singforhope/devops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
devops/infra/gcp/main.tf
Javier Hinojosa 35773c6efe added infra
2025-11-09 11:17:13 -05:00

175 lines
4.0 KiB
HCL
Raw Permalink Blame History

terraform {
required_providers {
google = {
source = "hashicorp/google"
version = "~> 5"
}
}
}
provider "google" {
project = var.project_id
}
resource "google_dns_managed_zone" "singforhope_cloud" {
name = "singforhope-cloud"
dns_name = "${var.domain_name}."
dnssec_config {
state = "on"
non_existence = "nsec3"
default_key_specs {
algorithm = "rsasha256"
key_length = 2048
key_type = "keySigning"
}
default_key_specs {
algorithm = "rsasha256"
key_length = 1024
key_type = "zoneSigning"
}
}
}
resource "google_compute_instance" "gitea_vm" {
name = "gitea-vm"
machine_type = var.machine_type
zone = var.zone
tags = ["gitea"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-11"
}
}
network_interface {
network = "default"
access_config {
}
}
service_account {
email = "456409048169-compute@developer.gserviceaccount.com"
scopes = ["https://www.googleapis.com/auth/devstorage.read_only", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring.write", "https://www.googleapis.com/auth/pubsub", "https://www.googleapis.com/auth/service.management.readonly", "https://www.googleapis.com/auth/servicecontrol", "https://www.googleapis.com/auth/trace.append"]
}
}
resource "google_compute_instance" "n8n_vm" {
name = "n8n-vm"
machine_type = var.machine_type
zone = var.zone
tags = ["n8n"]
boot_disk {
initialize_params {
image = "debian-cloud/debian-11"
}
}
network_interface {
network = "default"
access_config {
}
}
service_account {
email = "456409048169-compute@developer.gserviceaccount.com"
scopes = ["https://www.googleapis.com/auth/devstorage.read_only", "https://www.googleapis.com/auth/logging.write", "https://www.googleapis.com/auth/monitoring.write", "https://www.googleapis.com/auth/pubsub", "https://www.googleapis.com/auth/service.management.readonly", "https://www.googleapis.com/auth/servicecontrol", "https://www.googleapis.com/auth/trace.append"]
}
}
resource "google_compute_firewall" "gitea_http" {
name = "gitea-http"
network = "default"
allow {
protocol = "tcp"
ports = ["3000"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["gitea"]
}
resource "google_compute_firewall" "http_allow" {
name = "http-allow"
network = "default"
allow {
protocol = "tcp"
ports = ["80"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["gitea"]
}
resource "google_compute_firewall" "https_allow" {
name = "https-allow"
network = "default"
allow {
protocol = "tcp"
ports = ["443"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["gitea"]
}
resource "google_compute_firewall" "n8n_app_allow" {
name = "n8n-app-allow"
network = "default"
allow {
protocol = "tcp"
ports = ["5678"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["n8n"]
}
resource "google_compute_firewall" "n8n_http_allow" {
name = "n8n-http-allow"
network = "default"
allow {
protocol = "tcp"
ports = ["80"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["n8n"]
}
resource "google_compute_firewall" "n8n_https_allow" {
name = "n8n-https-allow"
network = "default"
allow {
protocol = "tcp"
ports = ["443"]
}
source_ranges = ["0.0.0.0/0"]
target_tags = ["n8n"]
}
resource "google_dns_record_set" "gitea" {
name = "git.${var.domain_name}."
type = "A"
ttl = 300
managed_zone = google_dns_managed_zone.singforhope_cloud.name
rrdatas = [google_compute_instance.gitea_vm.network_interface[0].access_config[0].nat_ip]
}
resource "google_dns_record_set" "n8n" {
name = "n8n.${var.domain_name}."
type = "A"
ttl = 300
managed_zone = google_dns_managed_zone.singforhope_cloud.name
rrdatas = [google_compute_instance.n8n_vm.network_interface[0].access_config[0].nat_ip]
}
Reference in New Issue View Git Blame Copy Permalink