148 lines
3.2 KiB
HCL
148 lines
3.2 KiB
HCL
terraform {
|
|
required_version = ">= 1.5"
|
|
|
|
required_providers {
|
|
google = {
|
|
source = "hashicorp/google"
|
|
version = "~> 5.0"
|
|
}
|
|
random = {
|
|
source = "hashicorp/random"
|
|
version = "~> 3.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "google" {
|
|
project = var.project_id
|
|
region = var.region
|
|
zone = var.zone
|
|
}
|
|
|
|
# --- Auto-generated secrets ---
|
|
|
|
resource "random_password" "jwt_secret" {
|
|
length = 48
|
|
special = false
|
|
}
|
|
|
|
# --- Network ---
|
|
|
|
resource "google_compute_firewall" "data_analyst" {
|
|
name = "${var.instance_name}-allow-web"
|
|
network = "default"
|
|
|
|
allow {
|
|
protocol = "tcp"
|
|
ports = ["22", "80", "443", "8000"]
|
|
}
|
|
|
|
source_ranges = ["0.0.0.0/0"]
|
|
target_tags = [var.instance_name]
|
|
}
|
|
|
|
# --- Static IP ---
|
|
|
|
resource "google_compute_address" "data_analyst" {
|
|
name = "${var.instance_name}-ip"
|
|
region = var.region
|
|
}
|
|
|
|
# --- Startup script ---
|
|
|
|
locals {
|
|
startup_script = <<-SCRIPT
|
|
#!/bin/bash
|
|
set -euo pipefail
|
|
exec > /var/log/startup.log 2>&1
|
|
|
|
echo "=== Installing Docker ==="
|
|
if ! command -v docker &> /dev/null; then
|
|
curl -fsSL https://get.docker.com | sh
|
|
usermod -aG docker ${var.ssh_user}
|
|
fi
|
|
|
|
# Install docker compose plugin
|
|
if ! docker compose version &> /dev/null; then
|
|
apt-get update && apt-get install -y docker-compose-plugin
|
|
fi
|
|
|
|
echo "=== Cloning repository ==="
|
|
APP_DIR="/opt/data-analyst"
|
|
if [ ! -d "$APP_DIR" ]; then
|
|
git clone https://github.com/padak/tmp_oss.git "$APP_DIR"
|
|
cd "$APP_DIR"
|
|
git checkout feature/v2-fastapi-duckdb-docker-cli
|
|
else
|
|
cd "$APP_DIR"
|
|
git pull origin feature/v2-fastapi-duckdb-docker-cli || true
|
|
fi
|
|
|
|
echo "=== Creating .env ==="
|
|
cat > "$APP_DIR/.env" << 'ENVEOF'
|
|
JWT_SECRET_KEY=${random_password.jwt_secret.result}
|
|
DATA_DIR=/data
|
|
DATA_SOURCE=${var.keboola_token != "" ? "keboola" : "local"}
|
|
KEBOOLA_STORAGE_TOKEN=${var.keboola_token}
|
|
KEBOOLA_STACK_URL=${var.keboola_stack_url}
|
|
KEBOOLA_PROJECT_ID=${var.keboola_project_id}
|
|
LOG_LEVEL=info
|
|
ENVEOF
|
|
# Strip leading whitespace from heredoc
|
|
sed -i 's/^ //' "$APP_DIR/.env"
|
|
chmod 600 "$APP_DIR/.env"
|
|
|
|
echo "=== Creating data directory ==="
|
|
mkdir -p /data/state /data/analytics /data/src_data/parquet
|
|
chown -R 1000:1000 /data
|
|
|
|
echo "=== Starting Docker Compose ==="
|
|
cd "$APP_DIR"
|
|
docker compose pull 2>/dev/null || true
|
|
docker compose build
|
|
docker compose up -d
|
|
|
|
echo "=== Startup complete ==="
|
|
docker compose ps
|
|
SCRIPT
|
|
}
|
|
|
|
# --- VM Instance ---
|
|
|
|
resource "google_compute_instance" "data_analyst" {
|
|
name = var.instance_name
|
|
machine_type = var.machine_type
|
|
zone = var.zone
|
|
|
|
tags = [var.instance_name]
|
|
|
|
boot_disk {
|
|
initialize_params {
|
|
image = "ubuntu-os-cloud/ubuntu-2404-lts-amd64"
|
|
size = var.disk_size_gb
|
|
type = "pd-ssd"
|
|
}
|
|
}
|
|
|
|
network_interface {
|
|
network = "default"
|
|
access_config {
|
|
nat_ip = google_compute_address.data_analyst.address
|
|
}
|
|
}
|
|
|
|
metadata = {
|
|
ssh-keys = "${var.ssh_user}:${file(pathexpand(var.ssh_public_key_path))}"
|
|
}
|
|
|
|
metadata_startup_script = local.startup_script
|
|
|
|
service_account {
|
|
scopes = ["cloud-platform"]
|
|
}
|
|
|
|
labels = {
|
|
app = "data-analyst"
|
|
managed = "terraform"
|
|
}
|
|
}
|