terraform-digitalocean-droplets-ubuntu
Visit siteUse Terraform with default variables to create Digital Ocean Droplets.
Terraform for Digital Ocean Droplet(s)
Purpose
This repo contains terraform code and default variables that allow one to create Digital Ocean Droplet(s) with ease.
About
- All arguments for the
digitalocean_dropletTerraform resource are enumerated inmain.tfandvariables.tf.tagsandvolume_idsare commented out for first-time ease. - All available outputs will be printed upon completion of
terraform apply.
Provisioners file and remote-exec are used to:
- Overwrite
/etc/sysctl.confwith a web-server optimized and kernel-hardened parameters. - Add a new user according to the
ssh_uservariable. - Add this user to the
admingroup. - Modify
/etc/sudoersso that theadmingroup can executesudowithout a password. - Add local
authorized_keysfile tossh_user’s.sshdirectory. - Modify
/etc/ssh/sshd_configto disallowrootuser login and allowPubkeyAuthentication.
Requirements
- Terraform, obiously.
- A token for Digital Ocean that can
write.
Required Variables
As long as these variables are provided, the defaults are to create one droplet in the sfo2 region with IPv6, monitoring, and private networking enabled.
do_token: (string) Digital Ocean API Token.ssh_user: (string) Name of user that will be allowed passwordless sudo and ssh access.ssh_key_path: (string) path on local machine to SSH private key.vm_ssh_key_ids: (list) ID(s) of SSH Key ID’s according to Digital Ocean. If providing over CLI, be wary of the data type. For example:
var.vm_ssh_key_ids
Enter a value: [25435191]
Prelude
Export your Digital Ocean API key:
export DIGITALOCEAN_TOKEN='YOUR_TOKEN_HERE'
Note: Piping to jq required only for pretty-printing JSON response
Usage
terraform plan
terraform apply
Useful Commands
export TF_LOG_='DEBUG' && \
export TF_LOG_PATH='tf.log'
Get Droplet Sizes
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer ${DIGITALOCEAN_TOKEN}" "https://api.digitalocean.com/v2/sizes?page=1" | jq
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer ${DIGITALOCEAN_TOKEN}" "https://api.digitalocean.com/v2/sizes?page=2" | jq
Note: Multi-page responses
Locating your SSH Key ID(s)
If you want SSH keys already associated with your Digital Ocean account to be set on the Droplets, you first need to get the ID(s) of the key(s) according to Digital Ocean.
- Use cURL to list keys and their IDs:
curl -H "Content-Type: application/json" -H "Authorization: Bearer ${DIGITALOCEAN_TOKEN}" "https://api.digitalocean.com/v2/account/keys" | jq
- Use the desired Key ID from this output as the value(s) for the
vm_ssh_key_idsvariable.
References
by: Andrew AadlandSeptember 17, 2018Visit site
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Publish your Tool on Community
Have you created an Integration, API Wrapper, Service, or other Tool that helps developers build on DigitalOcean? Help users find it by listing it in Community Tools.
Get our biweekly newsletter
Sign up for Infrastructure as a Newsletter.
Hollie's Hub for Good
Working on improving health and education, reducing inequality, and spurring economic growth? We'd like to help.
Become a contributor
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
