From acc427c9026b6217848d963650d1b3f95098df8c Mon Sep 17 00:00:00 2001 From: Patrick Cao Huu Thien Date: Wed, 30 Nov 2022 18:14:01 +0100 Subject: [PATCH] minimum files for terraform as a module --- main.tf | 39 +++++++++++++++++++++++++++++++++++++++ variables.tf | 11 +++++++++++ 2 files changed, 50 insertions(+) create mode 100644 main.tf create mode 100644 variables.tf diff --git a/main.tf b/main.tf new file mode 100644 index 0000000..326ec61 --- /dev/null +++ b/main.tf @@ -0,0 +1,39 @@ +# you must prefixe path with "${path.module}/" +resource "null_resource" "fail2ban" { + # triggers = { + # source = filesha256("${path.module}/script") + # } + connection { + type = "ssh" + user = "root" + host = var.connection_ip + private_key = var.connection_private_key + } + + # provisioner "file" { + # source = "${path.module}/script" + # destination = "/tmp" + # } + + provisioner "remote-exec" { + inline = [ + "echo '#-----------------------'", + "echo '# module alpine_fail2ban'", + "echo '#-----------------------'", + "echo '# install fail2ban'", + "apk add fail2ban", + # + "echo '# enable service fail2ban'", + "rc-update add fail2ban", + "rc-service fail2ban start", + # + "echo '# install helpers'", + "ln -s /etc/fail2ban /root/fail2ban", + "ln -s 'fail2ban-client status' /etc/fail2ban/0_status", + "ln -s 'fail2ban-client set sshd unbanip x.x.x.x' /etc/fail2ban/1_unban", + "ln -s 'fail2ban-client reload sshd' /etc/fail2ban/2_reload", + "echo '# module DONE'", + ] + } + +} diff --git a/variables.tf b/variables.tf new file mode 100644 index 0000000..b2ff069 --- /dev/null +++ b/variables.tf @@ -0,0 +1,11 @@ +variable "connection_ip" { + type = string + description = "ipv4" +} + +variable "connection_private_key" { + type = string + description = "private key for terraform connection" + sensitive = true +} +