282 lines
7.0 KiB
HCL
282 lines
7.0 KiB
HCL
variable "aws_region" {
|
|
description = "AWS region for the deployment."
|
|
type = string
|
|
default = "ca-central-1"
|
|
}
|
|
|
|
variable "project_name" {
|
|
description = "Logical name used to prefix created resources."
|
|
type = string
|
|
default = "documenso"
|
|
}
|
|
|
|
variable "domain_name" {
|
|
description = "Fully qualified domain name for the application."
|
|
type = string
|
|
default = "esignature.imex.online"
|
|
}
|
|
|
|
variable "hosted_zone_name" {
|
|
description = "Public Route53 hosted zone that contains the application hostname."
|
|
type = string
|
|
default = "imex.online"
|
|
}
|
|
|
|
variable "ses_identity_domain" {
|
|
description = "Domain to verify in SES. Defaults to the hosted zone when null."
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "documenso_image" {
|
|
description = "Container image for Documenso. Default keeps you on the latest published image."
|
|
type = string
|
|
default = "documenso/documenso:latest"
|
|
}
|
|
|
|
variable "app_port" {
|
|
description = "Container port exposed by Documenso."
|
|
type = number
|
|
default = 3000
|
|
}
|
|
|
|
variable "upload_bucket_name" {
|
|
description = "Optional S3 bucket name for Documenso uploads. If null, Terraform generates a globally unique name based on account and region."
|
|
type = string
|
|
default = null
|
|
}
|
|
|
|
variable "s3_versioning_enabled" {
|
|
description = "Enable S3 object versioning for uploaded documents."
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "document_size_upload_limit_mb" {
|
|
description = "Upload size limit shown in the Documenso UI, in MB."
|
|
type = number
|
|
default = 10
|
|
}
|
|
|
|
variable "vpc_cidr" {
|
|
description = "CIDR block used for the VPC."
|
|
type = string
|
|
default = "10.42.0.0/16"
|
|
}
|
|
|
|
variable "fargate_cpu" {
|
|
description = "Fargate CPU units for the task."
|
|
type = number
|
|
default = 512
|
|
}
|
|
|
|
variable "fargate_memory" {
|
|
description = "Fargate memory in MiB for the task."
|
|
type = number
|
|
default = 1024
|
|
}
|
|
|
|
variable "desired_count" {
|
|
description = "Initial number of running Documenso tasks."
|
|
type = number
|
|
default = 1
|
|
}
|
|
|
|
variable "min_count" {
|
|
description = "Minimum number of tasks for autoscaling."
|
|
type = number
|
|
default = 1
|
|
}
|
|
|
|
variable "max_count" {
|
|
description = "Maximum number of tasks for autoscaling."
|
|
type = number
|
|
default = 4
|
|
}
|
|
|
|
variable "cpu_target_utilization" {
|
|
description = "Target average CPU utilization for ECS autoscaling."
|
|
type = number
|
|
default = 65
|
|
}
|
|
|
|
variable "memory_target_utilization" {
|
|
description = "Target average memory utilization for ECS autoscaling."
|
|
type = number
|
|
default = 75
|
|
}
|
|
|
|
variable "postgres_major_version" {
|
|
description = "Preferred PostgreSQL major version. Terraform resolves the latest matching minor release supported by AWS."
|
|
type = string
|
|
default = "17"
|
|
}
|
|
|
|
variable "db_name" {
|
|
description = "Initial PostgreSQL database name."
|
|
type = string
|
|
default = "documenso"
|
|
}
|
|
|
|
variable "db_username" {
|
|
description = "Master PostgreSQL username for the application."
|
|
type = string
|
|
default = "documenso"
|
|
}
|
|
|
|
variable "db_instance_class" {
|
|
description = "RDS instance class. Graviton classes are usually the best cost/performance option for Postgres."
|
|
type = string
|
|
default = "db.t4g.small"
|
|
}
|
|
|
|
variable "db_allocated_storage" {
|
|
description = "Initial allocated storage in GiB."
|
|
type = number
|
|
default = 20
|
|
}
|
|
|
|
variable "db_max_allocated_storage" {
|
|
description = "Maximum autoscaled storage in GiB."
|
|
type = number
|
|
default = 100
|
|
}
|
|
|
|
variable "db_backup_retention_days" {
|
|
description = "How many days of automated backups to retain."
|
|
type = number
|
|
default = 7
|
|
}
|
|
|
|
variable "db_multi_az" {
|
|
description = "Enable Multi-AZ for higher database availability at higher cost."
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "db_deletion_protection" {
|
|
description = "Protect the database from accidental deletion."
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "db_final_snapshot_on_destroy" {
|
|
description = "Create a final snapshot if the database is destroyed."
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "disable_signup" {
|
|
description = "Disable public signup in Documenso."
|
|
type = bool
|
|
default = true
|
|
}
|
|
|
|
variable "allowed_signup_domains" {
|
|
description = "Optional comma-separated list of allowed email domains when signup is enabled."
|
|
type = string
|
|
default = ""
|
|
}
|
|
|
|
variable "smtp_port" {
|
|
description = "SES SMTP endpoint port."
|
|
type = number
|
|
default = 587
|
|
}
|
|
|
|
variable "smtp_secure" {
|
|
description = "Whether to use SMTPS. Keep false for SES on port 587 with STARTTLS."
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "smtp_unsafe_ignore_tls" {
|
|
description = "Whether the application should ignore TLS issues when sending mail."
|
|
type = bool
|
|
default = false
|
|
}
|
|
|
|
variable "smtp_username" {
|
|
description = "SES SMTP username."
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "smtp_password" {
|
|
description = "SES SMTP password."
|
|
type = string
|
|
sensitive = true
|
|
}
|
|
|
|
variable "smtp_from_name" {
|
|
description = "Display name used in outbound email."
|
|
type = string
|
|
default = "IMEX eSignature"
|
|
}
|
|
|
|
variable "smtp_from_address" {
|
|
description = "Verified sender email address for SES."
|
|
type = string
|
|
}
|
|
|
|
variable "signing_certificate_base64" {
|
|
description = "Base64-encoded PKCS#12 signing certificate contents for Documenso. Leave empty to omit certificate injection."
|
|
type = string
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
variable "signing_certificate_passphrase" {
|
|
description = "Passphrase for the Documenso signing certificate. Leave empty to omit it."
|
|
type = string
|
|
default = ""
|
|
sensitive = true
|
|
}
|
|
|
|
variable "tags" {
|
|
description = "Additional tags applied to all supported resources."
|
|
type = map(string)
|
|
default = {}
|
|
}
|
|
|
|
variable "waf_rate_limit" {
|
|
description = "Maximum requests per 5-minute window from a single IP before WAF blocks it."
|
|
type = number
|
|
default = 2000
|
|
}
|
|
|
|
variable "alarm_actions" {
|
|
description = "Optional list of SNS topic ARNs or other alarm actions to invoke when CloudWatch alarms fire."
|
|
type = list(string)
|
|
default = []
|
|
}
|
|
|
|
variable "alb_5xx_alarm_threshold" {
|
|
description = "Threshold for ALB 5xx count over a 5-minute period."
|
|
type = number
|
|
default = 10
|
|
}
|
|
|
|
variable "ecs_cpu_alarm_threshold" {
|
|
description = "Threshold for average ECS CPU utilization alarm."
|
|
type = number
|
|
default = 85
|
|
}
|
|
|
|
variable "ecs_memory_alarm_threshold" {
|
|
description = "Threshold for average ECS memory utilization alarm."
|
|
type = number
|
|
default = 85
|
|
}
|
|
|
|
variable "rds_cpu_alarm_threshold" {
|
|
description = "Threshold for average RDS CPU utilization alarm."
|
|
type = number
|
|
default = 80
|
|
}
|
|
|
|
variable "rds_free_storage_alarm_threshold_bytes" {
|
|
description = "Alarm threshold for low RDS free storage, in bytes."
|
|
type = number
|
|
default = 5368709120
|
|
} |