wip: working draft

Signed-off-by: Paul Horton <phorton@sonatype.com>

.gitignore

@@ -0,0 +1,39 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# .tfvars files
+*.tfvars
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+*.tfplan
+
+# Exclude any generated kubeconfig_* files
+kubeconfig_*
+
+# Exclude any Sonatype License files
+*.lic

README.md

@@ -0,0 +1,18 @@
+# Terraform Module: Sonatype IQ Server
+
+This repository contains a Terraform Module that will deploy an Active-Active Cluster of Sonatype IQ Server.
+
+It has some pre-requisites:
+- You have already got a PostgreSQL service available, know where it is and have ADMIN access to it
+- You have a valid Sonatype license file for Sonatype IQ Server (Lifecycle of Firewall)
+
+An exmaple using this module can be found in [tools-nxiq-ha-cluster](https://github.com/vendorcorp/tools-nxiq-ha-cluster).
+
+# The Fine Print
+
+At the time of writing I work for Sonatype, and it is worth nothing that this is **NOT SUPPORTED** bu Sonatype - it is purely a contribution to the open source community (read: you!).
+
+Remember:
+- Use this contribution at the risk tolerance that you have
+- Do NOT file Sonatype support tickets related to cheque support in regard to this project
+- DO file issues here on GitHub, so that the community can pitch in

locals.tf

@@ -0,0 +1,26 @@
+# --------------------------------------------------------------------------
+#
+# Copyright 2023-Present Sonatype Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# --------------------------------------------------------------------------
+
+resource "random_string" "pgsql_user_password" {
+  length  = 16
+  special = false
+}
+
+locals {
+  pgsql_user_password = random_string.pgsql_user_password.result
+}

main.tf

@@ -0,0 +1,65 @@
+# --------------------------------------------------------------------------
+#
+# Copyright 2023-Present Sonatype Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# --------------------------------------------------------------------------
+
+# --------------------------------------------------------------------------
+# Require a minimum version of Terraform and Providers
+# --------------------------------------------------------------------------
+terraform {
+  required_version = ">= 1.0.11"
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.6.0"
+    }
+    kubernetes = {
+      source  = "hashicorp/kubernetes"
+      version = ">= 2.19.0"
+    }
+    postgresql = {
+      source  = "cyrilgdn/postgresql"
+      version = ">= 1.15.0"
+    }
+  }
+}
+
+# --------------------------------------------------------------------------
+# Deploy NXRM HA Cluster
+# --------------------------------------------------------------------------
+module "nxrm_pg_database" {
+  source = "./modules/nxrm-pg-db"
+
+  pg_hostname       = var.pg_hostname
+  pg_port           = var.pg_port
+  pg_admin_username = var.pg_admin_username
+  pg_admin_password = var.pg_admin_password
+}
+
+module "nxrm_ha_cluster" {
+  source = "./modules/nxrm-ha-cluster"
+
+  default_resource_tags = var.default_resource_tags
+  nxrm_name             = var.nxrm_name
+  nxrm_license_file     = var.nxrm_license_file
+  nxrm_version          = var.nxrm_version
+  replica_count         = var.replica_count
+  db_hostname           = var.pg_hostname
+  db_port               = var.pg_port
+  db_username           = module.nxrm_pg_database.nxrm_db_username
+  db_password           = module.nxrm_pg_database.nxrm_db_password
+  db_database           = module.nxrm_pg_database.nxrm_db_database
+}

modules/nxiq-ha-cluster/locals.tf

@@ -0,0 +1,26 @@
+# --------------------------------------------------------------------------
+#
+# Copyright 2023-Present Sonatype Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# --------------------------------------------------------------------------
+
+resource "random_string" "nxiq_suffix" {
+  length  = 12
+  special = false
+}
+
+locals {
+  namespace = "nxiq-${lower(random_string.nxiq_suffix.result)}"
+}