diff --git a/main.tf b/main.tf index 184a993..ef1a347 100644 --- a/main.tf +++ b/main.tf @@ -11,9 +11,13 @@ module "network" { module "backend" { source = "./modules/backend" - startup_script = module.network.startup_script + sa_email = "example@project-id.iam.gserviceaccount.com" + image_name = "backend-image" + project_id = var.project_id + region = var.region } + module "nat_gateway" { source = "./modules/network/nat_gateway" network_name = module.network.network_name diff --git a/modules/backend/main.tf b/modules/backend/main.tf index d01e39d..82455b3 100644 --- a/modules/backend/main.tf +++ b/modules/backend/main.tf @@ -1,56 +1,26 @@ -terraform { - required_providers { - google = { - source = "hashicorp/google" - version = "~> 3.5.0" - } - } -} +# modules/backend/main.tf -provider "google" { - project = var.project_id - region = var.region +variable "project_id" {} +variable "region" {} + +module "network" { + source = "../network" } resource "google_compute_instance" "backend" { name = "backend" - machine_type = "n1-standard-1" - tags = ["backend"] + machine_type = "f1-micro" + zone = "${var.region}-b" boot_disk { initialize_params { - image = var.image_name + image = "debian-cloud/debian-9" } } - metadata_startup_script = file("${path.module}/startup-script.sh") - network_interface { - network = google_compute_network.backend_network.self_link - access_config { - // Allocate a one-to-one NAT IP to allow SSH and HTTP access - } + network = module.network.network_name } - service_account { - email = var.sa_email - scopes = ["userinfo-email", "compute-ro", "storage-ro"] - } -} - -resource "google_compute_firewall" "backend_firewall" { - name = "allow-backend-internal" - network = google_compute_network.backend_network.self_link - - allow { - protocol = "tcp" - ports = ["8081-8082"] - } - - source_tags = ["backend"] - target_tags = ["backend"] -} - -output "backend_ip" { - value = google_compute_instance.backend.network_interface[0].access_config[0].nat_ip + metadata_startup_script = module.network.startup_script }