Terraform module to run Discourse in Amazon ECS

This module creates all the AWS resources required to run Discourse in Amazon ECS using Fargate, Amazon RDS (Aurora-PostgreSQL), Amazon ElastiCache (Redis), Amazon EFS, Amazon EC2 Application Load Balancer and Amazon CloudWatch Logs. It uses the Bitnami's Discourse Docker images.

The module assumes you already have a VPC, some subnets (ideally private), a Route53 Zone and a valid certificate in ACM.

Usage

The module has many variable (see inputs sections), but at least the following must be defined:

module "discourse" {
  source              = "git@github.com:efoncubierta/discourse-ecs"

  # AWS configuration
  vpc_id              = "vpc-04813d7d"
  subnet_ids          = ["subnet-71cef313", "subnet-9d116fa7", "subnet-f1461deb"]
  alb_certificate_arn = "arn:aws:acm:eu-west-1:853987415214:certificate/869f15e1-1a99-4a36-a979-10e018173a88"
  route53_zone_id     = "Z03948053J934YYLDAGCT"

  # Discourse configuration
  discourse_version   = "2.5.2"
  discourse_hostname  = "discourse.cloudverse.io"
  discourse_email     = "discourse@cloudverse.io"
  discourse_username  = "admin"
  smtp_auth           = "login"
  smtp_host           = "email-smtp.eu-west-1.amazonaws.com"
  smtp_port           = 587
  smtp_user           = "***"
  smtp_password       = "***"
  smtp_tls            = "yes"
}

Requirements

Name	Version
terraform	>= 0.13

Providers

Name	Version
aws	n/a
random	n/a

Inputs

Name	Description	Type	Default	Required
alb_certificate_arn	ARN of a certificate in ACM	`string`	n/a	yes
alb_name	Name of the Application Load Balancer	`string`	`"discourse"`	no
alb_sg_name	Name of the ALB security group	`string`	`"discourse-alb"`	no
alb_tags	Tags to attach to all ALB resources	`map(string)`	`{}`	no
alb_tg_name	Name of the ALB Target Group	`string`	`"discourse-service"`	no
cluster_name	Name of the ECS cluster	`string`	`"discourse"`	no
cluster_tags	Tags to attach to the ECS cluster	`map(string)`	`{}`	no
discourse_container_cpu	CPU units to allocate to Discourse container	`number`	`0`	no
discourse_container_image	Docker image for the Discourse container	`string`	`"docker.io/bitnami/discourse"`	no
discourse_container_memory	Memory to allocate to Discourse container	`number`	`1024`	no
discourse_container_memory_reservation	Memory reservation to allocate to Discourse container	`number`	`1024`	no
discourse_container_name	Name of the Discourse container	`string`	`"discourse"`	no
discourse_email	Discourse email address	`string`	`"user@example.com"`	no
discourse_host	Public hostname of the Discourse service	`string`	n/a	yes
discourse_username	Discourse first user username	`string`	`"admin"`	no
discourse_version	Version of Discourse	`string`	`"2.5.2"`	no
efs_encrypted	Indicates whether the EFS must be encrypted	`bool`	`true`	no
efs_name	Name of the Discourse EFS	`string`	`"discourse"`	no
efs_sg_name	Name of the EFS security group	`string`	`"discourse-efs"`	no
efs_tags	Tags to attach to the EFS endpoints	`map(string)`	`{}`	no
iam_task_execution_role_policies	List of ARNs of policies to attach to the Task Execution Role	`list(string)`	`[]`	no
iam_task_role_policies	List of ARNs of policies to attach to the Task Role	`list(string)`	`[]`	no
log_group_name	Name of the log group in CloudWatch for Discourse	`string`	`"discourse"`	no
log_retention_in_days	How many days to keep the logs	`number`	`30`	no
postgres_admin_user	Username of the administrator of the database	`string`	`"dbadmin"`	no
postgres_backup_retention_period	How many days backups are retained before deletion	`number`	`15`	no
postgres_cluster_name	Name of the Postgres cluster	`string`	`"discourse-db"`	no
postgres_enable_deletion_protection	Enable deletion protection	`bool`	`true`	no
postgres_engine	Type of DB engine	`string`	`"aurora-postgresql"`	no
postgres_engine_version	Version of the DB engine	`string`	`"10.13"`	no
postgres_instance_count	Number of RDS instances	`number`	`1`	no
postgres_instance_type	Type of RDS instance	`string`	`"db.t3.medium"`	no
postgres_name	Name of the Discourse database	`string`	`"discourse"`	no
postgres_sg_name	Name of the Postgres security group	`string`	`"discourse-postgres"`	no
postgres_storage_size	Size of the DB storage (GB)	`number`	`50`	no
postgres_subnet_group_name	Name of the Postgres subnet group	`string`	`"discourse-subnets"`	no
postgres_tags	Tags to attach to all Postgres resources	`map(string)`	`{}`	no
postgres_user	Name of the Discourse database user	`string`	`"discourse"`	no
redis_cluster_name	Name of the Redis cluster	`string`	`"discourse-cache"`	no
redis_engine_version	Version of the Redis engine	`string`	`"5.0.6"`	no
redis_node_type	Redis node type	`string`	`"cache.t3.small"`	no
redis_num_cache_nodes	Number of Redis nodes	`number`	`1`	no
redis_parameter_group_name	Name of the Redis parameter group	`string`	`"default.redis5.0"`	no
redis_port	Redis port	`number`	`6379`	no
redis_sg_name	Name of the Redis security group	`string`	`"discourse-redis"`	no
redis_subnet_group_name	Name of the Redis subnet group	`string`	`"discourse-subnets"`	no
redis_tags	Tags to attach to all Redis resources	`map(string)`	`{}`	no
route53_zone_id	ID of the hosted zone in Route53	`string`	n/a	yes
service_assign_public_ip	Indicates whether or not to assign a public IP to the service (only when subnets are public)	`bool`	`false`	no
service_name	Name of the ECS Service that runs Discourse	`string`	`"discourse"`	no
service_sg_name	Name of the ECS Service security group	`string`	`"discourse-ecs-service"`	no
service_tags	Tags to attach to all ECS Service resources	`map(string)`	`{}`	no
service_task_desired_count	Desired number of Discourse tasks running	`number`	`1`	no
sidekiq_container_cpu	CPU units to allocate to Discourse Sidekiq container	`number`	`0`	no
sidekiq_container_image	Docker image for the Discourse Sidekiq container	`string`	`"docker.io/bitnami/discourse"`	no
sidekiq_container_memory	Memory to allocate to Discourse Sidekiq container	`number`	`1024`	no
sidekiq_container_memory_reservation	Memory reservation to allocate to Discourse Sidekiq container	`number`	`1024`	no
sidekiq_container_name	Name of the Discourse Sidekiq container	`string`	`"sidekiq"`	no
smtp_auth	Authentication method for the SMTP server	`string`	`"login"`	no
smtp_host	Host of the SMTP server	`string`	`""`	no
smtp_password	User password of the SMTP server	`string`	`""`	no
smtp_port	Port of the SMTP server	`number`	`null`	no
smtp_tls	Enable TLS for SMTP	`string`	`"yes"`	no
smtp_user	User of the SMTP server	`string`	`""`	no
subnet_ids	List of Subnet IDs Discourse can be deployed to	`list(string)`	n/a	yes
tags	Tags to attach to all resources	`map(string)`	`{}`	no
task_tags	Tags to attach to all Discourse task resources	`map(string)`	`{}`	no
vpc_id	ID of the VPC	`string`	n/a	yes

Outputs

Name	Description
alb_arn	ARN of the Discourse ALB
alb_dns_name	DNS of the Discourse ALB
alb_id	ID of the Discourse ALB
alb_sg_id	ID of the ALB security group
cluster_arn	ARN of the Discourse ECS Cluster
cluster_id	ID of the Discourse ECS Cluster
discourse_password	First Discourse user password
discourse_url	Discourse URL
discourse_username	First Discourse user username
efs_arn	ARN of the Discourse EFS
efs_dns_name	DNS of the Discourse EFS
efs_id	ID of the Discourse EFS
efs_sg_id	ID of the EFS security group
postgres_admin_password	Postgres admin user password
postgres_admin_user	Postgres admin user name
postgres_hostname	Hostname of the Postgres server
postgres_sg_id	ID of the Postgres security group