ecs-fargate-wordpress-rds-terraform added

cloud-run-v2-wordpress-sql-terraform added
gitignore added

Author: imjaspreet

.gitignore

@@ -1,34 +1 @@
-# Local .terraform directories
-**/.terraform/*
-
-# .tfstate files
-*.tfstate
-*.tfstate.*
-
-# Crash log files
-crash.log
-crash.*.log
-
-# Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
-# to change depending on the environment.
-*.tfvars
-*.tfvars.json
-
-# Ignore override files as they are usually used to override resources locally and so
-# are not checked in
-override.tf
-override.tf.json
-*_override.tf
-*_override.tf.json
-
-# Include override files you do wish to add to version control using negated pattern
-# !example_override.tf
-
-# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
-# example: *tfplan*
-
-# Ignore CLI configuration files
-.terraformrc
-terraform.rc
+cloud-run-v2-wordpress-sql-terraform/gcp_key.json

.terraform.lock.hcl

@@ -0,0 +1,93 @@
+resource "google_project_service" "compute" {
+    project = var.project_id
+    service = "compute.googleapis.com"
+
+    timeouts {
+        create = "30m"
+        update = "40m"
+    }
+    lifecycle {
+        ignore_changes = [service]
+    }
+    disable_dependent_services = true
+    disable_on_destroy         = false
+}
+
+resource "google_project_service" "service_networking" {
+    project = var.project_id
+    service = "servicenetworking.googleapis.com"
+
+    timeouts {
+        create = "30m"
+        update = "40m"
+    }
+    lifecycle {
+      ignore_changes = [service]
+    }
+    disable_dependent_services = true
+    disable_on_destroy         = false
+}
+
+resource "google_project_service" "sql_admin" {
+    project = var.project_id
+    service = "sqladmin.googleapis.com"
+
+    timeouts {
+        create = "30m"
+        update = "40m"
+    }
+    lifecycle {
+      ignore_changes = [service]
+    }
+    disable_dependent_services = true
+    disable_on_destroy         = false
+}
+
+resource "google_project_service" "cloud_run" {
+    project = var.project_id
+    service = "run.googleapis.com"
+
+    timeouts {
+        create = "30m"
+        update = "40m"
+    }
+
+    lifecycle {
+        ignore_changes = [service]
+    }
+
+    disable_dependent_services = true
+    disable_on_destroy         = false
+}
+
+resource "google_project_service" "cloud_sql" {
+    project = var.project_id
+    service = "sql-component.googleapis.com"
+
+    timeouts {
+        create = "30m"
+        update = "40m"
+    }
+
+    lifecycle {
+        ignore_changes = [service]
+    }
+    disable_dependent_services = true
+    disable_on_destroy         = false
+}
+
+resource "google_project_service" "vpc_access" {
+    project = var.project_id
+    service = "vpcaccess.googleapis.com"
+
+    timeouts {
+          create = "30m"
+          update = "40m"
+    }
+
+    lifecycle {
+      ignore_changes = [service]
+    }
+    disable_dependent_services = true
+    disable_on_destroy         = false
+}

cloud-run-v2-wordpress-sql-terraform/compute.tf

@@ -0,0 +1,79 @@
+# private zone
+resource "google_compute_global_address" "private_ip_address" {
+    provider = google-beta
+
+    name          = "private-sql-range"
+    purpose       = "VPC_PEERING"
+    address_type  = "INTERNAL"
+    prefix_length = 24
+    network       = google_compute_network.vpc.id
+}
+
+# private peering
+resource "google_service_networking_connection" "private_vpc_connection" {
+    provider = google-beta
+
+    network                 = google_compute_network.vpc.id
+    service                 = "servicenetworking.googleapis.com"
+    reserved_peering_ranges = [google_compute_global_address.private_ip_address.name]
+
+    depends_on = [google_project_service.service_networking, google_compute_network.vpc]
+    
+    deletion_policy = "ABANDON"
+}
+
+# create random suffix for database
+# the name can be reserve until 15 days after removed
+resource "random_id" "db_name_suffix" {
+    byte_length = 4
+}
+
+# instance cloudsql
+resource "google_sql_database_instance" "sql_db_instance" {
+    provider = google-beta
+
+    name             = "wordpress-mysql-${random_id.db_name_suffix.hex}"
+    database_version = var.cloud_sql_version
+    region           = var.region
+    deletion_protection = false
+
+    settings {
+        tier      = var.cloud_sql_tier
+        disk_size = var.cloud_sql_size
+        
+        ip_configuration {
+            ipv4_enabled    = false
+            require_ssl     = false
+            private_network = google_compute_network.vpc.id
+
+            # authorized_networks {
+            #     name  = "allow-all"
+            #     value = "0.0.0.0/0" # Allow access from all IP addresses (not recommended for production)
+            # }
+        }
+
+        backup_configuration {
+            binary_log_enabled = false
+            enabled            = false
+        }
+    }
+
+    depends_on = [google_project_service.sql_admin, google_service_networking_connection.private_vpc_connection]
+}
+
+# databases
+resource "google_sql_database" "sql_db" {
+    name     = var.cloud_sql_database
+    instance = google_sql_database_instance.sql_db_instance.name
+
+    depends_on = [google_sql_database_instance.sql_db_instance]
+}
+
+# users
+resource "google_sql_user" "sql_user" {
+    name       = var.cloud_sql_user
+    instance   = google_sql_database_instance.sql_db_instance.name
+    password   = var.cloud_sql_password
+    
+    depends_on = [google_sql_database_instance.sql_db_instance]
+}

cloud-run-v2-wordpress-sql-terraform/database.tf

@@ -0,0 +1,20 @@
+terraform {
+    required_providers {
+        google = {
+            source  = "hashicorp/google"
+            version = "~> 5.21.0"
+        }
+    } 
+}
+
+provider "google" {
+    credentials = file("gcp_key.json")
+    project     = var.project_id
+    region      = var.region
+}
+
+provider "google-beta" {
+    credentials = file("gcp_key.json")
+    project     = var.project_id
+    region = var.region
+}

cloud-run-v2-wordpress-sql-terraform/google.tf

@@ -0,0 +1,29 @@
+# vpc values
+output "vpc" {
+  value = google_compute_network.vpc.id
+}
+
+# private subnet values
+output "subnet-private" {
+  value = google_compute_subnetwork.subnet_public_wp_tf.id
+}
+
+# public subnet values
+output "subnet-public" {
+  value = google_compute_subnetwork.subnet_private_wp_tf.id
+}
+
+# firewall values
+output "firewall-common" {
+  value = google_compute_firewall.common.id
+}
+
+# Database values
+output "database" {
+  value = google_sql_database_instance.sql_db_instance.ip_address
+}
+
+# Output Cloud Run service URL
+output "wordpress_url" {
+  value = google_cloud_run_v2_service.wordpress_service.uri
+}

cloud-run-v2-wordpress-sql-terraform/outputs.tf

@@ -0,0 +1,45 @@
+variable "region" {
+  type    = string
+  default = "us-east1"
+}
+
+variable "project_id" {
+  type = string
+  default = "sharp-unfolding-417703"
+}
+
+// VPC
+variable "subnet_public_cidr_block" {
+  description = "Public Subnet WP"
+  default     = "10.0.1.0/28"
+}
+
+variable "subnet_private_cidr_block" {
+  description = "Private Subnet WP"
+  default     = "10.0.2.0/28"
+}
+
+# Database
+variable "cloud_sql_version" {
+  default = "MYSQL_8_0"
+}
+
+variable "cloud_sql_tier" {
+  default = "db-f1-micro"
+}
+
+variable "cloud_sql_size" {
+  default = 10
+}
+
+variable "cloud_sql_user" {
+  default = "wordpress"
+}
+
+variable "cloud_sql_password" {
+  default = "Qwerty1234@"
+}
+
+variable "cloud_sql_database" {
+  default = "wp-db-tf"
+}