diff options
| author | Christopher Baines <mail@cbaines.net> | 2018-06-23 09:57:03 +0100 |
|---|---|---|
| committer | Christopher Baines <mail@cbaines.net> | 2018-06-23 12:58:05 +0100 |
| commit | 837e1ecec9798381f78b838947f8028403cb0bef (patch) | |
| tree | 984e25f96a490a3cbd1b20d6f50903aa6dacfd1d /terraform | |
| parent | 0736fd5ab32eeb57de52fb6d581d16c2824b2fc2 (diff) | |
| download | govuk-mini-environment-admin-837e1ecec9798381f78b838947f8028403cb0bef.tar govuk-mini-environment-admin-837e1ecec9798381f78b838947f8028403cb0bef.tar.gz | |
Handle SSH keys via the database
This makes it more explicit, and works around Terraform being
unpredictable when dealing with SSH agents.
Diffstat (limited to 'terraform')
| -rw-r--r-- | terraform/aws/backend/main.tf | 19 | ||||
| -rw-r--r-- | terraform/aws/mini_environment/main.tf | 14 |
2 files changed, 23 insertions, 10 deletions
diff --git a/terraform/aws/backend/main.tf b/terraform/aws/backend/main.tf index 57e9348..346ab0d 100644 --- a/terraform/aws/backend/main.tf +++ b/terraform/aws/backend/main.tf @@ -26,6 +26,10 @@ variable "ssh_public_key" { type = "string" } +variable "ssh_private_key" { + type = "string" +} + variable "guix_substitute_servers" { type = "map" default = { @@ -237,8 +241,9 @@ resource "aws_spot_instance_request" "main" { destination = "/home/ubuntu/guix-daemon.service" connection { - type = "ssh" - user = "ubuntu" + type = "ssh" + user = "ubuntu" + private_key = "${var.ssh_private_key}" } } @@ -247,8 +252,9 @@ resource "aws_spot_instance_request" "main" { destination = "/home/ubuntu/acl" connection { - type = "ssh" - user = "ubuntu" + type = "ssh" + user = "ubuntu" + private_key = "${var.ssh_private_key}" } } @@ -305,8 +311,9 @@ EOF ] connection { - type = "ssh" - user = "ubuntu" + type = "ssh" + user = "ubuntu" + private_key = "${var.ssh_private_key}" } } } diff --git a/terraform/aws/mini_environment/main.tf b/terraform/aws/mini_environment/main.tf index b69f8f5..afeda8d 100644 --- a/terraform/aws/mini_environment/main.tf +++ b/terraform/aws/mini_environment/main.tf @@ -30,6 +30,10 @@ variable "backend_remote_state_address" { type = "string" } +variable "ssh_private_key" { + type = "string" +} + provider "aws" { access_key = "${var.aws_access_key}" secret_key = "${var.aws_secret_key}" @@ -79,8 +83,9 @@ resource "aws_spot_instance_request" "main" { destination = "/home/ubuntu/govuk.service" connection { - type = "ssh" - user = "ubuntu" + type = "ssh" + user = "ubuntu" + private_key = "${var.ssh_private_key}" } } @@ -109,8 +114,9 @@ resource "aws_spot_instance_request" "main" { ] connection { - type = "ssh" - user = "ubuntu" + type = "ssh" + user = "ubuntu" + private_key = "${var.ssh_private_key}" } } } |