Install a Wireguard service on ECS backed by EC2 autoscaling
module "wireguard" {
source = "../../modules/wireguard"
server_url = "wireguard.example.com"
wireguard_peers = 2
}
No tests currently exist for this module.
Terraform 1.0. Pin module version to ~> 1.0.0 . Submit pull-requests to master branch.
Terraform prior to 1.0 are not supported.
This project constitutes a work of the United States Government and is not subject to domestic copyright protection under 17 USC § 105. However, because the project utilizes code licensed from contributors and other third parties, it therefore is licensed under the MIT License. See LICENSE file for more information.
This template is configured to use aws-vault, direnv, pre-commit, terraform-docs, and tfenv. If using Homebrew on macOS, you can install the dependencies using the following code.
brew install aws-vault direnv pre-commit terraform-docs tfenv
pre-commit install --install-hooks
If using direnv
, add a .envrc.local
that sets the default AWS region, e.g., export AWS_DEFAULT_REGION=us-west-2
.
If using tfenv
, then add a .terraform-version
to the project root dir, with the version you would like to use.
No requirements.
Name | Version |
---|---|
aws | n/a |
Name | Source | Version |
---|---|---|
cloudwatch_kms_key | dod-iac/cloudwatch-kms-key/aws | ~> 1.0.0 |
ecs_cluster | dod-iac/ecs-cluster/aws | ~> 1.3 |
ecs_instance_role | dod-iac/ec2-instance-role/aws | ~> 1.0 |
ecs_task_execution_role | dod-iac/ecs-task-execution-role/aws | ~> 1.0 |
ecs_task_role | dod-iac/ecs-task-role/aws | ~> 1.0 |
efs_key | dod-iac/efs-kms-key/aws | ~> 1.0 |
vpc | terraform-aws-modules/vpc/aws | ~> 3.1 |
vpc_endpoints | terraform-aws-modules/vpc/aws//modules/vpc-endpoints | ~> 3.1 |
Name | Description | Type | Default | Required |
---|---|---|---|---|
cloudwatch_log_retention_in_days | The cloudwatch log description in days | number |
90 |
no |
ec2_instance_type | The EC2 instance type to launch for the cluster | string |
"t2.small" |
no |
key_name | The AWS Key Pair Key Name | string |
"wireguard" |
no |
name | A unique name for the module | string |
"wireguard" |
no |
server_tz | The time zone for the server | string |
"America/Los_Angeles" |
no |
server_url | The FQDN serving wireguard (ex: www.example.com) | string |
n/a | yes |
ssh_public_key | The public key to use for an AWS key pair. This will enable SSH access to the ECS cluster EC2 instance. Leaving this blank will disable access. | string |
"" |
no |
tags | tags | map(string) |
{} |
no |
wireguard_peers | The number of wireguard peers to configure. When using wireguard-ui set to 0 or leave as default. | number |
0 |
no |
Name | Description |
---|---|
ecs_cluster_name | n/a |
efs_ap_id_config | n/a |
efs_fs | n/a |
elb_dns_name | n/a |
public_subnets | n/a |
vpc_id | n/a |