Skip to content

Commit

Permalink
Add cal-itp-data-infra-staging terraform to iac directory
Browse files Browse the repository at this point in the history 
* Currently uses local storage[#3365]
  • Loading branch information
@ohrite
ohrite committed Feb 20, 2025
1 parent bbca0ee commit 3e2196b
Show file tree
Hide file tree
Showing 68 changed files with 2,594 additions and 0 deletions.
1 change: 1 addition & 0 deletions iac/.gitignore
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
.terraform/
22 changes: 22 additions & 0 deletions iac/cal-itp-data-infra-staging/disks/us-west1/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions iac/cal-itp-data-infra-staging/disks/us-west1/provider.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
provider "google" {
project = "cal-itp-data-infra-staging"
}

terraform {
required_providers {
google = {
version = "~> 6.19.0"
source = "hashicorp/google"
}
}
}
16 changes: 16 additions & 0 deletions iac/cal-itp-data-infra-staging/disks/us-west1/terraform.tfstate
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"version": 3,
"terraform_version": "0.12.31",
"serial": 1,
"lineage": "5fbfd515-ae56-2808-6b6f-4f2f5dc59232",
"modules": [
{
"path": [
"root"
],
"outputs": {},
"resources": {},
"depends_on": []
}
]
}
22 changes: 22 additions & 0 deletions iac/cal-itp-data-infra-staging/dns/us-west1/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 12 additions & 0 deletions iac/cal-itp-data-infra-staging/dns/us-west1/provider.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
provider "google" {
project = "cal-itp-data-infra-staging"
}

terraform {
required_providers {
google = {
version = "~> 6.19.0"
source = "hashicorp/google"
}
}
}
16 changes: 16 additions & 0 deletions iac/cal-itp-data-infra-staging/dns/us-west1/terraform.tfstate
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
{
"version": 3,
"terraform_version": "0.12.31",
"serial": 1,
"lineage": "cd5526d7-ad97-9396-0256-ca886c90fe2b",
"modules": [
{
"path": [
"root"
],
"outputs": {},
"resources": {},
"depends_on": []
}
]
}
22 changes: 22 additions & 0 deletions iac/cal-itp-data-infra-staging/firewall/us-west1/.terraform.lock.hcl
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

71 changes: 71 additions & 0 deletions iac/cal-itp-data-infra-staging/firewall/us-west1/compute_firewall.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,71 @@
resource "google_compute_firewall" "tfer--default-allow-icmp" {
allow {
protocol = "icmp"
}

description = "Allow ICMP from anywhere"
direction = "INGRESS"
disabled = "false"
name = "default-allow-icmp"
network = "${data.terraform_remote_state.networks.outputs.google_compute_network_tfer--default_self_link}"
priority = "65534"
project = "cal-itp-data-infra-staging"
source_ranges = ["0.0.0.0/0"]
}

resource "google_compute_firewall" "tfer--default-allow-internal" {
allow {
ports = ["0-65535"]
protocol = "tcp"
}

allow {
ports = ["0-65535"]
protocol = "udp"
}

allow {
protocol = "icmp"
}

description = "Allow internal traffic on the default network"
direction = "INGRESS"
disabled = "false"
name = "default-allow-internal"
network = "${data.terraform_remote_state.networks.outputs.google_compute_network_tfer--default_self_link}"
priority = "65534"
project = "cal-itp-data-infra-staging"
source_ranges = ["10.128.0.0/9"]
}

resource "google_compute_firewall" "tfer--default-allow-rdp" {
allow {
ports = ["3389"]
protocol = "tcp"
}

description = "Allow RDP from anywhere"
direction = "INGRESS"
disabled = "false"
name = "default-allow-rdp"
network = "${data.terraform_remote_state.networks.outputs.google_compute_network_tfer--default_self_link}"
priority = "65534"
project = "cal-itp-data-infra-staging"
source_ranges = ["0.0.0.0/0"]
}

resource "google_compute_firewall" "tfer--default-allow-ssh" {
allow {
ports = ["22"]
protocol = "tcp"
}

description = "Allow SSH from anywhere"
direction = "INGRESS"
disabled = "false"
name = "default-allow-ssh"
network = "${data.terraform_remote_state.networks.outputs.google_compute_network_tfer--default_self_link}"
priority = "65534"
project = "cal-itp-data-infra-staging"
source_ranges = ["0.0.0.0/0"]
}
15 changes: 15 additions & 0 deletions iac/cal-itp-data-infra-staging/firewall/us-west1/outputs.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
output "google_compute_firewall_tfer--default-allow-icmp_self_link" {
value = "${google_compute_firewall.tfer--default-allow-icmp.self_link}"
}

output "google_compute_firewall_tfer--default-allow-internal_self_link" {
value = "${google_compute_firewall.tfer--default-allow-internal.self_link}"
}

output "google_compute_firewall_tfer--default-allow-rdp_self_link" {
value = "${google_compute_firewall.tfer--default-allow-rdp.self_link}"
}

output "google_compute_firewall_tfer--default-allow-ssh_self_link" {
value = "${google_compute_firewall.tfer--default-allow-ssh.self_link}"
}
12 changes: 12 additions & 0 deletions iac/cal-itp-data-infra-staging/firewall/us-west1/provider.tf
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
provider "google" {
project = "cal-itp-data-infra-staging"
}

terraform {
required_providers {
google = {
version = "~> 6.19.0"
source = "hashicorp/google"
}
}
}
Loading

0 comments on commit 3e2196b

Please sign in to comment.