_pw" {}
+variable "vpn_cidr" {}
+variable "domain_name" {}
+variable "route_zone_id" {}