mirror of
https://github.com/google/nomulus.git
synced 2025-05-03 21:47:51 +02:00
983bd27ee0
This allows us to not ship the proxy with certificates/private keys. The secret is still encrypted by KMS. Reading the secret only happens once when the first EPP request comes in, which should not incur any tangible performance penalty. ------------- Created by MOE: https://github.com/google/moe MOE_MIGRATED_REVID=191771680
35 lines
907 B
HCL
35 lines
907 B
HCL
terraform {
|
|
backend "gcs" {
|
|
# The name of the GCS bucket that stores the terraform.tfstate file.
|
|
bucket = "YOUR_GCS_BUCKET"
|
|
prefix = "terraform/state"
|
|
}
|
|
}
|
|
|
|
module "proxy" {
|
|
source = "../../modules"
|
|
proxy_project_name = "YOUR_PROXY_PROJECT"
|
|
nomulus_project_name = "YOUR_NOMULUS_GPROJECT"
|
|
gcr_project_name = "YOUR_GCR_PROJECT"
|
|
proxy_domain_name = "YOUR_PROXY_DOMAIN"
|
|
proxy_certificate_bucket = "YOU_CERTIFICATE_BUCKET"
|
|
}
|
|
|
|
output "proxy_service_account_client_id" {
|
|
value = "${module.proxy.proxy_service_account_client_id}"
|
|
}
|
|
|
|
output "proxy_name_servers" {
|
|
value = "${module.proxy.proxy_name_servers}"
|
|
}
|
|
|
|
output "proxy_instance_groups" {
|
|
value = "${module.proxy.proxy_instance_groups}"
|
|
}
|
|
|
|
output "proxy_ip_addresses" {
|
|
value = {
|
|
ipv4 = "${module.proxy.proxy_ipv4_address}"
|
|
ipv6 = "${module.proxy.proxy_ipv6_address}"
|
|
}
|
|
}
|