{"id":13785468,"url":"https://github.com/dsaidgovsg/terraform-modules","last_synced_at":"2025-05-11T21:30:33.695Z","repository":{"id":37696355,"uuid":"122424272","full_name":"dsaidgovsg/terraform-modules","owner":"dsaidgovsg","description":"Reusable Terraform modules","archived":false,"fork":false,"pushed_at":"2025-02-12T08:32:56.000Z","size":1068,"stargazers_count":79,"open_issues_count":25,"forks_count":23,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-03-25T16:02:19.634Z","etag":null,"topics":["aws","cloud","consul","devops","elastics","elasticsearch","logging","nomad","terraform","vault"],"latest_commit_sha":null,"homepage":null,"language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/dsaidgovsg.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-02-22T03:08:06.000Z","updated_at":"2025-02-12T08:32:58.000Z","dependencies_parsed_at":"2023-01-19T13:00:42.362Z","dependency_job_id":"0b3cb613-d58d-4600-aab0-0951e868e2a2","html_url":"https://github.com/dsaidgovsg/terraform-modules","commit_stats":null,"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsaidgovsg%2Fterraform-modules","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsaidgovsg%2Fterraform-modules/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsaidgovsg%2Fterraform-modules/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/dsaidgovsg%2Fterraform-modules/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/dsaidgovsg","download_url":"https://codeload.github.com/dsaidgovsg/terraform-modules/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253638727,"owners_count":21940414,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloud","consul","devops","elastics","elasticsearch","logging","nomad","terraform","vault"],"created_at":"2024-08-03T19:01:00.768Z","updated_at":"2025-05-11T21:30:31.906Z","avatar_url":"https://github.com/dsaidgovsg.png","language":"HCL","funding_links":[],"categories":["Infrastructure setup"],"sub_categories":["Automation and Infrastructure Management"],"readme":"# Terraform modules\n\nThis repository contains a set of (opinionated) [Terraform](https://www.terraform.io/)\n[modules](https://www.terraform.io/docs/modules/index.html) to provision HashiCorp's suite of tools\non AWS, including:\n\n- [Consul](https://www.consul.io/): Service discovery, distributed key-value store, and service mesh\n- [Nomad](https://www.nomadproject.io/): Scheduling\n- [Vault](https://www.vaultproject.io/): secrets management\n\nThese tools are useful to deploy a basic infrastructure on the cloud for your developers to run\ntheir applications and services.\n\nTo get started, see the [Core](modules/core) module. Some of the modules are optional and\nadd additional features after you have provisioned the Core module.\n\n## Contributing\n\nSee [`CONTRIBUTING.md`](./CONTRIBUTING.md) for more details.\n\n## Submodules\n\nThis repository has various submodules. When you are cloning it for the first time, make sure to\ndo so with\n\n```bash\ngit clone --recursive https://github.com/GovTechSG/terraform-modules.git\n```\n\nTo update an already cloned repository, you can do\n\n```bash\ngit submodule update --init --recursive\n```\n\n## Modules\n\n### [Core](modules/core)\n\nThis module sets up a VPC, and a Consul and Nomad cluster to allow you to run applications on.\n\n### [AWS Authentication](modules/aws-auth)\n\nThis module configures Vault to accept authentication via EC2 instance metadata. This is required\nfor use with some of the Vault integration modules.\n\n### [Nomad Vault Integration](modules/nomad-vault-integration)\n\nThis module serves as a post-bootstrap addon for the Core Module. It integrates Vault into Nomad\nso that jobs may acquire secrets from Vault.\n\n### [Nomad ACL](modules/nomad-acl)\n\nThis module serves as a post-bootstrap addon for the Core Module. This enables\n[ACL](https://www.nomadproject.io/guides/acl.html) for Nomad, where Nomad ACL tokens can be\nretrieved from Vault.\n\n### [Vault SSH](modules/vault-ssh)\n\nWe can use Vault's\n[SSH secrets engine](https://www.vaultproject.io/docs/secrets/ssh/signed-ssh-certificates.html) to\ngenerate signed certificates to access your machines via SSH.\n\n### [Traefik](modules/traefik)\n\nThis module serves as a post-bootstrap addon for the Core Module. This module provisions\nload balancers on top of a Traefik reverse proxy to expose your applications running on your\nNomad cluster to the internet.\n\n### [Docker Authentication](modules/docker-auth)\n\nThis module serves as a post-bootstrap addon for the Core Module. It allows you to configure Nomad\nclients to authenticate with private Docker registries.\n\n### [Vault PKI](modules/vault-pki)\n\nThis module serves as a bootstrap addon for the Core module. It provisions the\n[PKI secrets engine](https://www.vaultproject.io/docs/secrets/pki/index.html) in Vault. This PKI\nsecrets engine allows you to maintain an internal CA and allows Vault users to request for\ncertificates.\n\nThis module is required for some of the other Vault integration.\n\n### [Elasticsearch](modules/elasticsearch)\n\nThis modules serves as a post-bootstrap addon for the Core Module. This module adds managed AWS\nElasticsearch service (with Kibana). The module also allows integration with\n[Traefik](modules/traefik) set-up, to allow redirect service to redirect users to the Kibana\nvisualisation UI with a more friendly named URL.\n\n### [Curator](modules/curator)\n\nThis module runs [Curator](https://github.com/elastic/curator) as a Cron job in Nomad to clean up\nold indices in your Elasticsearch cluster.\n\n### [Lambda-api-gateway](modules/lambda-api-gateway)\n\nThis module sets up a Lambda function with a API Gateway trigger, secured with an API key authentication.\n\n### [Telegraf](modules/telegraf)\n\nThis module sets up [Telegraf](https://www.influxdata.com/time-series-platform/telegraf/) service for collecting and reporting metrics. This is instances containing services `consul`, `nomad_client`, `nomad_server` and `vault`.\n\n### [Td-Agent](modules/td-agent)\n\nThis module allows enabling of `td-agent`, the stable distrution package of [Fluentd](https://www.fluentd.org), for log forwarding. For\ninstances containing services `consul`, `nomad_client`, `nomad_server` and `vault`.\n\n### [Nomad Clients](modules/nomad-clients)\n\nThis module sets up an additional cluster of Nomad clients after the initial bootstrap of the `core` module.\n\n### [Vault App Policy](modules/vault-app-policy)\n\nThis module is an addon for adding application service policies to access key / value secrets stored in your already set-up Vault.\n\n## [Fluentd](modules/fluentd)\n\nThis module runs Fluentd on Nomad to forward logs to Elasticsearch and (optionally) S3.\n\n## [Vault Auto Unseal](modules/vault-auto-unseal)\n\nProvisions additional resources to enable\n[Vault Auto Unseal](https://www.vaultproject.io/docs/concepts/seal.html#auto-unseal) when used\nwith the Core module.\n\n## Roles\n\nContains Ansible roles for installation of various services. For more details, check out the README\nin the respective role directories.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdsaidgovsg%2Fterraform-modules","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdsaidgovsg%2Fterraform-modules","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdsaidgovsg%2Fterraform-modules/lists"}