添加10 分钟搭建微信、支付宝小程序的terraform模板

Author: wbw2048

solution/tech-solution/develop-your-wechat-mini-program-in-10-minutes/README.md

@@ -0,0 +1,58 @@
+## Introduction
+
+<!-- DOCS_DESCRIPTION_CN -->
+本示例用于实现解决方案[10 分钟搭建微信、支付宝小程序](https://www.aliyun.com/solution/tech-solution/develop-your-wechat-mini-program-in-10-minutes), 涉及到专有网络（VPC）、交换机（VSwitch）、云服务器（ECS）、云数据库（RDS MySQL） 等资源的创建。
+<!-- DOCS_DESCRIPTION_CN -->
+
+<!-- DOCS_DESCRIPTION_EN -->
+This example demonstrates the implementation of the solution [Develop your weChat mini program in 10 minutes](https://www.aliyun.com/solution/tech-solution/develop-your-wechat-mini-program-in-10-minutes). It involves the creation, and deployment of resources such as Virtual Private Cloud (VPC), VSwitch, Elastic Compute Service (ECS), and ApsaraDB RDS for MySQL.
+<!-- DOCS_DESCRIPTION_EN -->
+
+<!-- BEGIN_TF_DOCS -->
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_alicloud"></a> [alicloud](#provider\_alicloud) | n/a |
+| <a name="provider_random"></a> [random](#provider\_random) | n/a |
+
+## Modules
+
+No modules.
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [alicloud_db_account.rds_account](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_account) | resource |
+| [alicloud_db_account_privilege.rds_account_privilege](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_account_privilege) | resource |
+| [alicloud_db_database.rds_database](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_database) | resource |
+| [alicloud_db_instance.rds_db_instance](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/db_instance) | resource |
+| [alicloud_ecs_command.run_command](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ecs_command) | resource |
+| [alicloud_ecs_invocation.run_command](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/ecs_invocation) | resource |
+| [alicloud_instance.ecs_instance](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/instance) | resource |
+| [alicloud_security_group.security_group](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group) | resource |
+| [alicloud_security_group_rule.http](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_security_group_rule.https](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/security_group_rule) | resource |
+| [alicloud_vpc.vpc](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vpc) | resource |
+| [alicloud_vswitch.vswitch](https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/vswitch) | resource |
+| [random_id.suffix](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_db_instance_class"></a> [db\_instance\_class](#input\_db\_instance\_class) | 请输入RDS实例规格（例如：mysql.n2m.medium.2c）。根据您的数据库负载选择合适的规格。 | `string` | `"mysql.n2m.medium.2c"` | no |
+| <a name="input_db_name"></a> [db\_name](#input\_db\_name) | 请输入数据库名称（由小写字母、数字及特殊字符 -\_ 组成，以字母开头，字母或数字结尾，最多64个字符）。 | `string` | `"wordpress"` | no |
+| <a name="input_db_password"></a> [db\_password](#input\_db\_password) | 请输入RDS数据库密码。密码长度为8-32位，需包含大写字母、小写字母、数字和特殊字符（如：!@#$%^&*()\_+-=）。如果在本教程中重复配置，请确保 MySQL 数据库密码与模板首次执行时设置的密码完全相同，否则配置结果不可用。 | `string` | n/a | yes |
+| <a name="input_db_user"></a> [db\_user](#input\_db\_user) | 请输入RDS数据库用户名（长度为2-16个字符，仅允许小写字母、数字和下划线，必须以字母开头，以字母或数字结尾）。 | `string` | `"dbuser"` | no |
+| <a name="input_ecs_instance_password"></a> [ecs\_instance\_password](#input\_ecs\_instance\_password) | 请输入服务器登录密码。密码长度为8-30位，必须包含大写字母、小写字母、数字和特殊字符（如：!@#$%^&*\_-+=\|{}[]:;'<>,.?/）。 | `string` | n/a | yes |
+| <a name="input_ecs_instance_type"></a> [ecs\_instance\_type](#input\_ecs\_instance\_type) | 请输入ECS实例类型（例如：ecs.e-c1m2.large）。请根据实际需求选择合适的实例规格。 | `string` | `"ecs.e-c1m2.large"` | no |
+| <a name="input_region_id"></a> [region\_id](#input\_region\_id) | 请输入地域ID（例如：cn-hangzhou）。 | `string` | `"cn-hangzhou"` | no |
+| <a name="input_vpc_cidr_block"></a> [vpc\_cidr\_block](#input\_vpc\_cidr\_block) | 请输入VPC的CIDR块（支持的值包括：192.168.0.0/16、172.16.0.0/12、10.0.0.0/8）。这是您的虚拟私有云的地址范围。 | `string` | `"192.168.0.0/16"` | no |
+| <a name="input_vswitch_cidr_block"></a> [vswitch\_cidr\_block](#input\_vswitch\_cidr\_block) | 请输入交换机的CIDR块（例如：192.168.0.0/24）。这是您虚拟交换机的地址范围。 | `string` | `"192.168.0.0/24"` | no |
+| <a name="input_word_press_password"></a> [word\_press\_password](#input\_word\_press\_password) | 请输入WordPress管理员密码。密码长度为8-32位，需包含大写字母、小写字母、数字和特殊字符（如：!@#$%^&*()\_+-=）。 | `string` | n/a | yes |
+| <a name="input_word_press_user_email"></a> [word\_press\_user\_email](#input\_word\_press\_user\_email) | 请输入WordPress管理员邮箱（用于系统通知和找回密码）。 | `string` | `"admin@example.com"` | no |
+| <a name="input_word_press_user_name"></a> [word\_press\_user\_name](#input\_word\_press\_user\_name) | 请输入WordPress管理员用户名（建议使用独特的用户名以增强安全性）。 | `string` | `"admin"` | no |
+| <a name="input_zone_id"></a> [zone\_id](#input\_zone\_id) | 请输入可用区ID（例如：cn-hangzhou-k）。请确保该可用区支持您要创建的ECS资源规格。 | `string` | `"cn-hangzhou-k"` | no |
+<!-- END_TF_DOCS -->

solution/tech-solution/develop-your-wechat-mini-program-in-10-minutes/main.tf

@@ -0,0 +1,158 @@
+provider "alicloud" {
+  region = var.region_id
+}
+resource "random_id" "suffix" {
+  byte_length = 8
+}
+
+locals {
+  common_name = random_id.suffix.id
+}
+# VPC Resources
+resource "alicloud_vpc" "vpc" {
+  vpc_name   = "vpc"
+  cidr_block = var.vpc_cidr_block
+}
+
+resource "alicloud_vswitch" "vswitch" {
+  vpc_id       = alicloud_vpc.vpc.id
+  cidr_block   = var.vswitch_cidr_block
+  zone_id      = var.zone_id
+  vswitch_name = "vsw"
+}
+
+# Security Group
+resource "alicloud_security_group" "security_group" {
+  vpc_id              = alicloud_vpc.vpc.id
+  security_group_name = "sg"
+  security_group_type = "normal"
+}
+
+resource "alicloud_security_group_rule" "http" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  port_range        = "80/80"
+  cidr_ip           = "0.0.0.0/0"
+  security_group_id = alicloud_security_group.security_group.id
+}
+
+resource "alicloud_security_group_rule" "https" {
+  type              = "ingress"
+  ip_protocol       = "tcp"
+  port_range        = "22/22"
+  cidr_ip           = "0.0.0.0/0"
+  security_group_id = alicloud_security_group.security_group.id
+}
+
+# RDS Resources
+resource "alicloud_db_instance" "rds_db_instance" {
+  engine                   = "MySQL"
+  engine_version           = "8.0"
+  instance_type            = var.db_instance_class
+  instance_storage         = 50
+  db_instance_storage_type = "cloud_essd"
+  vswitch_id               = alicloud_vswitch.vswitch.id
+  zone_id                  = var.zone_id
+  security_group_ids       = [alicloud_security_group.security_group.id]
+}
+
+resource "alicloud_db_database" "rds_database" {
+  instance_id   = alicloud_db_instance.rds_db_instance.id
+  name          = var.db_name
+  character_set = "utf8mb4"
+}
+
+resource "alicloud_db_account" "rds_account" {
+  db_instance_id   = alicloud_db_instance.rds_db_instance.id
+  account_name     = var.db_user
+  account_type     = "Normal"
+  account_password = var.db_password
+}
+
+resource "alicloud_db_account_privilege" "rds_account_privilege" {
+  instance_id  = alicloud_db_instance.rds_db_instance.id
+  account_name = alicloud_db_account.rds_account.account_name
+  db_names     = alicloud_db_database.rds_database.*.name
+  privilege    = "ReadWrite"
+}
+
+# ECS Resources
+resource "alicloud_instance" "ecs_instance" {
+  instance_name              = "ecs-${local.common_name}"
+  system_disk_category       = "cloud_essd"
+  image_id                   = "centos_7_9_x64_20G_alibase_20240628.vhd"
+  vswitch_id                 = alicloud_vswitch.vswitch.id
+  password                   = var.ecs_instance_password
+  instance_type              = var.ecs_instance_type
+  internet_max_bandwidth_out = 5
+  security_groups            = [alicloud_security_group.security_group.id]
+}
+resource "alicloud_ecs_command" "run_command" {
+  name = "commond-install"
+  command_content = base64encode(<<OUTER_EOF
+#!/bin/bash
+cat << INNER_EOF >> ~/.bash_profile
+export DB_NAME=${var.db_name}
+export DB_USERNAME=${var.db_user}
+export DB_PASSWORD=${var.db_password}
+export DB_CONNECTION=${alicloud_db_instance.rds_db_instance.connection_string}
+export ROS_DEPLOY=true
+INNER_EOF
+
+source ~/.bash_profile
+
+curl -fsSL https://static-aliyun-doc.oss-cn-hangzhou.aliyuncs.com/install-script/develop-your-wechat-mini-program-in-10-minutes/install.sh|bash
+
+## 调整db连接配置
+sed -i 's/localhost/${alicloud_db_instance.rds_db_instance.connection_string}/' /var/www/html/wp-config.php
+sed -i 's/username_here/${var.db_user}/' /var/www/html/wp-config.php
+sed -i 's/password_here/${var.db_password}/' /var/www/html/wp-config.php
+sed -i 's/database_name_here/${var.db_name}/' /var/www/html/wp-config.php
+
+cd /var/www/html
+sudo cat << INNER_EOF > .htaccess
+# BEGIN WordPress
+<IfModule mod_rewrite.c>
+RewriteEngine On
+RewriteCond \%\{HTTP:Authorization\} ^(.*)
+RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
+RewriteBase /
+RewriteRule ^index\.php$ - [L]
+RewriteCond \%\{REQUEST_FILENAME\} !-f
+RewriteCond \%\{REQUEST_FILENAME\} !-d
+RewriteRule . /index.php [L]
+</IfModule>
+# END WordPress
+INNER_EOF
+sed -i 's/AllowOverride None/AllowOverride All/g' /etc/httpd/conf/httpd.conf
+
+wget https://downloads.wordpress.org/plugin/jwt-authentication-for-wp-rest-api.zip
+yum -y install unzip
+unzip jwt-authentication-for-wp-rest-api.zip -d jwt-authentication-for-wp-rest-api
+cp -r ./jwt-authentication-for-wp-rest-api/jwt-authentication-for-wp-rest-api /var/www/html/wp-content/plugins
+rm -rf jwt-authentication-for-wp-rest-api.zip
+rm -rf jwt-authentication-for-wp-rest-api
+wget https://gitee.com/qin-yangming/open-tools/raw/master/wp-cli.phar
+chmod +x wp-cli.phar
+mv wp-cli.phar /usr/local/bin/wp
+
+SECRET_KEY=$(openssl rand -base64 32) && sed -i "/Database settings/i define('JWT_AUTH_SECRET_KEY', '$SECRET_KEY');\ndefine('JWT_AUTH_CORS_ENABLE', true);\n" /var/www/html/wp-config.php
+sed -i 's/\r$//' /var/www/html/wp-config.php
+wp core install --url=${alicloud_instance.ecs_instance.public_ip} --title="Hello World" --admin_user=${var.word_press_user_name} --admin_password=${var.word_press_password} --admin_email=${var.word_press_user_email} --skip-email --allow-root
+
+wp plugin activate jwt-authentication-for-wp-rest-api --allow-root --path=/var/www/html
+
+systemctl restart httpd
+OUTER_EOF
+  )
+  working_dir = "/root"
+  type        = "RunShellScript"
+  timeout     = 3600
+}
+resource "alicloud_ecs_invocation" "run_command" {
+  instance_id = [alicloud_instance.ecs_instance.id]
+  command_id  = alicloud_ecs_command.run_command.id
+  timeouts {
+    create = "10m"
+  }
+}

solution/tech-solution/develop-your-wechat-mini-program-in-10-minutes/output.tf

@@ -0,0 +1,5 @@
+# Outputs
+output "wordpress_url" {
+  description = "Wordpress 博客访问地址。"
+  value       = "http://${alicloud_instance.ecs_instance.public_ip}/wp-admin"
+}

solution/tech-solution/develop-your-wechat-mini-program-in-10-minutes/variable.tf

@@ -0,0 +1,81 @@
+# Parameters
+variable "region_id" {
+  description = "请输入地域ID（例如：cn-hangzhou）。"
+  default     = "cn-hangzhou"
+}
+
+variable "zone_id" {
+  type        = string
+  description = "请输入可用区ID（例如：cn-hangzhou-k）。请确保该可用区支持您要创建的ECS资源规格。"
+  default     = "cn-hangzhou-k"
+}
+
+variable "vpc_cidr_block" {
+  description = "请输入VPC的CIDR块（支持的值包括：192.168.0.0/16、172.16.0.0/12、10.0.0.0/8）。这是您的虚拟私有云的地址范围。"
+  default     = "192.168.0.0/16"
+  validation {
+    condition     = contains(["192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8"], var.vpc_cidr_block)
+    error_message = "无效的VPC CIDR块，请检查并重新输入。"
+  }
+}
+
+variable "vswitch_cidr_block" {
+  description = "请输入交换机的CIDR块（例如：192.168.0.0/24）。这是您虚拟交换机的地址范围。"
+  default     = "192.168.0.0/24"
+}
+
+variable "ecs_instance_type" {
+  description = "请输入ECS实例类型（例如：ecs.e-c1m2.large）。请根据实际需求选择合适的实例规格。"
+  default     = "ecs.e-c1m2.large"
+}
+
+variable "ecs_instance_password" {
+  description = "请输入服务器登录密码。密码长度为8-30位，必须包含大写字母、小写字母、数字和特殊字符（如：!@#$%^&*_-+=|{}[]:;'<>,.?/）。"
+  type        = string
+  sensitive   = true
+}
+
+variable "db_instance_class" {
+  description = "请输入RDS实例规格（例如：mysql.n2m.medium.2c）。根据您的数据库负载选择合适的规格。"
+  default     = "mysql.n2m.medium.2c"
+}
+
+variable "db_name" {
+  description = "请输入数据库名称（由小写字母、数字及特殊字符 -_ 组成，以字母开头，字母或数字结尾，最多64个字符）。"
+  default     = "wordpress"
+  validation {
+    condition     = regex("^[a-z][a-z0-9-_]{0,62}[a-z0-9]$", var.db_name) != ""
+    error_message = "数据库名称格式不正确。名称应由小写字母、数字及特殊字符 -_ 组成，以字母开头，字母或数字结尾，最多64个字符。"
+  }
+}
+
+variable "db_user" {
+  description = "请输入RDS数据库用户名（长度为2-16个字符，仅允许小写字母、数字和下划线，必须以字母开头，以字母或数字结尾）。"
+  default     = "dbuser"
+  validation {
+    condition     = regex("^[a-z][a-z0-9_]{1,15}$", var.db_user) != ""
+    error_message = "用户名格式不正确。用户名长度应为2-16个字符，仅允许小写字母、数字和下划线，必须以字母开头，以字母或数字结尾。"
+  }
+}
+
+variable "db_password" {
+  description = "请输入RDS数据库密码。密码长度为8-32位，需包含大写字母、小写字母、数字和特殊字符（如：!@#$%^&*()_+-=）。如果在本教程中重复配置，请确保 MySQL 数据库密码与模板首次执行时设置的密码完全相同，否则配置结果不可用。"
+  type        = string
+  sensitive   = true
+}
+
+variable "word_press_user_name" {
+  description = "请输入WordPress管理员用户名（建议使用独特的用户名以增强安全性）。"
+  default     = "admin"
+}
+
+variable "word_press_password" {
+  description = "请输入WordPress管理员密码。密码长度为8-32位，需包含大写字母、小写字母、数字和特殊字符（如：!@#$%^&*()_+-=）。"
+  type        = string
+  sensitive   = true
+}
+
+variable "word_press_user_email" {
+  description = "请输入WordPress管理员邮箱（用于系统通知和找回密码）。"
+  default     = "admin@example.com"
+}