##################################################################################
# PROVIDERS
##################################################################################

provider "aws" {
  access_key = "<YOUR ACCESS KEY>"
  secret_key = "<YOUR SECRET KEY>"
  region     = "<YOUR REGION>"
}

##################################################################################
# DATA
##################################################################################

data "aws_ssm_parameter" "amzn2_linux" {
  name = "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"
}

##################################################################################
# RESOURCES
##################################################################################

# NETWORKING #
resource "aws_vpc" "demo_vpc" {
  cidr_block           = "10.0.0.0/16"
  enable_dns_hostnames = true
  tags = {
  	Name="demo_vpc"
  }

}

resource "aws_internet_gateway" "demo_vpc_igw" {
  vpc_id = aws_vpc.demo_vpc.id
  tags = {
    Name = "demo_vpc_igw"
  }
}

resource "aws_subnet" "public_subnet" {
  cidr_block              = "10.0.0.0/24"
  vpc_id                  = aws_vpc.demo_vpc.id
  map_public_ip_on_launch = true
  tags = {
    Name = "demo_pub_subnet_1"
  }
}

# ROUTING #
resource "aws_route_table" "demo_vpc_rt" {
  vpc_id = aws_vpc.demo_vpc.id

  route {
    cidr_block = "0.0.0.0/0"
    gateway_id = aws_internet_gateway.demo_vpc_igw.id
  }
  tags = {
    Name = "demo_vpc_rt"
  }
}

resource "aws_route_table_association" "app_subnet" {
  subnet_id      = aws_subnet.public_subnet.id
  route_table_id = aws_route_table.demo_vpc_rt.id
}

# SECURITY GROUPS #
# Nginx security group 
resource "aws_security_group" "nginx_sg" {
  name   = "nginx_sg"
  vpc_id = aws_vpc.demo_vpc.id

  # HTTP access from anywhere
  ingress {
    from_port   = 80
    to_port     = 80
    protocol    = "tcp"
    cidr_blocks = ["0.0.0.0/0"]
  }

  # outbound internet access
  egress {
    from_port   = 0
    to_port     = 0
    protocol    = "-1"
    cidr_blocks = ["0.0.0.0/0"]
  }
  tags = {
    Name = "demo_vpc_sg"
  }
}

# INSTANCES #
resource "aws_instance" "demo_ec2_nginx" {
  ami                    = nonsensitive(data.aws_ssm_parameter.amzn2_linux.value)
  instance_type          = "t2.micro"
  subnet_id              = aws_subnet.public_subnet.id
  vpc_security_group_ids = [aws_security_group.nginx_sg.id]
  tags = {
    Name = "demo_ec2_nginx"
  }

  user_data = <<EOF
#! /bin/bash
sudo amazon-linux-extras install -y nginx1
sudo service nginx start
sudo rm /usr/share/nginx/html/index.html
echo '<html><head><title>Taco Team Server</title></head><body style=\"background-color:#1F778D\"><p style=\"text-align: center;\"><span style=\"color:#FFFFFF;\"><span style=\"font-size:28px;\">You did it! Have a &#127790;</span></span></p></body></html>' | sudo tee /usr/share/nginx/html/index.html
EOF

}