DigitalOcean Variables

Variables Guide#

It is recommended that you review both the Terraform Documentation and the Ansible Documentation regarding variables and how best to secure them. Terraform has multiple methods to pull and store variables such as Vault and Consul, while ansible has it's own local Vault system to encrypt variables and files. The Strapi Guru documentation does not cover these topics (except for the local Ansible Vault).

warning

It is up to you, the user, to secure your variables!

Terraform Variables#

Variables are set in the ./terraform/terraform.tfvars, there is an example file that you can copy and modify.

From template root
cp terraform/examples.tfvars terraform/terraform.tfvars
caution

Do not go below s-1vcpu-2gb for the Strapi instance or the Admin panel will not build!

info

The Database instance can be dropped to s-1vcpu-2gb to decrease cost, but it's not recommended.

caution

Backups cost an extra 20% of the hourly cost (can basically be calculated as 20% of monthly). Thus if you use the s-1vcpu-2gb plan at $10, backups cost $2, making the total Strapi server cost $12 per month.

Var NameTypeDefaultRequiredDescription
do_api_keystringnullYDO API Key
ssh_keystringnullYYour Public SSH Key
ssh_key_idstringnullYYour Public SSH Key ID
regionstringsfo2YDO Region ID
cloudflare_enabledbooleantrueYEnable Cloudflare (required)
cloudflare_emailstringnullYEmail used with Cloudflare
cloudflare_api_keystringnullYGlobal API Key
cloudflare_zone_idstringnullYYour Domain Zone ID
strapi_srv_domainstringnullYSubdomain prefix
instance_osstring387YOperating System ID from DO API
instance_tagstringstrapiNOptional tag to apply to instances
strapi_sizestrings-1vcpu-2gbYDO size for the Strapi Server
strapi_labelstringmy-strapi-srvYLabel for the Strapi Server
strapi_ipv6booleanfalseNEnable IPv6 for the Strapi Server
strapi_backupsbooleanfalseNEnable Strapi Server Backups
database_sizestrings-2vcpu-4gbYDO size for the Database Server
database_labelstringmy-strapi-dbYLabel for the Database Server
database_backupsbooleanfalseNEnable Database Backups

There are certain variables that are pulled from DO Public APIs:

Ansible Variables#

Alright off to the variables, there is a lot so good luck :)

warning

By default the Ansible configs will use the staging Let's Encrypt Server. These certs are not considered valid, when you are ready to move to production you should disable the acme_sh_default_staging variable. You can force a new cert generation by setting acme_sh_default_force_issue to true.

ONLY RUN THIS ONCE as true!

crypt_vars/all.yml#

Var NameTypeDefaultRequiredAutomated
See crypt_vars/all.yml fileVariousVariousVariousN

crypt_vars/database.yml#

Var NameTypeDefaultRequiredAutomated
strapi_db_passstringnullYN

crypt_vars/strapi.yml#

Var NameTypeDefaultRequiredAutomated
acme_sh_account_emailstringnullYN
acme_sh_default_dns_provider_api_keys.CF_KEYstringnullYN
acme_sh_default_dns_provider_api_keys.CF_EmailstringnullYN

group_vars/all.yml#

Var NameTypeDefaultRequiredAutomated
apt_dependenciesarrayVariousYY
apt_upgradestringdistYY
apt_autoremovebooleanyesYY

group_vars/database.yml#

Var NameTypeDefaultRequiredAutomated
mysql_packagesarrayVariousYY
mysql_bind_addressstring0.0.0.0YY
mysql_databasesobjectstrapi_db_nameYY
mysql_usersobjectstrapi_db_userYY

group_vars/strapi.yml#

info

You may need to scroll the table

Var NameTypeDefaultRequiredAutomated
nodejs_versionint14YY
application_dirstring/srv/deploy/{{ application_name }}YY
application_gitstringnullYN
acme_sh_become_userstringrootYY
acme_sh_git_urlstringhttps://github.com/acmesh-official/acme.shYY
acme_sh_git_versionstringmasterYY
acme_sh_upgradebooleantrueYY
acme_sh_list_domainsbooleantrueYY
acme_sh_default_debugbooleanfalseYY
acme_sh_default_dns_sleepint120YY
acme_sh_copy_certs_to_pathstring/etc/nginx/sslYY
acme_sh_default_dns_providerstringdns_cfYY
acme_sh_default_issue_renew_hookstringsudo systemctl reload nginxYY
acme_sh_domainsobjectapplication_urlYY
acme_sh_default_stagingbooleantrueYN
acme_sh_default_force_issuebooleanfalseYN
nginx_remove_default_vhostbooleantrueYY
nginx_client_max_body_sizestring256mYN
nginx_upstreamsobjectSee fileYY
nginx_vhostsobjectSee fileYY

tf_vars/tf_vars.yml#

info

These variables are automatically set by terraform and should not require any modification.

Var NameTypeDefaultRequiredAutomated
root_ssh_keystringBased on Terraform OutputYY
strapi_db_namestringBased on Terraform OutputYY
strapi_db_userstringBased on Terraform OutputYY
strapi_db_hoststringBased on Terraform OutputYY
application_namestringBased on Terraform OutputYY
application_urlstringBased on Terraform OutputYY