Last active
December 9, 2025 19:53
-
-
Save ElectroluxV2/dd83b8c4913782cc1a219ffd7dcf6cfd to your computer and use it in GitHub Desktop.
PJATK AWS EC2 VPN
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| locals { | |
| instance_type = "t4g.nano" | |
| instance_market_type = "spot" | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| data "aws_ami" "ubuntu_minimal" { | |
| most_recent = true | |
| owners = ["099720109477"] # Canonical's AWS account ID | |
| filter { | |
| name = "name" | |
| values = ["ubuntu-minimal/images/hvm-ssd-gp3/ubuntu-noble-24.04-arm64-minimal-*"] | |
| } | |
| filter { | |
| name = "architecture" | |
| values = ["arm64"] | |
| } | |
| } | |
| # Basic networking for internet access | |
| resource "aws_vpc" "this" { | |
| cidr_block = "10.0.0.0/16" | |
| enable_dns_support = true | |
| enable_dns_hostnames = true | |
| tags = { | |
| Name = "pjatk-ec2-vpc" | |
| } | |
| } | |
| resource "aws_internet_gateway" "this" { | |
| vpc_id = aws_vpc.this.id | |
| tags = { | |
| Name = "pjatk-ec2-igw" | |
| } | |
| } | |
| resource "aws_subnet" "public" { | |
| vpc_id = aws_vpc.this.id | |
| cidr_block = "10.0.1.0/24" | |
| map_public_ip_on_launch = true | |
| tags = { | |
| Name = "pjatk-ec2-public" | |
| } | |
| } | |
| resource "aws_route_table" "public" { | |
| vpc_id = aws_vpc.this.id | |
| route { | |
| cidr_block = "0.0.0.0/0" | |
| gateway_id = aws_internet_gateway.this.id | |
| } | |
| tags = { | |
| Name = "pjatk-ec2-public-rt" | |
| } | |
| } | |
| resource "aws_route_table_association" "public" { | |
| subnet_id = aws_subnet.public.id | |
| route_table_id = aws_route_table.public.id | |
| } | |
| resource "aws_security_group" "ssh" { | |
| name = "pjatk-ec2-ssh" | |
| description = "Allow SSH from anywhere, all egress" | |
| vpc_id = aws_vpc.this.id | |
| ingress { | |
| from_port = 22 | |
| to_port = 22 | |
| protocol = "tcp" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| # ingress { | |
| # from_port = 1194 | |
| # to_port = 1194 | |
| # protocol = "udp" | |
| # cidr_blocks = ["0.0.0.0/0"] | |
| # } | |
| egress { | |
| from_port = 0 | |
| to_port = 0 | |
| protocol = "-1" | |
| cidr_blocks = ["0.0.0.0/0"] | |
| } | |
| tags = { | |
| Name = "pjatk-ec2-ssh" | |
| } | |
| } | |
| resource "aws_key_pair" "this" { | |
| key_name = "pjatk-ec2-key" | |
| public_key = var.public_ssh_key | |
| } | |
| resource "aws_instance" "this" { | |
| ami = data.aws_ami.ubuntu_minimal.id | |
| instance_type = local.instance_type | |
| subnet_id = aws_subnet.public.id | |
| vpc_security_group_ids = [aws_security_group.ssh.id] | |
| associate_public_ip_address = true | |
| key_name = aws_key_pair.this.key_name | |
| root_block_device { | |
| volume_size = 10 | |
| volume_type = "gp3" | |
| } | |
| instance_market_options { | |
| market_type = local.instance_market_type | |
| } | |
| tags = { | |
| Name = "pjatk-ec2" | |
| } | |
| } | |
| output "instance_id" { | |
| value = aws_instance.this.id | |
| } | |
| output "public_ip" { | |
| value = aws_instance.this.public_ip | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public_ssh_key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYcHYoqYzNqLyX1CQdYSM0UpTicv64R6HKeMGfUVgDX [email protected]" | |
| region = "us-east-2" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| terraform { | |
| required_version = ">= 1.14" | |
| required_providers { | |
| aws = { | |
| source = "hashicorp/aws" | |
| version = "~> 6.23" | |
| } | |
| } | |
| } | |
| provider "aws" { | |
| region = var.region | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| variable "region" { | |
| description = "Where EC2 will be created in" | |
| type = string | |
| } | |
| variable "public_ssh_key" { | |
| description = "Public SSH key material to create an EC2 key pair (e.g., contents of ~/.ssh/id_rsa.pub)" | |
| type = string | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment