More cleaning.

hashicorp · Sep 14, 2017 · cf3cfaa · cf3cfaa
1 parent b5d93e9
commit cf3cfaa
Show file tree

Hide file tree

Showing 16 changed files with 31 additions and 81 deletions.
diff --git a/NOTICE b/NOTICE
@@ -1,5 +1,4 @@
-vault-aws-blueprint
-Copyright 2017 Gruntwork, LLC
+terraform-google-vault
+Copyright 2017 Gruntwork, Inc.
 
-This product includes software developed at
-Gruntwork (http://www.gruntwork.io/).
+This product includes software developed at Gruntwork (http://www.gruntwork.io/).
diff --git a/circle.yml b/circle.yml
diff --git a/examples/root-example/startup-script-vault.sh b/examples/root-example/startup-script-vault.sh
@@ -1,7 +1,8 @@
 #!/bin/bash
 # This script is meant to be run as the Startup Script of each Compute Instance while it's booting. The script uses the
 # run-consul and run-vault scripts to configure and start both Vault and Consul in client mode. This script assumes it's
-# running in a Compute Instance based on a Google Image built from the Packer template in examples/vault-image/vault.json.
+# running in a Compute Instance based on a Google Image built from the Packer template in
+# examples/vault-consul-image/vault-consul.json.
 
 set -e
 

diff --git a/examples/vault-cluster-private/main.tf b/examples/vault-cluster-private/main.tf
@@ -10,6 +10,8 @@ provider "google" {
   region      = "${var.gcp_region}"
 }
 
+# Use Terraform 0.10.x so that we can take advantage of Terraform GCP functionality as a separate provider via
+# https://github.com/terraform-providers/terraform-provider-google
 terraform {
   required_version = ">= 0.10.3"
 }

diff --git a/examples/vault-cluster-private/startup-script-vault.sh b/examples/vault-cluster-private/startup-script-vault.sh
@@ -1,7 +1,8 @@
 #!/bin/bash
 # This script is meant to be run as the Startup Script of each Compute Instance while it's booting. The script uses the
 # run-consul and run-vault scripts to configure and start both Vault and Consul in client mode. This script assumes it's
-# running in a Compute Instance based on a Google Image built from the Packer template in examples/vault-image/vault.json.
+# running in a Compute Instance based on a Google Image built from the Packer template in
+# examples/vault-consul-image/vault-consul.json.
 
 set -e
 

diff --git a/examples/vault-cluster-public/main.tf b/examples/vault-cluster-public/main.tf
@@ -9,6 +9,8 @@ provider "google" {
   region      = "${var.gcp_region}"
 }
 
+# Use Terraform 0.10.x so that we can take advantage of Terraform GCP functionality as a separate provider via
+# https://github.com/terraform-providers/terraform-provider-google
 terraform {
   required_version = ">= 0.10.3"
 }

diff --git a/examples/vault-cluster-public/startup-script-vault.sh b/examples/vault-cluster-public/startup-script-vault.sh
@@ -1,7 +1,8 @@
 #!/bin/bash
 # This script is meant to be run as the Startup Script of each Compute Instance while it's booting. The script uses the
 # run-consul and run-vault scripts to configure and start both Vault and Consul in client mode. This script assumes it's
-# running in a Compute Instance based on a Google Image built from the Packer template in examples/vault-image/vault.json.
+# running in a Compute Instance based on a Google Image built from the Packer template in
+# examples/vault-consul-image/vault-consul.json.
 
 set -e
 

diff --git a/examples/vault-cluster-public/variables.tf b/examples/vault-cluster-public/variables.tf
@@ -72,17 +72,4 @@ variable "consul_server_cluster_size" {
 variable "web_proxy_port" {
   description = "The port at which the HTTP proxy server will listen for incoming HTTP requests that will be forwarded to the Vault Health Check URL. We must have an HTTP proxy server to work around the limitation that GCP only permits Health Checks via HTTP, not HTTPS."
   default = "8000"
-}
-
-//variable "create_dns_entry" {
-//  description = "If set to true, this module will create a Route 53 DNS A record for the ELB in the var.hosted_zone_id hosted zone with the domain name in var.domain_name."
-//}
-//
-//variable "hosted_zone_domain_name" {
-//  description = "The domain name of the Route 53 Hosted Zone in which to add a DNS entry for Vault (e.g. example.com). Only used if var.create_dns_entry is true."
-//}
-//
-//variable "vault_domain_name" {
-//  description = "The domain name to use in the DNS A record for the Vault ELB (e.g. vault.example.com). Make sure that a) this is a domain within the var.hosted_zone_domain_name hosted zone and b) this is the same domain name you used in the TLS certificates for Vault. Only used if var.create_dns_entry is true."
-//}
-//
+}
diff --git a/modules/install-nginx/install-nginx b/modules/install-nginx/install-nginx
@@ -1,5 +1,7 @@
 #!/bin/bash
-# This script can be used to install nginx. This script has been tested with the following operating systems:
+# This script installs the latest stable nginx binary. Notably, it extracts the nginx binary from the latest nginx debian
+# package without installing any other aspect of the debian package (such as init.d scripts). This script has been tested
+# with the following operating systems:
 #
 # 1. Ubuntu 16.04
 

diff --git a/modules/install-vault/install-vault b/modules/install-vault/install-vault
@@ -3,7 +3,6 @@
 # operating systems:
 #
 # 1. Ubuntu 16.04
-# 2. Amazon Linux
 
 set -e
 
@@ -22,7 +21,7 @@ function print_usage {
   echo
   echo "Usage: install-vault [OPTIONS]"
   echo
-  echo "This script can be used to install Vault and its dependencies. This script has been tested with Ubuntu 16.04 and Amazon Linux."
+  echo "This script can be used to install Vault and its dependencies. This script has been tested with Ubuntu 16.04."
   echo
   echo "Options:"
   echo
@@ -85,10 +84,6 @@ function create_supervisor_config {
   sudo cp "$SCRIPT_DIR/supervisord.conf" "$SUPERVISOR_DIR/supervisord.conf"
 }
 
-function has_yum {
-  [[ -n "$(command -v yum)" ]]
-}
-
 function has_apt_get {
   [[ -n "$(command -v apt-get)" ]]
 }
@@ -98,14 +93,10 @@ function install_dependencies {
 
   if $(has_apt_get); then
     sudo apt-get update -y
-    sudo apt-get install -y awscli curl unzip jq
+    sudo apt-get install -y curl unzip jq
     install_supervisord_debian
-  elif $(has_yum); then
-    sudo yum update -y
-    sudo yum install -y aws curl unzip jq
-    install_supervisord_amazon_linux
   else
-    log_error "Could not find apt-get or yum. Cannot install dependencies on this OS."
+    log_error "Could not find apt-get. Cannot install dependencies on this OS."
     exit 1
   fi
 }

diff --git a/modules/private-tls-cert/vars.tf → modules/private-tls-cert/variables.tf b/modules/private-tls-cert/vars.tf → modules/private-tls-cert/variables.tf
diff --git a/modules/run-nginx/run-nginx b/modules/run-nginx/run-nginx
@@ -1,5 +1,6 @@
 #!/bin/bash
-# This script is used to configure and run nginx as a simple HTTP proxy server.
+# This script is used to configure and run nginx as a simple HTTP proxy server with process supervision provided by
+# supervisord. Nginx will be configured to forward all inbound requests to the --proxy-pass-url option.
 
 set -e
 

diff --git a/modules/vault-cluster/main.tf b/modules/vault-cluster/main.tf
@@ -1,6 +1,7 @@
 # ---------------------------------------------------------------------------------------------------------------------
 # THESE TEMPLATES REQUIRE TERRAFORM VERSION 0.10.3 AND ABOVE
-# Why? Because we want the latest GCP updates available in https://github.com/terraform-providers/terraform-provider-google
+# This way we can take advantage of Terraform GCP functionality as a separate provider via
+# https://github.com/terraform-providers/terraform-provider-google
 # ---------------------------------------------------------------------------------------------------------------------
 
 terraform {
@@ -217,8 +218,8 @@ resource "google_storage_bucket" "vault_storage_backend" {
   force_destroy = "${var.gcs_bucket_force_destroy}"
 }
 
-# ACLs are now deprecated as a way to secure a GCS Bucket (https://goo.gl/PgDCYb0), the Terraform Google Provider does
-# not yet expose a way to attach an IAM Policy to a Google Bucket so we resort to using the Bucket ACL in case users
+# ACLs are now deprecated as a way to secure a GCS Bucket (https://goo.gl/PgDCYb0), however the Terraform Google Provider
+# does not yet expose a way to attach an IAM Policy to a Google Bucket so we resort to using the Bucket ACL in case users
 # of this module wish to limit Bucket permissions via Terraform.
 resource "google_storage_bucket_acl" "vault_storage_backend" {
   bucket = "${google_storage_bucket.vault_storage_backend.name}"

diff --git a/modules/vault-cluster/vars.tf → modules/vault-cluster/variables.tf b/modules/vault-cluster/vars.tf → modules/vault-cluster/variables.tf
diff --git a/modules/vault-lb-fr/main.tf b/modules/vault-lb-fr/main.tf
@@ -1,6 +1,7 @@
 # ---------------------------------------------------------------------------------------------------------------------
 # THESE TEMPLATES REQUIRE TERRAFORM VERSION 0.10.3 AND ABOVE
-# Why? Because we want the latest GCP updates available in https://github.com/terraform-providers/terraform-provider-google
+# This way we can take advantage of Terraform GCP functionality as a separate provider via
+# https://github.com/terraform-providers/terraform-provider-google
 # ---------------------------------------------------------------------------------------------------------------------
 
 terraform {

diff --git a/test/README.md b/test/README.md
@@ -1,5 +1,6 @@
 # Tests
 
-Placeholder for running tests
+"No amount of testing can prove a software right, a single test can prove a software wrong."
+- Amir Ghahrai
 
-  
+Let's add testing as soon as possible.