mentos1386/python-azure-example
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
This repository has been archived on 2024-04-25. You can view files and clone it, but cannot push or open issues or pull requests.
python-azure-example/terraform/main.tf

161 lines
4.3 KiB
HCL
Raw Blame History

resource "azurerm_resource_group" "main" {
name = var.name
location = "West Europe"
}
##
# Database
##
resource "random_pet" "database_username" {
separator = ""
}
resource "random_password" "database_password" {
length = 16
special = false
}
resource "azurerm_postgresql_server" "main" {
name = var.name
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
administrator_login = random_pet.database_username.id
administrator_login_password = random_password.database_password.result
sku_name = "B_Gen5_1"
version = "11"
storage_mb = 5120
public_network_access_enabled = false
ssl_enforcement_enabled = true
ssl_minimal_tls_version_enforced = "TLS1_2"
}
resource "azurerm_postgresql_firewall_rule" "main" {
name = "azure-internal"
resource_group_name = azurerm_resource_group.main.name
server_name = azurerm_postgresql_server.main.name
start_ip_address = "0.0.0.0"
end_ip_address = "0.0.0.0"
}
##
# Container Registry
##
resource "azurerm_container_registry" "main" {
name = replace(var.name, "-", "")
resource_group_name = azurerm_resource_group.main.name
location = azurerm_resource_group.main.location
sku = "Basic"
}
data "azurerm_container_registry_scope_map" "main" {
name = "_repositories_pull"
resource_group_name = azurerm_resource_group.main.name
container_registry_name = azurerm_container_registry.main.name
}
resource "azurerm_container_registry_token" "main" {
name = var.name
container_registry_name = azurerm_container_registry.main.name
resource_group_name = azurerm_resource_group.main.name
scope_map_id = data.azurerm_container_registry_scope_map.main.id
}
resource "azurerm_container_registry_token_password" "main" {
container_registry_token_id = azurerm_container_registry_token.main.id
password1 {
}
}
##
# Application
##
resource "azurerm_log_analytics_workspace" "main" {
name = var.name
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
sku = "PerGB2018"
retention_in_days = 30
}
resource "azurerm_container_app_environment" "main" {
name = var.name
location = azurerm_resource_group.main.location
resource_group_name = azurerm_resource_group.main.name
log_analytics_workspace_id = azurerm_log_analytics_workspace.main.id
}
resource "azurerm_container_app" "main" {
name = var.name
container_app_environment_id = azurerm_container_app_environment.main.id
resource_group_name = azurerm_resource_group.main.name
revision_mode = "Single"
secret {
name = "registry-token"
value = one(azurerm_container_registry_token_password.main.password1).value
}
registry {
server = azurerm_container_registry.main.login_server
username = azurerm_container_registry_token.main.name
password_secret_name = "registry-token"
}
ingress {
allow_insecure_connections = false
external_enabled = true
target_port = 8080
traffic_weight {
latest_revision = true
percentage = 100
}
}
secret {
name = "db-username"
value = "${random_pet.database_username.id}@${azurerm_postgresql_server.main.name}"
}
secret {
name = "db-password"
value = random_password.database_password.result
}
template {
container {
name = "maincontainerapp"
image = var.image
cpu = 0.25
memory = "0.5Gi"
env {
name = "DB_HOST"
value = azurerm_postgresql_server.main.fqdn
}
env {
name = "DB_SSLMODE"
value = "require"
}
env {
name = "DB_USER"
secret_name = "db-username"
}
env {
name = "DB_PASSWORD"
secret_name = "db-password"
}
liveness_probe {
path = "/health"
port = 8080
transport = "HTTP"
}
readiness_probe {
path = "/health"
port = 8080
transport = "HTTP"
}
}
}
}
Reference in a new issue View git blame Copy permalink