Terraform module which creates an OAuth2-authenticated Code Server on AWS.
//--------------------------------------------------------------------
// Variables
variable "oauth2_client_id" {}
variable "oauth2_client_secret" {}
//--------------------------------------------------------------------
// Modules
module "code-server" {
source = "bvilnis/code-server/aws"
version = "0.1.1"
domain_name = "ide.mydomain.com"
email_address = "[email protected]"
github_username = "bvilnis"
hostname = "code-server"
instance_size = "t3.small"
oauth2_client_id = var.oauth2_client_id
oauth2_client_secret = var.oauth2_client_secret
oauth2_provider = "google"
region = "us-east-1"
route53_zone_id = "Z23ABC4XYZL05B"
storage_size = 20
username = "coder"
}terraform apply \
-var="oauth2_client_id=<client_id>" \
-var="oauth2_client_secret=<client_secret>"
- The
oauth_client_idandoauth_client_secretvariables should not be defined in code as they are considered sensitive values. When used with with CLI, set them as variables on the command line, as outlined above. When used in Terraform Cloud, set them as sensitive variables. - The sudo password for your created user can be found at
/home/$USER/sudo.txt. It is recommended you runpasswdto change your password and then delete this file. - User data on EC2 can take several minutes to execute and complete. Allow enough time for the instance to launch and execute the commands in user_data.tpl.
- OAuth2 client ID and secret from your chosen provider.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| domain_name | An A record value for hosted zone (eg. 'mydomain.com' or 'subdomain.mydomain.com') | string |
n/a | yes |
| email_address | If set, OAuth2 Proxy will only authenticate supplied email address rather than entire org/account of the OAuth2 provider | string |
"" |
no |
| github_username | GitHub username for importing public SSH keys associated to the GitHub account | string |
n/a | yes |
| hostname | Hostname for the EC2 instance | string |
"code-server" |
no |
| instance_size | EC2 instance size | string |
"t3.small" |
no |
| oauth2_client_id | OAuth2 client ID key for chosen OAuth2 provider | string |
n/a | yes |
| oauth2_client_secret | OAuth2 client secret key for chosen OAuth2 provider | string |
n/a | yes |
| oauth2_provider | OAuth2 provider | string |
n/a | yes |
| region | AWS regional endpoint | string |
"us-east-1" |
no |
| azs | A list of availability zones names or ids in the region | list(string) |
["${var.region}a", "${var.region}b", "${var.region}c"] |
no |
| route53_zone_id | Route53 hosted zone ID for domain_name |
string |
n/a | yes |
| storage_size | Size (in GB) for immutable EBS volume mounted to /home |
number |
20 |
no |
| username | Username for the non-root user on the EC2 instance | string |
"coder" |
no |
| Name | Description |
|---|---|
| domain_name | The domain name record |
| ec2_id | EC2 instance ID |
| ec2_private_ip | EC2 instance private IP address |
| ec2_public_ip | EC2 instance public IP address |
| public_subnets | List of IDs of public subnets |
| public_subnet_cidr_blocks | List of cidr_blocks of public subnets |
| security_group_id | The ID of the security group |
| vpc_id | The ID of the VPC |
Module managed by Ben Vilnis.
Apache 2 Licensed. See LICENSE for full details.