terraform-digitalocean-droplets-ubuntu

Use Terraform with default variables to create Digital Ocean Droplets.

Terraform for Digital Ocean Droplet(s)

Purpose

This repo contains terraform code and default variables that allow one to create Digital Ocean Droplet(s) with ease.

About

All arguments for the digitalocean_droplet Terraform resource are enumerated in main.tf and variables.tf. tags and volume_ids are commented out for first-time ease.
All available outputs will be printed upon completion of terraform apply.

Provisioners file and remote-exec are used to:

Overwrite /etc/sysctl.conf with a web-server optimized and kernel-hardened parameters.
Add a new user according to the ssh_user variable.
Add this user to the admin group.
Modify /etc/sudoers so that the admin group can execute sudo without a password.
Add local authorized_keys file to ssh_user’s .ssh directory.
Modify /etc/ssh/sshd_config to disallow root user login and allow PubkeyAuthentication.

Requirements

Terraform, obiously.
A token for Digital Ocean that can write.

Required Variables

As long as these variables are provided, the defaults are to create one droplet in the sfo2 region with IPv6, monitoring, and private networking enabled.

do_token: (string) Digital Ocean API Token.
ssh_user: (string) Name of user that will be allowed passwordless sudo and ssh access.
ssh_key_path: (string) path on local machine to SSH private key.
vm_ssh_key_ids: (list) ID(s) of SSH Key ID’s according to Digital Ocean. If providing over CLI, be wary of the data type. For example:

var.vm_ssh_key_ids
      Enter a value: [25435191]

Prelude

Export your Digital Ocean API key:

export DIGITALOCEAN_TOKEN='YOUR_TOKEN_HERE'

Note: Piping to jq required only for pretty-printing JSON response

Usage

terraform plan
terraform apply

Useful Commands

export TF_LOG_='DEBUG' && \
export TF_LOG_PATH='tf.log'

Get Droplet Sizes

curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer ${DIGITALOCEAN_TOKEN}" "https://api.digitalocean.com/v2/sizes?page=1" | jq
curl -X GET -H "Content-Type: application/json" -H "Authorization: Bearer ${DIGITALOCEAN_TOKEN}" "https://api.digitalocean.com/v2/sizes?page=2" | jq

Note: Multi-page responses

Locating your SSH Key ID(s)

If you want SSH keys already associated with your Digital Ocean account to be set on the Droplets, you first need to get the ID(s) of the key(s) according to Digital Ocean.

Use cURL to list keys and their IDs:

curl -H "Content-Type: application/json" -H "Authorization: Bearer ${DIGITALOCEAN_TOKEN}" "https://api.digitalocean.com/v2/account/keys" | jq

Use the desired Key ID from this output as the value(s) for the vm_ssh_key_ids variable.

References

by: Andrew AadlandSeptember 17, 2018Visit site

Was this helpful?

Publish your Tool on Community

Have you created an Integration, API Wrapper, Service, or other Tool that helps developers build on DigitalOcean? Help users find it by listing it in Community Tools.

Submit tool

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and SMBs

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

View all products

Get started for free

Get started

*This promotional offer applies to new accounts only.