diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 112a2ef..9822a1e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -2,7 +2,7 @@ variables: GIT_SUBMODULE_STRATEGY: none CI_DISPOSABLE_ENVIRONMENT: "true" -image: blockstream/gcloud-docker@sha256:d5db1ec7faedfd46230fb53c859679e6abdd9173599209035e307c1a386a2189 +image: blockstream/gcloud-docker@sha256:2ab8222c44502282a614cdda4a9f1434d6f91e93888a39c56b82ebc52f6bd3b1 stages: - build - plan @@ -83,7 +83,7 @@ plan_satapi: -var "rpcuser=$RPCUSER" -var "rpcpass=$RPCPASS" -input=false) - + # This plan gets triggered only for miscellaneous branches/tags (i.e. tor, prometheus, etc), so make sure the branch/tag name starts with misc_ plan_misc: stage: plan diff --git a/terraform/data.tf b/terraform/data.tf index 89eba47..8a3b0d8 100644 --- a/terraform/data.tf +++ b/terraform/data.tf @@ -1,10 +1,9 @@ data "terraform_remote_state" "blc-mainnet" { backend = "gcs" - config { - bucket = "tf-state-satellite-api" - prefix = "terraform/state" - project = "satellite-api" + config = { + bucket = "tf-state-satellite-api" + prefix = "terraform/state" } workspace = "prod" @@ -13,11 +12,11 @@ data "terraform_remote_state" "blc-mainnet" { data "terraform_remote_state" "blc-testnet" { backend = "gcs" - config { - bucket = "tf-state-satellite-api" - prefix = "terraform/state" - project = "satellite-api" + config = { + bucket = "tf-state-satellite-api" + prefix = "terraform/state" } workspace = "testnet-prod" } + diff --git a/terraform/kms.tf b/terraform/kms.tf index 2e6abab..5b779d0 100644 --- a/terraform/kms.tf +++ b/terraform/kms.tf @@ -1,14 +1,15 @@ resource "google_kms_key_ring" "tor-key-ring" { - project = "${var.project}" + project = var.project name = "${var.name}-keyring" - location = "${var.region}" + location = var.region - count = "${local.create_misc}" + count = local.create_misc } resource "google_kms_crypto_key" "tor-crypto-key" { name = "${var.name}-crypto-key" - key_ring = "${google_kms_key_ring.tor-key-ring.id}" + key_ring = google_kms_key_ring.tor-key-ring[0].id - count = "${local.create_misc}" + count = local.create_misc } + diff --git a/terraform/main.tf b/terraform/main.tf index 4f54fc1..f4ee8c6 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -2,135 +2,141 @@ terraform { required_version = "> 0.11.0" backend "gcs" { - bucket = "terraform-bs-source" - prefix = "satellite-api" - project = "blockstream-source" + bucket = "terraform-bs-source" + prefix = "satellite-api" } } provider "google" { - project = "${var.project}" + project = "var.project" } provider "google-beta" { - project = "${var.project}" + project = "var.project" } module "blc-mainnet" { - source = "modules/blc" + source = "./modules/blc" - project = "${var.project}" + project = var.project name = "satellite-api" network = "default" - bitcoin_docker = "${var.bitcoin_docker}" - lightning_docker = "${var.lightning_docker}" - charge_docker = "${var.charge_docker}" - ionosphere_docker = "${var.ionosphere_docker}" - ionosphere_sse_docker = "${var.ionosphere_sse_docker}" - node_exporter_docker = "${var.node_exporter_docker}" + bitcoin_docker = var.bitcoin_docker + lightning_docker = var.lightning_docker + charge_docker = var.charge_docker + ionosphere_docker = var.ionosphere_docker + ionosphere_sse_docker = var.ionosphere_sse_docker + node_exporter_docker = var.node_exporter_docker net = "mainnet" - env = "${local.env}" + env = local.env - create_resources = "${local.create_mainnet}" + create_resources = local.create_mainnet # CI vars - region = "${var.region}" - zone = "${var.zone}" - instance_type = "${var.instance_type[0]}" - host = ["${var.host}"] - space_host = "${var.space_host}" - ssl_cert = ["${var.ssl_cert}"] - timeout = "${var.timeout}" - prom_service_acct = "${var.prom_service_acct}" - opsgenie_key = "${var.opsgenie_key}" - rpcuser = "${var.rpcuser}" - rpcpass = "${var.rpcpass}" + region = var.region + zone = var.zone + instance_type = var.instance_type[0] + host = var.host + space_host = var.space_host + ssl_cert = [var.ssl_cert] + timeout = var.timeout + prom_service_acct = var.prom_service_acct + opsgenie_key = var.opsgenie_key + rpcuser = var.rpcuser + rpcpass = var.rpcpass } module "blc-testnet" { - source = "modules/blc" + source = "./modules/blc" - project = "${var.project}" + project = var.project name = "satellite-api" network = "default" - bitcoin_docker = "${var.bitcoin_docker}" - lightning_docker = "${var.lightning_docker}" - charge_docker = "${var.charge_docker}" - ionosphere_docker = "${var.ionosphere_docker}" - ionosphere_sse_docker = "${var.ionosphere_sse_docker}" - node_exporter_docker = "${var.node_exporter_docker}" + bitcoin_docker = var.bitcoin_docker + lightning_docker = var.lightning_docker + charge_docker = var.charge_docker + ionosphere_docker = var.ionosphere_docker + ionosphere_sse_docker = var.ionosphere_sse_docker + node_exporter_docker = var.node_exporter_docker net = "testnet" - env = "${local.env}" + env = local.env - create_resources = "${local.create_testnet}" + create_resources = local.create_testnet # CI vars - region = "${var.region}" - zone = "${var.zone}" - instance_type = "${var.instance_type[0]}" - host = ["${var.host}"] - space_host = "${var.space_host}" - ssl_cert = ["${var.ssl_cert}"] - timeout = "${var.timeout}" - prom_service_acct = "${var.prom_service_acct}" - opsgenie_key = "${var.opsgenie_key}" - rpcuser = "${var.rpcuser}" - rpcpass = "${var.rpcpass}" + region = var.region + zone = var.zone + instance_type = var.instance_type[0] + host = var.host + space_host = var.space_host + ssl_cert = [var.ssl_cert] + timeout = var.timeout + prom_service_acct = var.prom_service_acct + opsgenie_key = var.opsgenie_key + rpcuser = var.rpcuser + rpcpass = var.rpcpass } module "tor" { - source = "modules/tor" + source = "./modules/tor" - project = "${var.project}" + project = var.project network = "default" name = "satapi-tor" - gcloud_docker = "${var.gcloud_docker}" - tor_docker = "${var.tor_docker}" - node_exporter_docker = "${var.node_exporter_docker}" - kms_key = "${element(concat(google_kms_crypto_key.tor-crypto-key.*.name, list("")), 0)}" - kms_key_ring = "${element(concat(google_kms_key_ring.tor-key-ring.*.name, list("")), 0)}" - kms_key_link = "${element(concat(google_kms_crypto_key.tor-crypto-key.*.self_link, list("")), 0)}" - tor_lb = "${element(concat(google_compute_global_address.tor-lb.*.address, list("")), 0)}" + gcloud_docker = var.gcloud_docker + tor_docker = var.tor_docker + node_exporter_docker = var.node_exporter_docker + kms_key = element(concat(google_kms_crypto_key.tor-crypto-key.*.name, [""]), 0) + kms_key_ring = element(concat(google_kms_key_ring.tor-key-ring.*.name, [""]), 0) + kms_key_link = element( + concat(google_kms_crypto_key.tor-crypto-key.*.self_link, [""]), + 0, + ) + tor_lb = element( + concat(google_compute_global_address.tor-lb.*.address, [""]), + 0, + ) - create_resources = "${local.create_misc}" + create_resources = local.create_misc # CI vars - region = "${var.region}" - zone = "${var.zone}" - instance_type = "${var.instance_type[1]}" - onion_host = "${var.onion_host}" - prom_service_acct = "${var.prom_service_acct}" + region = var.region + zone = var.zone + instance_type = var.instance_type[1] + onion_host = var.onion_host + prom_service_acct = var.prom_service_acct } module "prometheus" { - source = "modules/prometheus" + source = "./modules/prometheus" - project = "${var.project}" + project = var.project network = "default" name = "satapi-prometheus" - prom_docker = "${var.prom_docker}" - node_exporter_docker = "${var.node_exporter_docker}" + prom_docker = var.prom_docker + node_exporter_docker = var.node_exporter_docker - create_resources = "${local.create_misc}" + create_resources = local.create_misc # CI vars - region = "${var.region}" - zone = "${var.zone}" - instance_type = "${var.instance_type[2]}" - prom_allowed_source_ip = "${var.prom_allowed_source_ip}" - opsgenie_key = "${var.opsgenie_key}" - prom_service_acct = "${var.prom_service_acct}" + region = var.region + zone = var.zone + instance_type = var.instance_type[2] + prom_allowed_source_ip = var.prom_allowed_source_ip + opsgenie_key = var.opsgenie_key + prom_service_acct = var.prom_service_acct } module "dns" { - source = "modules/dns" + source = "./modules/dns" - project = "${var.project}" + project = var.project - create_resources = "${local.create_misc}" + create_resources = local.create_misc # CI vars - satellite_lb = "${var.satellite_lb}" - satellite_api_lb = "${var.satellite_api_lb}" - satellite_api_lb_staging = "${var.satellite_api_lb_staging}" + satellite_lb = var.satellite_lb + satellite_api_lb = var.satellite_api_lb + satellite_api_lb_staging = var.satellite_api_lb_staging } + diff --git a/terraform/modules/blc/data.tf b/terraform/modules/blc/data.tf index 0b6788b..83426ac 100644 --- a/terraform/modules/blc/data.tf +++ b/terraform/modules/blc/data.tf @@ -1,47 +1,49 @@ data "google_compute_network" "blc" { name = "default" + project = var.project } data "google_compute_image" "blc" { family = "satapi-data-${var.net}-${var.env}" - project = "${var.project}" - count = "${var.create_resources}" + project = var.project + count = var.create_resources } data "template_file" "blc" { - template = "${file("${path.module}/cloud-init/blc.yaml")}" - count = "${var.create_resources}" + template = file("${path.module}/cloud-init/blc.yaml") + count = var.create_resources - vars { - rpcuser = "${var.rpcuser}" - rpcpass = "${var.rpcpass}" - net = "${var.net}" - url_path = "${var.net == "testnet" ? "/testnet" : ""}" + vars = { + rpcuser = var.rpcuser + rpcpass = var.rpcpass + net = var.net + url_path = var.net == "testnet" ? "/testnet" : "" bitcoin_cmd = "bitcoind ${var.net == "testnet" ? "-testnet" : ""} -printtoconsole" lightning_cmd = "lightningd ${var.net == "testnet" ? "--testnet" : "--mainnet"} --conf=/root/.lightning/lightning.conf --plugin-dir=/usr/local/bin/plugins" charge_cmd = "charged -d /data/charge.db -l /root/.lightning" - announce_addr = "${google_compute_address.blc.address}" + announce_addr = google_compute_address.blc[0].address lightning_port = 9735 - bitcoin_docker = "${var.bitcoin_docker}" - lightning_docker = "${var.lightning_docker}" - charge_docker = "${var.charge_docker}" + bitcoin_docker = var.bitcoin_docker + lightning_docker = var.lightning_docker + charge_docker = var.charge_docker redis_port = 6379 - ionosphere_docker = "${var.ionosphere_docker}" - ionosphere_sse_docker = "${var.ionosphere_sse_docker}" - node_exporter_docker = "${var.node_exporter_docker}" - opsgenie_key = "${var.opsgenie_key}" - host = "${var.host[0]}" - space_host = "${var.host[1]}" + ionosphere_docker = var.ionosphere_docker + ionosphere_sse_docker = var.ionosphere_sse_docker + node_exporter_docker = var.node_exporter_docker + opsgenie_key = var.opsgenie_key + host = var.host[0] + space_host = var.host[1] } } data "template_cloudinit_config" "blc" { gzip = false base64_encode = false - count = "${var.create_resources}" + count = var.create_resources part { content_type = "text/cloud-config" - content = "${data.template_file.blc.rendered}" + content = data.template_file.blc[0].rendered } } + diff --git a/terraform/modules/blc/firewall.tf b/terraform/modules/blc/firewall.tf index f1be0dc..11dbbaa 100644 --- a/terraform/modules/blc/firewall.tf +++ b/terraform/modules/blc/firewall.tf @@ -1,7 +1,7 @@ resource "google_compute_firewall" "blc" { name = "${var.name}-${var.net}-fw-rule-${var.env}" - network = "${data.google_compute_network.blc.self_link}" - count = "${var.create_resources}" + network = data.google_compute_network.blc.self_link + count = var.create_resources allow { protocol = "tcp" @@ -9,14 +9,14 @@ resource "google_compute_firewall" "blc" { } target_service_accounts = [ - "${google_service_account.blc.email}", + google_service_account.blc[0].email, ] } resource "google_compute_firewall" "blc-prom" { name = "${var.name}-${var.net}-prometheus-access-${var.env}" - network = "${data.google_compute_network.blc.self_link}" - count = "${var.create_resources}" + network = data.google_compute_network.blc.self_link + count = var.create_resources allow { protocol = "tcp" @@ -24,10 +24,11 @@ resource "google_compute_firewall" "blc-prom" { } source_service_accounts = [ - "${var.prom_service_acct}", + var.prom_service_acct, ] target_service_accounts = [ - "${google_service_account.blc.email}", + google_service_account.blc[0].email, ] } + diff --git a/terraform/modules/blc/iam.tf b/terraform/modules/blc/iam.tf index bda2b49..75d208a 100644 --- a/terraform/modules/blc/iam.tf +++ b/terraform/modules/blc/iam.tf @@ -1,12 +1,13 @@ resource "google_service_account" "blc" { account_id = "${var.name}-${var.net}-${var.env}" display_name = "${var.name}-${var.net}-${var.env}" - count = "${var.create_resources}" + count = var.create_resources } resource "google_project_iam_member" "blc" { - project = "${var.project}" + project = var.project role = "roles/editor" - member = "serviceAccount:${google_service_account.blc.email}" - count = "${var.create_resources}" + member = "serviceAccount:${google_service_account.blc[0].email}" + count = var.create_resources } + diff --git a/terraform/modules/blc/main.tf b/terraform/modules/blc/main.tf index bccee03..7126d54 100644 --- a/terraform/modules/blc/main.tf +++ b/terraform/modules/blc/main.tf @@ -1,16 +1,16 @@ # Instance group resource "google_compute_instance_group_manager" "blc" { name = "${var.name}-ig-${var.net}-${var.env}" - count = "${var.create_resources}" - provider = "google-beta" + count = var.create_resources + provider = google-beta base_instance_name = "${var.name}-ig-${var.net}-${var.env}" - zone = "${var.zone}" + zone = var.zone target_size = 1 version { name = "original" - instance_template = "${google_compute_instance_template.blc.self_link}" + instance_template = google_compute_instance_template.blc[0].self_link } update_policy { @@ -25,13 +25,13 @@ resource "google_compute_instance_group_manager" "blc" { resource "google_compute_disk" "blc" { name = "${var.name}-data-${var.net}-${var.env}" type = "pd-standard" - image = "${data.google_compute_image.blc.self_link}" - zone = "${var.zone}" - count = "${var.create_resources}" + image = data.google_compute_image.blc[0].self_link + zone = var.zone + count = var.create_resources lifecycle { prevent_destroy = true - ignore_changes = ["image"] + ignore_changes = [image] } } @@ -39,14 +39,14 @@ resource "google_compute_disk" "blc" { resource "google_compute_instance_template" "blc" { name_prefix = "${var.name}-${var.net}-${var.env}-tmpl-" description = "This template is used to create ${var.name} ${var.net} ${var.env} instances." - machine_type = "${var.instance_type}" - region = "${var.region}" - count = "${var.create_resources}" + machine_type = var.instance_type + region = var.region + count = var.create_resources - labels { + labels = { type = "lightning-app" - name = "${var.name}" - net = "${var.net}" + name = var.name + net = var.net } scheduling { @@ -55,7 +55,7 @@ resource "google_compute_instance_template" "blc" { } disk { - source_image = "${var.boot_image}" + source_image = var.boot_image disk_type = "pd-ssd" auto_delete = true boot = true @@ -63,26 +63,26 @@ resource "google_compute_instance_template" "blc" { } disk { - source = "${google_compute_disk.blc.name}" + source = google_compute_disk.blc[0].name auto_delete = false device_name = "data" } network_interface { - network = "${data.google_compute_network.blc.self_link}" + network = data.google_compute_network.blc.self_link access_config { - nat_ip = "${google_compute_address.blc.address}" + nat_ip = google_compute_address.blc[0].address } } - metadata { + metadata = { google-logging-enabled = "true" - user-data = "${data.template_cloudinit_config.blc.rendered}" + user-data = data.template_cloudinit_config.blc[0].rendered } service_account { - email = "${google_service_account.blc.email}" + email = google_service_account.blc[0].email scopes = ["compute-ro", "storage-ro"] } @@ -90,3 +90,4 @@ resource "google_compute_instance_template" "blc" { create_before_destroy = true } } + diff --git a/terraform/modules/blc/network.tf b/terraform/modules/blc/network.tf index d142cb3..54b453f 100644 --- a/terraform/modules/blc/network.tf +++ b/terraform/modules/blc/network.tf @@ -1,8 +1,8 @@ resource "google_compute_address" "blc" { name = "${var.name}-${var.net}-external-ip-${var.env}-${count.index}" - project = "${var.project}" - region = "${var.region}" - count = "${var.create_resources}" + project = var.project + region = var.region + count = var.create_resources } # Backend service @@ -11,20 +11,20 @@ resource "google_compute_backend_service" "blc" { description = "Satellite API" protocol = "HTTP" port_name = "http" - timeout_sec = "${var.timeout}" - count = "${var.create_resources}" + timeout_sec = var.timeout + count = var.create_resources backend { - group = "${google_compute_instance_group_manager.blc.instance_group}" + group = google_compute_instance_group_manager.blc[0].instance_group } - health_checks = ["${google_compute_health_check.blc.self_link}"] + health_checks = [google_compute_health_check.blc[0].self_link] } # Health checks resource "google_compute_health_check" "blc" { name = "${var.name}-${var.net}-health-check-${var.env}" - count = "${var.create_resources}" + count = var.create_resources check_interval_sec = 5 timeout_sec = 3 @@ -33,3 +33,4 @@ resource "google_compute_health_check" "blc" { port = "80" } } + diff --git a/terraform/modules/blc/outputs.tf b/terraform/modules/blc/outputs.tf index ec63dda..f61b97c 100644 --- a/terraform/modules/blc/outputs.tf +++ b/terraform/modules/blc/outputs.tf @@ -1,3 +1,7 @@ output "backend_service" { - value = "${element(concat(google_compute_backend_service.blc.*.self_link, list("")), 0)}" + value = element( + concat(google_compute_backend_service.blc.*.self_link, [""]), + 0, + ) } + diff --git a/terraform/modules/blc/variables.tf b/terraform/modules/blc/variables.tf index 0e3b514..01d4648 100644 --- a/terraform/modules/blc/variables.tf +++ b/terraform/modules/blc/variables.tf @@ -1,97 +1,98 @@ variable "project" { - type = "string" + type = string default = "satellite-api" } variable "boot_image" { - type = "string" + type = string default = "cos-cloud/cos-stable" } variable "create_resources" { - type = "string" + type = string } variable "rpcuser" { - type = "string" + type = string } variable "rpcpass" { - type = "string" + type = string } variable "env" { - type = "string" + type = string } variable "name" { - type = "string" + type = string } variable "network" { - type = "string" + type = string } variable "region" { - type = "string" + type = string } variable "zone" { - type = "string" + type = string } variable "instance_type" { - type = "string" + type = string } variable "net" { - type = "string" + type = string } variable "ssl_cert" { - type = "list" + type = list } variable "host" { - type = "list" + type = list } variable "space_host" { - type = "string" + type = string } variable "timeout" { - type = "string" + type = string } variable "opsgenie_key" { - type = "string" + type = string } variable "prom_service_acct" { - type = "string" + type = string } variable "bitcoin_docker" { - type = "string" + type = string } variable "charge_docker" { - type = "string" + type = string } variable "lightning_docker" { - type = "string" + type = string } variable "ionosphere_docker" { - type = "string" + type = string } variable "ionosphere_sse_docker" { - type = "string" + type = string } variable "node_exporter_docker" { - type = "string" + type = string } + diff --git a/terraform/modules/dns/blockstream-space.tf b/terraform/modules/dns/blockstream-space.tf index b056c0a..3514859 100644 --- a/terraform/modules/dns/blockstream-space.tf +++ b/terraform/modules/dns/blockstream-space.tf @@ -2,8 +2,8 @@ resource "google_dns_managed_zone" "blockstream-space" { name = "blockstream-space" dns_name = "blockstream.space." description = "A long time ago, in a galaxy far, far away... P.S. Don't edit directly in Gcloud, but rather in the Satellite API repo (Otherwise, things break and Chase gets really mad)." - project = "${var.project}" - count = "${var.create_resources}" + project = var.project + count = var.create_resources labels = { managed-by = "terraform" @@ -11,31 +11,32 @@ resource "google_dns_managed_zone" "blockstream-space" { } resource "google_dns_record_set" "a-satellite" { - name = "${google_dns_managed_zone.blockstream-space.dns_name}" - managed_zone = "${google_dns_managed_zone.blockstream-space.name}" + name = google_dns_managed_zone.blockstream-space[0].dns_name + managed_zone = google_dns_managed_zone.blockstream-space[0].name type = "A" ttl = 300 - count = "${var.create_resources}" + count = var.create_resources - rrdatas = ["${var.satellite_lb}"] + rrdatas = [var.satellite_lb] } resource "google_dns_record_set" "a-satellite-api" { - name = "api.${google_dns_managed_zone.blockstream-space.dns_name}" - managed_zone = "${google_dns_managed_zone.blockstream-space.name}" + name = "api.${google_dns_managed_zone.blockstream-space[0].dns_name}" + managed_zone = google_dns_managed_zone.blockstream-space[0].name type = "A" ttl = 300 - count = "${var.create_resources}" + count = var.create_resources - rrdatas = ["${var.satellite_api_lb}"] + rrdatas = [var.satellite_api_lb] } resource "google_dns_record_set" "a-satellite-api-staging" { - name = "staging-api.${google_dns_managed_zone.blockstream-space.dns_name}" - managed_zone = "${google_dns_managed_zone.blockstream-space.name}" + name = "staging-api.${google_dns_managed_zone.blockstream-space[0].dns_name}" + managed_zone = google_dns_managed_zone.blockstream-space[0].name type = "A" ttl = 300 - count = "${var.create_resources}" + count = var.create_resources - rrdatas = ["${var.satellite_api_lb_staging}"] + rrdatas = [var.satellite_api_lb_staging] } + diff --git a/terraform/modules/dns/variables.tf b/terraform/modules/dns/variables.tf index 6f89845..31d3e2c 100644 --- a/terraform/modules/dns/variables.tf +++ b/terraform/modules/dns/variables.tf @@ -1,19 +1,20 @@ variable "project" { - type = "string" + type = string } variable "satellite_lb" { - type = "string" + type = string } variable "satellite_api_lb" { - type = "string" + type = string } variable "satellite_api_lb_staging" { - type = "string" + type = string } variable "create_resources" { - type = "string" + type = string } + diff --git a/terraform/modules/prometheus/data.tf b/terraform/modules/prometheus/data.tf index 959fe11..081ccea 100644 --- a/terraform/modules/prometheus/data.tf +++ b/terraform/modules/prometheus/data.tf @@ -1,15 +1,16 @@ data "google_compute_network" "default" { name = "default" + project = var.project } data "template_file" "prometheus" { - template = "${file("${path.module}/cloud-init/prometheus.yml")}" + template = file("${path.module}/cloud-init/prometheus.yml") - vars { - prom_docker = "${var.prom_docker}" - node_exporter_docker = "${var.node_exporter_docker}" - retention = "${var.retention}" - opsgenie_key = "${var.opsgenie_key}" + vars = { + prom_docker = var.prom_docker + node_exporter_docker = var.node_exporter_docker + retention = var.retention + opsgenie_key = var.opsgenie_key } } @@ -19,6 +20,7 @@ data "template_cloudinit_config" "prometheus" { part { content_type = "text/cloud-config" - content = "${data.template_file.prometheus.rendered}" + content = data.template_file.prometheus.rendered } } + diff --git a/terraform/modules/prometheus/firewall.tf b/terraform/modules/prometheus/firewall.tf index b384ec4..3863c32 100644 --- a/terraform/modules/prometheus/firewall.tf +++ b/terraform/modules/prometheus/firewall.tf @@ -1,8 +1,8 @@ resource "google_compute_firewall" "all-traffic" { name = "prometheus-${var.name}-all-traffic-access" - network = "${data.google_compute_network.default.self_link}" + network = data.google_compute_network.default.self_link - count = "${var.create_resources}" + count = var.create_resources allow { protocol = "tcp" @@ -12,6 +12,7 @@ resource "google_compute_firewall" "all-traffic" { source_ranges = ["${var.prom_allowed_source_ip}/32"] target_service_accounts = [ - "${google_service_account.prometheus.email}", + google_service_account.prometheus[0].email, ] } + diff --git a/terraform/modules/prometheus/iam.tf b/terraform/modules/prometheus/iam.tf index 8c7d689..f3208df 100644 --- a/terraform/modules/prometheus/iam.tf +++ b/terraform/modules/prometheus/iam.tf @@ -1,14 +1,15 @@ resource "google_service_account" "prometheus" { - account_id = "${var.name}" - display_name = "${var.name}" + account_id = var.name + display_name = var.name - count = "${var.create_resources}" + count = var.create_resources } resource "google_project_iam_member" "prometheus" { - project = "${var.project}" + project = var.project role = "roles/editor" - member = "serviceAccount:${google_service_account.prometheus.email}" + member = "serviceAccount:${google_service_account.prometheus[0].email}" - count = "${var.create_resources}" + count = var.create_resources } + diff --git a/terraform/modules/prometheus/main.tf b/terraform/modules/prometheus/main.tf index beec570..9d59e88 100644 --- a/terraform/modules/prometheus/main.tf +++ b/terraform/modules/prometheus/main.tf @@ -1,47 +1,47 @@ resource "google_compute_disk" "prometheus-data" { name = "${var.name}-data-disk" - project = "${var.project}" + project = var.project type = "pd-standard" - zone = "${var.zone}" + zone = var.zone size = "50" - count = "${var.create_resources}" + count = var.create_resources } resource "google_compute_address" "prometheus-address" { name = "${var.name}-address" - project = "${var.project}" - region = "${var.region}" - count = "${var.create_resources}" + project = var.project + region = var.region + count = var.create_resources } resource "google_compute_address" "prometheus-internal-address" { name = "${var.name}-internal-address" - project = "${var.project}" - region = "${var.region}" + project = var.project + region = var.region address_type = "INTERNAL" - count = "${var.create_resources}" + count = var.create_resources } locals { - service_account = "${terraform.workspace == "misc" ? element(concat(google_service_account.prometheus.*.email, list("")), 0) : var.prom_service_acct}" + service_account = terraform.workspace == "misc" ? element(concat(google_service_account.prometheus.*.email, [""]), 0) : var.prom_service_acct } resource "google_compute_instance" "prometheus-server" { - name = "${var.name}" - machine_type = "${var.instance_type}" - zone = "${var.zone}" - project = "${var.project}" + name = var.name + machine_type = var.instance_type + zone = var.zone + project = var.project allow_stopping_for_update = true - count = "${var.create_resources}" + count = var.create_resources - labels { + labels = { type = "prometheus" - name = "${var.name}" - network = "${var.network}" + name = var.name + network = var.network } service_account { - email = "${local.service_account}" + email = local.service_account scopes = [ "https://www.googleapis.com/auth/compute.readonly", @@ -53,25 +53,32 @@ resource "google_compute_instance" "prometheus-server" { boot_disk { initialize_params { size = "10" - image = "${var.boot_image}" + image = var.boot_image } } attached_disk { - source = "${element(google_compute_disk.prometheus-data.*.name, count.index)}" + source = element(google_compute_disk.prometheus-data.*.name, count.index) device_name = "data" } network_interface { - network = "${data.google_compute_network.default.self_link}" - network_ip = "${element(google_compute_address.prometheus-internal-address.*.address, count.index)}" + network = data.google_compute_network.default.self_link + network_ip = element( + google_compute_address.prometheus-internal-address.*.address, + count.index, + ) access_config { - nat_ip = "${element(google_compute_address.prometheus-address.*.address, count.index)}" + nat_ip = element( + google_compute_address.prometheus-address.*.address, + count.index, + ) } } - metadata { - "user-data" = "${data.template_cloudinit_config.prometheus.rendered}" + metadata = { + user-data = data.template_cloudinit_config.prometheus.rendered } } + diff --git a/terraform/modules/prometheus/outputs.tf b/terraform/modules/prometheus/outputs.tf index 24358f9..4b1cc96 100644 --- a/terraform/modules/prometheus/outputs.tf +++ b/terraform/modules/prometheus/outputs.tf @@ -1,3 +1,4 @@ output "prom_svc_acct" { - value = "${element(concat(google_service_account.prometheus.*.email, list("")), 0)}" + value = element(concat(google_service_account.prometheus.*.email, [""]), 0) } + diff --git a/terraform/modules/prometheus/variables.tf b/terraform/modules/prometheus/variables.tf index a9d7f0e..67c357f 100644 --- a/terraform/modules/prometheus/variables.tf +++ b/terraform/modules/prometheus/variables.tf @@ -1,58 +1,59 @@ variable "boot_image" { - type = "string" + type = string default = "cos-cloud/cos-stable" } variable "network" { - type = "string" + type = string default = "default" } variable "retention" { - type = "string" + type = string default = "31d" } variable "project" { - type = "string" + type = string } variable "name" { - type = "string" + type = string } variable "region" { - type = "string" + type = string } variable "zone" { - type = "string" + type = string } variable "instance_type" { - type = "string" + type = string } variable "create_resources" { - type = "string" + type = string } variable "prom_service_acct" { - type = "string" + type = string } variable "prom_allowed_source_ip" { - type = "string" + type = string } variable "opsgenie_key" { - type = "string" + type = string } variable "prom_docker" { - type = "string" + type = string } variable "node_exporter_docker" { - type = "string" + type = string } + diff --git a/terraform/modules/tor/data.tf b/terraform/modules/tor/data.tf index 94c76b1..f85e522 100644 --- a/terraform/modules/tor/data.tf +++ b/terraform/modules/tor/data.tf @@ -1,22 +1,22 @@ data "google_compute_network" "default" { name = "default" + project = var.project } data "template_file" "tor" { - template = "${file("${path.module}/cloud-init/tor.yaml")}" + template = file("${path.module}/cloud-init/tor.yaml") - vars { - tor_lb = "${var.tor_lb}" - v3_host = "${var.onion_host}" - v3_pk = "${file("${path.module}/v3.pk")}" - v3_pubk = "${file("${path.module}/v3.pubk")}" - - tor_docker = "${var.tor_docker}" - gcloud_docker = "${var.gcloud_docker}" - node_exporter_docker = "${var.node_exporter_docker}" - kms_key = "${var.kms_key}" - kms_key_ring = "${var.kms_key_ring}" - kms_location = "${var.region}" + vars = { + tor_lb = var.tor_lb + v3_host = var.onion_host + v3_pk = file("${path.module}/v3.pk") + v3_pubk = file("${path.module}/v3.pubk") + tor_docker = var.tor_docker + gcloud_docker = var.gcloud_docker + node_exporter_docker = var.node_exporter_docker + kms_key = var.kms_key + kms_key_ring = var.kms_key_ring + kms_location = var.region } } @@ -26,6 +26,7 @@ data "template_cloudinit_config" "tor" { part { content_type = "text/cloud-config" - content = "${data.template_file.tor.rendered}" + content = data.template_file.tor.rendered } } + diff --git a/terraform/modules/tor/firewall.tf b/terraform/modules/tor/firewall.tf index d06f020..88b06dc 100644 --- a/terraform/modules/tor/firewall.tf +++ b/terraform/modules/tor/firewall.tf @@ -1,8 +1,8 @@ resource "google_compute_firewall" "tor-healthcheck" { name = "${var.name}-healthcheck" - network = "${data.google_compute_network.default.self_link}" + network = data.google_compute_network.default.self_link - count = "${var.create_resources}" + count = var.create_resources allow { protocol = "tcp" @@ -12,15 +12,15 @@ resource "google_compute_firewall" "tor-healthcheck" { source_ranges = ["130.211.0.0/22", "35.191.0.0/16", "10.0.0.0/8"] target_service_accounts = [ - "${google_service_account.tor.email}", + google_service_account.tor[0].email, ] } resource "google_compute_firewall" "prom-traffic" { name = "${var.name}-prometheus-access" - network = "${data.google_compute_network.default.self_link}" + network = data.google_compute_network.default.self_link - count = "${var.create_resources}" + count = var.create_resources allow { protocol = "tcp" @@ -28,10 +28,11 @@ resource "google_compute_firewall" "prom-traffic" { } source_service_accounts = [ - "${var.prom_service_acct}", + var.prom_service_acct, ] target_service_accounts = [ - "${google_service_account.tor.email}", + google_service_account.tor[0].email, ] } + diff --git a/terraform/modules/tor/iam.tf b/terraform/modules/tor/iam.tf index 4ca5c03..8e8fa83 100644 --- a/terraform/modules/tor/iam.tf +++ b/terraform/modules/tor/iam.tf @@ -1,25 +1,26 @@ resource "google_service_account" "tor" { - account_id = "${var.name}" - display_name = "${var.name}" + account_id = var.name + display_name = var.name - count = "${var.create_resources}" + count = var.create_resources } resource "google_project_iam_member" "tor" { - project = "${var.project}" + project = var.project role = "roles/editor" - member = "serviceAccount:${google_service_account.tor.email}" + member = "serviceAccount:${google_service_account.tor[0].email}" - count = "${var.create_resources}" + count = var.create_resources } resource "google_kms_crypto_key_iam_binding" "crypto-key" { - crypto_key_id = "${var.kms_key_link}" + crypto_key_id = var.kms_key_link role = "roles/cloudkms.cryptoKeyDecrypter" - count = "${var.create_resources}" + count = var.create_resources members = [ - "serviceAccount:${google_service_account.tor.email}", + "serviceAccount:${google_service_account.tor[0].email}", ] } + diff --git a/terraform/modules/tor/main.tf b/terraform/modules/tor/main.tf index 27481fa..6967d86 100644 --- a/terraform/modules/tor/main.tf +++ b/terraform/modules/tor/main.tf @@ -3,7 +3,7 @@ resource "google_compute_health_check" "tor" { timeout_sec = 5 check_interval_sec = 10 - count = "${var.create_resources}" + count = var.create_resources tcp_health_check { port = "9050" @@ -12,16 +12,16 @@ resource "google_compute_health_check" "tor" { resource "google_compute_region_instance_group_manager" "tor" { name = "${var.name}-ig" - count = "${var.create_resources}" - provider = "google-beta" + count = var.create_resources + provider = google-beta - region = "${var.region}" - base_instance_name = "${var.name}" + region = var.region + base_instance_name = var.name target_size = 1 version { name = "original" - instance_template = "${google_compute_instance_template.tor.self_link}" + instance_template = google_compute_instance_template.tor[0].self_link } update_policy { @@ -36,17 +36,17 @@ resource "google_compute_region_instance_group_manager" "tor" { resource "google_compute_instance_template" "tor" { name_prefix = "${var.name}-template-" description = "This template is used to create ${var.name} instances." - machine_type = "${var.instance_type}" - count = "${var.create_resources}" + machine_type = var.instance_type + count = var.create_resources - labels { + labels = { type = "tor" - name = "${var.name}" - network = "${var.network}" + name = var.name + network = var.network } disk { - source_image = "${var.boot_image}" + source_image = var.boot_image boot = true auto_delete = true disk_type = "pd-ssd" @@ -55,18 +55,19 @@ resource "google_compute_instance_template" "tor" { } network_interface { - network = "${data.google_compute_network.default.self_link}" + network = data.google_compute_network.default.self_link - access_config {} + access_config { + } } - metadata { + metadata = { google-logging-enabled = "true" - "user-data" = "${data.template_cloudinit_config.tor.rendered}" + user-data = data.template_cloudinit_config.tor.rendered } service_account { - email = "${google_service_account.tor.email}" + email = google_service_account.tor[0].email scopes = [ "https://www.googleapis.com/auth/cloudkms", @@ -79,3 +80,4 @@ resource "google_compute_instance_template" "tor" { create_before_destroy = true } } + diff --git a/terraform/modules/tor/variables.tf b/terraform/modules/tor/variables.tf index eeb8e50..ccc94ca 100644 --- a/terraform/modules/tor/variables.tf +++ b/terraform/modules/tor/variables.tf @@ -1,70 +1,71 @@ variable "boot_image" { - type = "string" + type = string default = "cos-cloud/cos-stable" } variable "region" { - type = "string" + type = string } variable "project" { - type = "string" + type = string } variable "name" { - type = "string" + type = string } variable "network" { - type = "string" + type = string default = "default" } variable "zone" { - type = "string" + type = string } variable "instance_type" { - type = "string" + type = string } variable "tor_lb" { - type = "string" + type = string } variable "onion_host" { - type = "string" + type = string } variable "create_resources" { - type = "string" + type = string } variable "prom_service_acct" { - type = "string" + type = string } variable "kms_key_link" { - type = "string" + type = string } variable "kms_key" { - type = "string" + type = string } variable "kms_key_ring" { - type = "string" + type = string default = "" } variable "tor_docker" { - type = "string" + type = string } variable "node_exporter_docker" { - type = "string" + type = string } variable "gcloud_docker" { - type = "string" + type = string } + diff --git a/terraform/network-tor.tf b/terraform/network-tor.tf index 7789165..8a22284 100644 --- a/terraform/network-tor.tf +++ b/terraform/network-tor.tf @@ -1,31 +1,31 @@ resource "google_compute_global_address" "tor-lb" { name = "${var.name}-lb" - project = "${var.project}" - count = "${local.create_misc}" + project = var.project + count = local.create_misc } resource "google_compute_global_forwarding_rule" "tor-rule" { name = "${var.name}-forwarding-rule" - target = "${google_compute_target_http_proxy.tor-proxy.self_link}" + target = google_compute_target_http_proxy.tor-proxy[0].self_link port_range = "80" ip_protocol = "TCP" - ip_address = "${google_compute_global_address.tor-lb.address}" + ip_address = google_compute_global_address.tor-lb[0].address - count = "${local.create_misc}" + count = local.create_misc } resource "google_compute_target_http_proxy" "tor-proxy" { name = "${var.name}-http-proxy" - url_map = "${google_compute_url_map.tor-proxy.self_link}" + url_map = google_compute_url_map.tor-proxy[0].self_link - count = "${local.create_misc}" + count = local.create_misc } resource "google_compute_url_map" "tor-proxy" { name = "${var.name}-urlmap" - default_service = "${google_compute_backend_bucket.tor_deadhole_backend.self_link}" + default_service = google_compute_backend_bucket.tor_deadhole_backend[0].self_link - count = "${local.create_misc}" + count = local.create_misc host_rule { hosts = ["*"] @@ -34,43 +34,43 @@ resource "google_compute_url_map" "tor-proxy" { path_matcher { name = "deadpaths" - default_service = "${google_compute_backend_bucket.tor_deadhole_backend.self_link}" + default_service = google_compute_backend_bucket.tor_deadhole_backend[0].self_link path_rule { paths = ["/*"] - service = "${google_compute_backend_bucket.tor_deadhole_backend.self_link}" + service = google_compute_backend_bucket.tor_deadhole_backend[0].self_link } } host_rule { - hosts = ["${var.onion_host}"] + hosts = [var.onion_host] path_matcher = "allpaths" } path_matcher { name = "allpaths" - default_service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" + default_service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet path_rule { paths = ["/*"] - service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" + service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet } path_rule { paths = ["/testnet", "/testnet/*"] - service = "${data.terraform_remote_state.blc-testnet.blc_backend_service_testnet}" + service = data.terraform_remote_state.blc-testnet.outputs.blc_backend_service_testnet } } test { - service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" - host = "${var.onion_host}" + service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet + host = var.onion_host path = "/queue.html" } test { - service = "${google_compute_backend_bucket.tor_deadhole_backend.self_link}" - host = "${google_compute_global_address.tor-lb.address}" + service = google_compute_backend_bucket.tor_deadhole_backend[0].self_link + host = google_compute_global_address.tor-lb[0].address path = "/*" } } @@ -78,15 +78,16 @@ resource "google_compute_url_map" "tor-proxy" { resource "google_compute_backend_bucket" "tor_deadhole_backend" { name = "${var.name}-deadhole-backend-bucket" description = "Unmatched hosts end up in this deadhole" - bucket_name = "${google_storage_bucket.tor_deadhole.name}" + bucket_name = google_storage_bucket.tor_deadhole[0].name enable_cdn = false - count = "${local.create_misc}" + count = local.create_misc } resource "google_storage_bucket" "tor_deadhole" { name = "${var.name}-deadhole-bucket" location = "US" - count = "${local.create_misc}" + count = local.create_misc } + diff --git a/terraform/network.tf b/terraform/network.tf index 0e53421..23960c6 100644 --- a/terraform/network.tf +++ b/terraform/network.tf @@ -1,92 +1,93 @@ # IP address resource "google_compute_global_address" "lb" { name = "satellite-api-client-lb-${local.env}" - project = "${var.project}" - count = "${local.create_mainnet}" + project = var.project + count = local.create_mainnet } # Forwarding rules resource "google_compute_global_forwarding_rule" "rule-https" { name = "satellite-api-https-forwarding-rule-${local.env}" - target = "${google_compute_target_https_proxy.https-proxy.self_link}" + target = google_compute_target_https_proxy.https-proxy[0].self_link port_range = "443" ip_protocol = "TCP" - ip_address = "${google_compute_global_address.lb.address}" - count = "${local.create_mainnet}" + ip_address = google_compute_global_address.lb[0].address + count = local.create_mainnet } resource "google_compute_global_forwarding_rule" "rule-http" { name = "satellite-api-http-forwarding-rule-${local.env}" - target = "${google_compute_target_http_proxy.http-proxy.self_link}" + target = google_compute_target_http_proxy.http-proxy[0].self_link port_range = "80" ip_protocol = "TCP" - ip_address = "${google_compute_global_address.lb.address}" - count = "${local.create_mainnet}" + ip_address = google_compute_global_address.lb[0].address + count = local.create_mainnet } # Target proxies resource "google_compute_target_http_proxy" "http-proxy" { name = "satellite-api-http-proxy-${local.env}" - url_map = "${google_compute_url_map.http.self_link}" - count = "${local.create_mainnet}" + url_map = google_compute_url_map.http[0].self_link + count = local.create_mainnet } resource "google_compute_target_https_proxy" "https-proxy" { name = "satellite-api-https-proxy-${local.env}" - url_map = "${google_compute_url_map.https.self_link}" - ssl_certificates = ["${var.ssl_cert}"] - count = "${local.create_mainnet}" + url_map = google_compute_url_map.https[0].self_link + ssl_certificates = var.ssl_cert + count = local.create_mainnet } # URL maps resource "google_compute_url_map" "http" { name = "satellite-api-http-urlmap-${local.env}" - default_service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" - count = "${local.create_mainnet}" + default_service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet + count = local.create_mainnet host_rule { - hosts = ["${var.host}"] + hosts = var.host path_matcher = "allpaths" } path_matcher { name = "allpaths" - default_service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" + default_service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet path_rule { paths = ["/*"] - service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" + service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet } path_rule { paths = ["/testnet", "/testnet/*", "/api", "/api/*"] - service = "${data.terraform_remote_state.blc-testnet.blc_backend_service_testnet}" + service = data.terraform_remote_state.blc-testnet.outputs.blc_backend_service_testnet } } } resource "google_compute_url_map" "https" { name = "satellite-api-https-urlmap-${local.env}" - default_service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" - count = "${local.create_mainnet}" + default_service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet + count = local.create_mainnet host_rule { - hosts = ["${var.host}"] + hosts = var.host path_matcher = "allpaths" } path_matcher { name = "allpaths" - default_service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" + default_service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet path_rule { paths = ["/*"] - service = "${data.terraform_remote_state.blc-mainnet.blc_backend_service_mainnet}" + service = data.terraform_remote_state.blc-mainnet.outputs.blc_backend_service_mainnet } path_rule { paths = ["/testnet", "/testnet/*", "/api", "/api/*"] - service = "${data.terraform_remote_state.blc-testnet.blc_backend_service_testnet}" + service = data.terraform_remote_state.blc-testnet.outputs.blc_backend_service_testnet } } } + diff --git a/terraform/outputs.tf b/terraform/outputs.tf index 3c49e5a..c636f29 100644 --- a/terraform/outputs.tf +++ b/terraform/outputs.tf @@ -1,12 +1,13 @@ # Production only (tor) output "blc_backend_service_testnet" { - value = "${module.blc-testnet.backend_service}" + value = module.blc-testnet.backend_service } output "blc_backend_service_mainnet" { - value = "${module.blc-mainnet.backend_service}" + value = module.blc-mainnet.backend_service } output "prom_svc_acct" { - value = "${module.prometheus.prom_svc_acct}" + value = module.prometheus.prom_svc_acct } + diff --git a/terraform/variables.tf b/terraform/variables.tf index fd3a07f..a0911f8 100644 --- a/terraform/variables.tf +++ b/terraform/variables.tf @@ -6,28 +6,24 @@ locals { create_testnet = 0 create_misc = 0 } - "prod" = { env = "prod" create_mainnet = 1 create_testnet = 0 create_misc = 0 } - "testnet-staging" = { env = "staging" create_mainnet = 0 create_testnet = 1 create_misc = 0 } - "testnet-prod" = { env = "prod" create_mainnet = 0 create_testnet = 1 create_misc = 0 } - "misc" = { env = "" create_mainnet = 0 @@ -36,150 +32,151 @@ locals { } } - env = "${lookup(local.context_variables[terraform.workspace], "env")}" - create_mainnet = "${lookup(local.context_variables[terraform.workspace], "create_mainnet")}" - create_testnet = "${lookup(local.context_variables[terraform.workspace], "create_testnet")}" - create_misc = "${lookup(local.context_variables[terraform.workspace], "create_misc")}" + env = local.context_variables[terraform.workspace]["env"] + create_mainnet = local.context_variables[terraform.workspace]["create_mainnet"] + create_testnet = local.context_variables[terraform.workspace]["create_testnet"] + create_misc = local.context_variables[terraform.workspace]["create_misc"] } variable "project" { - type = "string" + type = string default = "satellite-api" } variable "name" { - type = "string" + type = string default = "satapi-tor" } variable "create_resources" { - type = "string" + type = string default = "" } variable "ssl_cert" { - type = "list" + type = list(string) default = ["", ""] } variable "rpcuser" { - type = "string" + type = string default = "" } variable "rpcpass" { - type = "string" + type = string default = "" } variable "host" { - type = "list" + type = list(string) default = ["", ""] } variable "space_host" { - type = "string" + type = string default = "" } variable "onion_host" { - type = "string" + type = string default = "" } variable "region" { - type = "string" + type = string default = "" } variable "zone" { - type = "string" + type = string default = "" } variable "instance_type" { - type = "list" + type = list(string) default = ["", "", ""] } variable "timeout" { - type = "string" + type = string default = 15 } variable "prom_service_acct" { - type = "string" + type = string default = "" } variable "prom_allowed_source_ip" { - type = "string" + type = string default = "" } variable "opsgenie_key" { - type = "string" + type = string default = "" } variable "satellite_lb" { - type = "string" + type = string default = "" } variable "satellite_api_lb" { - type = "string" + type = string default = "" } variable "satellite_api_lb_staging" { - type = "string" + type = string default = "" } # Overwritten by CI variable "ionosphere_docker" { - type = "string" + type = string default = "" } variable "ionosphere_sse_docker" { - type = "string" + type = string default = "" } # Less frequently updated images variable "bitcoin_docker" { - type = "string" + type = string default = "blockstream/bitcoind@sha256:91ba0790a0080a99a529e73ef9b14e2d6cf0a30f81d54bfa3729bb47b105b36c" } variable "lightning_docker" { - type = "string" + type = string default = "blockstream/lightningd@sha256:b577dcb8d00ec4bc340884a26f5dfffb7be25dcc4ece48b7e465b3238944ec2c" } variable "charge_docker" { - type = "string" + type = string default = "blockstream/charged@sha256:0d49c1202b8b718b5a93f7e82509d3d724f9d18ff6c14376347f67866ac47ff8" } variable "tor_docker" { - type = "string" + type = string default = "blockstream/tor@sha256:f4d1373cde79fd79b467d2d6da88e37b0da137924bc10ae2d51a83c686c2c125" } variable "node_exporter_docker" { - type = "string" + type = string default = "prom/node-exporter@sha256:55302581333c43d540db0e144cf9e7735423117a733cdec27716d87254221086" } variable "prom_docker" { - type = "string" + type = string default = "blockstream/prometheus@sha256:cab8c2359ab187aa6c9e9c7fcfcc3060b62742417030a77862c747e091d3c6d6" } variable "gcloud_docker" { - type = "string" + type = string default = "google/cloud-sdk@sha256:78e68a98c5d6aa36eca45099bae38a1544a1688fd16b506fb914a29fdf6e4afa" } +