Deploy a Camus server on DigitalOcean using Terraform.
This Terraform module creates a fully-configured Camus deployment on DigitalOcean. It creates a DigitalOcean droplet, configures networking and firewall rules, creates a DNS record for the desired domain, obtains an SSL certificate via Let's Encrypt, and installs Camus, Coturn, and Nginx on the droplet.
- You have a DigitalOcean account.
- You have a domain (or subdomain) for your Camus instance.
- You've configured your domain registrar to use DigitalOcean's domain servers for your domain.
- You have the Terraform CLI installed.
Clone this repo:
$ git clone https://github.com/mrgnr/terraform-camus.git
Initialize Terraform modules & plugins:
$ cd terraform-camus && terraform init
Inside the cloned repo, create a file called my-vars.tfvars. This file will
contain your settings for the deployment. There are four variables that you
must set: do_token, domain, certificate_email, and ssh_key_fingerprint.
See the module inputs documentation below for a list of all
variables.
An example my-vars.tfvars would be:
# Required
do_token = "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
domain = "camus.example.com"
certificate_email = "[email protected]"
ssh_key_fingerprint = "00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff"
# Optional
region = "tor1"
droplet_monitoring = true
Create a plan by running Terraform from the project root:
$ terraform plan -var-file my-vars.tfvars -out plan
Once you've checked the plan to make sure that it doesn't contain any unintentional changes, apply the plan to create your deployment:
$ terraform apply plan
If the previous command ran successfully, you should have a Camus instance running within a few minutes. (Note that it may take several hours for DNS records to propagate.)
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| do_token | Your Digital Ocean API token. | string |
Yes | |
| domain | The domain for your site. | string |
Yes | |
| certificate_email | The email address for the SSL certificate. | string |
Yes | |
| ssh_key_fingerprint | The fingerprint of the SSH key to add to the droplet. | string |
Yes | |
| region | The region where the droplet is deployed. | string |
"fra1" |
No |
| droplet_size | The size of the droplet. | string |
"s-1vcpu-1gb" |
No |
| droplet_image | The OS image for the droplet. | string |
"ubuntu-20-04-x64" |
No |
| droplet_backups | Whether to enable backups on the droplet. | bool |
false |
No |
| droplet_monitoring | Whether to enable monitoring on the droplet. | bool |
false |
No |
| droplet_ipv6 | Whether to enable IPv6 on the droplet. | bool |
false |
No |
| project_environment | The deployment environment for the project. | string |
"Production" |
No |
| acme_url | The URL of the ACME server used to obtain an SSL certificate. | string |
"https://acme-v02.api.letsencrypt.org/directory" |
No |
| coturn_enabled | Whether to install and configure a Coturn TURN server on the droplet. | bool |
true |
No |
| coturn_listen_port | The port to listen on for establishing new TURN connections. | number |
3478 |
No |
| coturn_min_port | The beginning of the port range to use for TURN connections. | number |
10000 |
No |
| coturn_max_port | The end of the port range to use for TURN connections. | number |
20000 |
No |
| database_url | A URL identifying the database to be used. If not given, a local SQLite database is used. | string |
"" | No |
| secret_key | The secret key used by the Camus server for user sessions and cookie signing. If not given, a random key is automatically generated. | string |
"" | No |
| stun_host | The hostname or IP address of the STUN server to use for connecting clients. | string |
"" |
No |
| stun_port | The port of the STUN server to use for connecting clients. | number |
19302 |
No |
| twilio_account_sid | A Twilio account SID. | string |
"" |
No |
| twilio_auth_token | A Twilio account auth token or API key secret. | string |
"" |
No |
| twilio_key_sid | A Twilio API key SID. | string |
"" |
No |
| Name | Description |
|---|---|
| droplet_name | The name of the Droplet. |
| droplet_id | The ID of the Droplet. |
| droplet_urn | The uniform resource name of the Droplet. |
| droplet_ipv4_address | The IPv4 address of the Droplet. |
| droplet_ipv6_address | The IPv6 address of the Droplet. |
| url | The website URL. |
You can call this module from other Terraform code, e.g.:
module "camus" {
source = "github.com/mrgnr/terraform-camus"
do_token = "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef"
domain = "camus.example.com"
certificate_email = "[email protected]"
ssh_key_fingerprint = "00:11:22:33:44:55:66:77:88:99:aa:bb:cc:dd:ee:ff"
region = "sgp1"
droplet_size = "s-1vcpu-2gb"
droplet_image = "debian-10-x64"
}
The following droplet images are supported:
debian-10-x64ubuntu-20-04-x64ubuntu-18-04-x64centos-8-x64centos-7-x64