terraform-openstack-landing.../tests/module/variables.tf
Bertrand Lanson 9c03773378
All checks were successful
development / Check commit compliance (push) Successful in 4s
pull-requests-open / Check commit compliance (pull_request) Successful in 6s
pull-requests-open / Check pre-commit status (pull_request) Successful in 13s
pull-requests-open / Run E2E tofu tests (pull_request) Successful in 2m56s
docs: update variable description to better reflect its meaning
2024-09-10 19:12:49 +02:00

170 lines
5.2 KiB
HCL

#! global variables
variable "project_domain" {
type = string
description = "The domain where this project will be created"
default = "default"
}
variable "project_tags" {
type = list(string)
description = "The tags to append to this project"
default = []
}
#! architecture tiering variables
variable "architecture_tiers" {
type = number
description = <<-EOT
The type of architecture.
Can be either 0, 1, 2 or 3.
Tier 0 will not create any subnets or networks.
Tier 1 will only create a single frontend subnet.
Tier 2 will create a frontend and backend subnet.
Tier 3 will create a frontend, backend and database subnet.
EOT
default = 1
validation {
condition = (
var.architecture_tiers > 0 &&
var.architecture_tiers <= 3
)
error_message = "The architecture_tiers must be between 0 and 3."
}
}
#! subnetpools creation
variable "create_application_subnetpool" {
type = bool
description = "Whether the module should create an application subnet pool for this project, or use an existing one."
default = true
}
variable "application_subnetpool_cidr_blocks" {
type = list(string)
description = "The CIDR blocks for the application subnet pool"
default = ["192.168.0.0/21"]
validation {
condition = alltrue([
for i in var.application_subnetpool_cidr_blocks : can(cidrhost(i, 0))
])
error_message = "The application_subnetpool_cidr_blocks must be a valid IPv4 CIDR"
}
}
variable "create_database_subnetpool" {
type = bool
description = "Whether the module should create a database subnet pool for this project, or use an existing one."
default = true
}
variable "database_subnetpool_cidr_blocks" {
type = list(string)
description = "The CIDR blocks for the database subnet pool"
default = ["192.168.8.0/23"]
validation {
condition = alltrue([
for i in var.database_subnetpool_cidr_blocks : can(cidrhost(i, 0))
])
error_message = "The database_subnetpool_cidr_blocks must be a valid IPv4 CIDR"
}
}
#! networking variables
variable "frontend_subnet_prefix_len" {
type = number
description = "The prefix length of the frontend subnet. Must be between 20 and 32."
default = 24
validation {
condition = (
var.frontend_subnet_prefix_len >= 20 &&
var.frontend_subnet_prefix_len <= 32
)
error_message = "The prefix length must be between 20 and 32."
}
}
variable "backend_subnet_prefix_len" {
type = number
description = "The prefix length of the backend subnet. Must be between 20 and 32."
default = 24
validation {
condition = (
var.backend_subnet_prefix_len >= 20 &&
var.backend_subnet_prefix_len <= 32
)
error_message = "The prefix length must be between 20 and 32."
}
}
variable "database_subnet_prefix_len" {
type = number
description = "The prefix length of the database subnet. Must be between 24 and 32."
default = 24
validation {
condition = (
var.database_subnet_prefix_len >= 24 &&
var.database_subnet_prefix_len <= 32
)
error_message = "The prefix length must be between 24 and 32."
}
}
variable "public_nameservers" {
type = list(string)
description = <<-EOT
A list of public DNS servers to upstreams requests to in your subnets.
This is not necessary if your openstack deployment already has configured default upstreams for neutron.
EOT
default = []
}
#! security variables
variable "create_default_secgroups" {
type = bool
description = <<-EOT
Whether to create default security groups or not.
Depending on your choice of architecture tiering, will create security groups so that each tier can connect to the one below.
Security groups for the database tier will be created for mariadb, postgresql and redis.
A default security group allowing ssh connection will also be created.
EOT
default = false
}
variable "database_secgroup_strict" {
type = bool
description = <<-EOT
Defines whether the security groups for the database network should be strict.
In strict mode, egress is only allowed to the backend network.
EOT
default = false
}
#! subnetpool variables & validation
variable "application_subnetpool_id" {
type = string
description = <<-EOT
The id of the subnetpool to create the public (first 2 tier) networks from.
Since this module can route private subnets to the backbone, it needs to make sure it's not creating overlapping subnets.
EOT
default = null
}
variable "database_subnetpool_id" {
type = string
description = <<-EOT
The id of the subnetpool to create the databse network from.
Since this module can route private subnets to the backbone, it needs to make sure it's not creating overlapping subnets.
EOT
default = null
}
#! public network attachement variables
variable "attach_to_external" {
type = bool
description = <<-EOT
Whether to attach the router to an external network.
This will add a gateway interface to the router, and possibly consume a public IP address which might be billed by your cloud provider.
EOT
default = false
}