Fix errors

diff --git a/.gitignore b/.gitignore
index 31880712a1f5e6e82311a28e7d0acdea6d5a4152..f80cbfe3570a57e4ab1b33effc40c7a96b9f4d0d 100644 (file)
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,4 @@
 **/*.tfstate
 **/*.tfstate.*
 **/terraform.tfvars
+.DS_Store

diff --git a/terraform/main.tf b/terraform/main.tf
index 59eb6c7527a699d3f7d9a28e757a01305960e5eb..e47efc02e6c0b9e7c1d82ac916aa8e7a7ce931c9 100644 (file)
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -4,24 +4,26 @@ provider "aws" {
 
 # Using default AWS values for Network
 data "aws_vpc" "default" {
-  default = true  
+  default = true
 ***REMOVED***
 
-data "aws_subnets" "default" {
-  filter {
-    name      = "vpc-id"
-    values    = [data.aws_vpc.default.id]
-  ***REMOVED***
+resource "aws_default_subnet" "a" {
+  availability_zone = "us-east-1a"
+***REMOVED***
+
+# Attach IGW as the default route to the subnet 
+resource "aws_internet_gateway" "igw" {
+  vpc_id = data.aws_vpc.default.id
 ***REMOVED***
 
 # Ubuntu linux AMI version
 data "aws_ami" "ubuntu" {
-  most_recent     = true
-  owners          = ["099720109477"] # Offical Canonical ID
+  most_recent = true
+  owners      = ["099720109477"] # Offical Canonical ID
 
   filter {
-    name    = "name"
-    values  = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] 
+    name   = "name"
+    values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"]
   ***REMOVED***
 ***REMOVED***
 
@@ -32,16 +34,16 @@ data "aws_ec2_managed_prefix_list" "cloudfront_origin" {
 
 # Security group
 resource "aws_security_group" "gitweb" {
-  name          = "${var.project_name***REMOVED***-sg"
-  description   = "SSH from my IP; HTTP only from CloudFront origin-facing"
-  vpc_id        = "data.aws_vpc.default.id"
+  name        = "${var.project_name***REMOVED***-sg"
+  description = "SSH from my IP; HTTP only from CloudFront origin-facing"
+  vpc_id      = data.aws_vpc.default.id
 
   ingress {
-    description     = "SSH only from my IP"
-    from_port       = 22
-    to_port         = 22
-    protocol        = "tcp"
-    cidr_blocks     = [var.my_ip_cidr]
+    description = "SSH only from my IP"
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = [var.my_ip_cidr]
   ***REMOVED***
 
   ingress {
@@ -53,29 +55,29 @@ resource "aws_security_group" "gitweb" {
   ***REMOVED***
 
   egress {
-    description     = "Allow outbound for updates"
-    from_port       = 0
-    to_port         = 0
-    protocol        = "-1"
-    cidr_blocks     = ["0.0.0.0/0"]
-
-    tags {
-      Name = "${var.project_name***REMOVED***-sg"  
-    ***REMOVED*** 
+    description = "Allow outbound for updates"
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  ***REMOVED***
+
+  tags = {
+    Name = "${var.project_name***REMOVED***-sg"
   ***REMOVED***
 ***REMOVED***
 
 # EC2 instance
 resource "aws_instance" "gitweb" {
-  ami                     = data.aws_ami.ubuntu.id
-  instance_type           = var.instance_type
-  subnet_id               = data.aws_subnets.default.ids[0]
-  vpc_security_group_ids  = [aws_security_group.gitweb.id]
-  key_name                = var.key_name
+  ami                    = data.aws_ami.ubuntu.id
+  instance_type          = var.instance_type
+  subnet_id              = aws_default_subnet.a.id
+  vpc_security_group_ids = [aws_security_group.gitweb.id]
+  key_name               = var.key_name
 
-  user_data               = file("${path.module/user_data_config.sh***REMOVED***")
+  user_data = file("${path.module***REMOVED***/user_data_config.sh")
 
-  tags {
+  tags = {
     Name = "${var.project_name***REMOVED***-ec2"
   ***REMOVED***
 ***REMOVED***
@@ -83,10 +85,10 @@ resource "aws_instance" "gitweb" {
 # Elastic IP for stability (because of CloudFront)
 
 resource "aws_eip" "gitweb" {
-  domanin   = "vpc"
-  instance  = aws_instance.gitweb.id
+  domain   = "vpc"
+  instance = aws_instance.gitweb.id
 
-  tags {
+  tags = {
     Name = "${var.project_name***REMOVED***-eip"
   ***REMOVED***
 ***REMOVED***
@@ -94,33 +96,34 @@ resource "aws_eip" "gitweb" {
 # CloudFront distribuition
 resource "aws_cloudfront_distribution" "gitweb" {
   enabled         = true
-  is_ipv6_enabeld = true
+  is_ipv6_enabled = true
   comment         = "GitWeb behind CloudFront (origin restricted)"
 
   origin {
-    # CloudFront custom origin can use IP addr directly
-    domain_name   = aws_eip.gitweb.public_ip
-    origin_id     = "${var.project_name***REMOVED***-origin"
+    # Using the public DNS of the instance just to be simple,
+    # because it has also a EIP
+    domain_name = aws_eip.gitweb.public_dns
+    origin_id   = "${var.project_name***REMOVED***-origin"
 
     custom_origin_config {
-      http_port               = 80
-      https_port              = 443
-      origin_protocol_policy  = "http-only"
-      origin_ssl_protocols    = ["TLSv1.3"]
+      http_port              = 80
+      https_port             = 443
+      origin_protocol_policy = "http-only"
+      origin_ssl_protocols   = ["TLSv1.2"]
     ***REMOVED***
   ***REMOVED***
 
-  default_cache_bahavior {
-    target_origin_id          = "${var.project_name***REMOVED***-origin"
-    viewer_protocol_policy    = "redirect-to-https"
+  default_cache_behavior {
+    target_origin_id       = "${var.project_name***REMOVED***-origin"
+    viewer_protocol_policy = "redirect-to-https"
+
+    allowed_methods = ["GET", "HEAD"]
+    cached_methods  = ["GET", "HEAD"]
 
-    allowed-methods           = ["GET", "HEAD"]
-    cached_methods            = ["GET", "HEAD"]
-    
     # GitWeb relies on query strings
-    forward_values {
-      query_string             = true
-      headers                  = []
+    forwarded_values {
+      query_string = true
+      headers      = []
       cookies {
         forward = "none"
       ***REMOVED***

diff --git a/terraform/terraform.tfvars.example b/terraform/terraform.tfvars.example
new file mode 100644 (file)
index 0000000..3346e34
--- /dev/null
+++ b/terraform/terraform.tfvars.example
@@ -0,0 +1,4 @@
+region     = "us-east-1"
+my_ip_cidr = "YOUR_PUBLIC_IP/32"
+key_name   = "your-keypair-name"
+

diff --git a/terraform/variables.tf b/terraform/variables.tf
index be2a4c2ea35da7bc9646c0a2e86525e0aa28a151..ad952d2cdc423d20d59effb7f1bf5a00aaa2c582 100644 (file)
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -1,24 +1,24 @@
 variable "region" {
-  type    =  string
+  type    = string
   default = "us-east-1"
 ***REMOVED***
 
 ***REMOVED***
 ***REMOVED***
-***REMOVED***
+  description = "177.4.160.248/32"
 ***REMOVED***
 
 variable "key_name" {
-  type          = string
-  description   = "gitweb-key"
+***REMOVED***
+  description = "gitweb-key"
 ***REMOVED***
 
 variable "instance_type" {
-  type          = string
-  default       = "t3.small"
+  type    = string
+  default = "t3.small"
 ***REMOVED***
 
 variable "project_name" {
-  type          = string
-  description   = "host-gitweb"
+***REMOVED***
+  description = "host-gitweb"
 ***REMOVED***

diff --git a/terraform/versions.tf b/terraform/versions.tf
index a9f60e1dd13d9ce21f81ebd8a762066071efa8d5..657d00be6e08bb86fcc7d86c086d7800fbe0788a 100644 (file)
--- a/terraform/versions.tf
+++ b/terraform/versions.tf
@@ -1,9 +1,9 @@
 terraform {
   required_version = ">= 1.14.0"
-  
+
   required_providers {
     aws = {
-      source = "hashicorp/aws"
+      source  = "hashicorp/aws"
       version = ">= 6.0"
     ***REMOVED***
   ***REMOVED***