| # upstream AMIs |
| data "aws_ami" "ubuntu" { |
| most_recent = true |
| |
| filter { |
| name = "name" |
| values = ["ubuntu/images/hvm-ssd/ubuntu-bionic-18.04-amd64-server-*"] |
| } |
| |
| owners = ["099720109477"] # Official Canonical ID |
| } |
| |
| # Production ------------ |
| # route53 - not currently managed by Systems terraform |
| # roles - not currently managed by Systems terraform |
| # server - not currently managed by Systems terraform |
| |
| # Staging -------------- |
| # route53 |
| resource "aws_route53_zone" "staging_zone" { |
| name = "staging.trustedfirmware.org" |
| } |
| |
| resource "aws_route53_record" "staging-ns" { |
| zone_id = aws_route53_zone.staging_zone.zone_id |
| name = "staging.trustedfirmware.org" |
| type = "NS" |
| ttl = 30 |
| |
| records = [ |
| aws_route53_zone.staging_zone.name_servers.0, |
| aws_route53_zone.staging_zone.name_servers.1, |
| aws_route53_zone.staging_zone.name_servers.2, |
| aws_route53_zone.staging_zone.name_servers.3, |
| ] |
| } |
| |
| #servers |
| resource "aws_instance" "staging-ci" { |
| ami = "ami-0286372f78291e588" |
| instance_type = "t3.large" |
| # hardcoding for the time being. In the future we may want |
| # to split staging off to its own subnet. |
| subnet_id = "subnet-a0d573af" |
| vpc_security_group_ids = [ |
| "${aws_security_group.ci-sg.id}", |
| "${aws_security_group.flexnet-sg.id}", |
| ] |
| key_name = "systems-bot-ssh" |
| tags = { |
| Name = "staging-ci" |
| Environment = "staging" |
| } |
| } |
| |
| resource "aws_route53_record" "ci-staging" { |
| zone_id = aws_route53_zone.staging_zone.zone_id |
| name = "ci" |
| type = "A" |
| ttl = "60" |
| records = [aws_instance.staging-ci.public_ip] |
| } |