A very basic module to help deploy a reverse proxy.
Packages required are:
- Ubuntu18 or 20 AMI
- Nginx
This module will:
- Configure Nginx on boot.
- Setup DNS entries for the reverse proxy using the partner_resid.
_A current limitation of this approach might be that a reboot of the instance won't be handled by Route53._
Usage:
module "reverse-proxy" {
source = "./modules/reverse-proxy"
target_ip = aws_instance.default.private_ip
instance_hostname = "webterm-${var.partner_resid}"
instance_alias = var.partner_resid
instance_key_name = "booboo"
instance_subnet_id = random_shuffle.subnet.result[0]
instance_security_groups = [aws_security_group.public.id]
instance_route53_zone_id = data.aws_route53_zone.selected.zone_id
instance_domain = local.instance_domain
tags = local.tags
}
No requirements.
| Name | Version |
|---|---|
| aws | n/a |
| template | n/a |
No modules.
| Name | Type |
|---|---|
| aws_instance.default | resource |
| aws_route53_record.default | resource |
| aws_security_group.this | resource |
| aws_security_group_rule.target | resource |
| aws_ami.default | data source |
| aws_caller_identity.current | data source |
| aws_route53_zone.instance | data source |
| template_file.init | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| ami_version_filter | The filter for locating the ami to run (e.g. reverse-proxy2-) | string |
"master-*" |
no |
| datadog_enabled | Enable/Disable Datadog agent | bool |
false |
no |
| desktop_enabled | This will enabled the proxy config to use Gucamole -> VNC -> Desktop presentation layer | bool |
false |
no |
| environment | Environment | string |
n/a | yes |
| instance_domain | The actual name of the domain, ie e.exams.com. | any |
n/a | yes |
| instance_domain_zone_id | The Route53 zone where a DNS entry will be created for accessing the instance. | any |
n/a | yes |
| instance_hostname | The preferred hostname of the reverse proxy node, will have instance_domain appeneded. | any |
n/a | yes |
| instance_key_name | The key used to access the AWS instance. | string |
null |
no |
| instance_profile | The AWS EC2 instance profile ARN to use to the instance. | string |
n/a | yes |
| instance_security_groups | A list of security groups applied to the reverse proxy EC2 instance. | list |
[] |
no |
| instance_subnet_id | The VPC subnet the instance will be deployed too. | any |
n/a | yes |
| instance_type | The EC2 instance type | string |
"t3.micro" |
no |
| instance_vpc_id | The VPC where the reverse proxy instance will be deployed. | any |
n/a | yes |
| monitoring | If true, the launched EC2 instance will have detailed monitoring enabled | bool |
false |
no |
| partner_resid | The reservation PARTNER_RESID | string |
n/a | yes |
| ssm_ssl_path | SSM Base path for Nginx SSL files | string |
"/LF/Certification/reverse-proxy/SSL" |
no |
| tags | A map of tags to apply to all resources created by this module. | map |
n/a | yes |
| target_ip | The IP of the node hosting the terminal or IDE where offloaded HTTP connections will be forwarded. | any |
n/a | yes |
| target_security_group_id | Used to grant the reverse proxy access to a target | any |
n/a | yes |
| target_service_port | The TCP port which the target service is listening on | number |
8080 |
no |
| Name | Description |
|---|---|
| default_instance_private_ip | n/a |
| instance_public_ip | n/a |