Add Terraform configuration for OpenVidu deployment on GCP

Changed structure to be more consistant with the terraform standard and removed some resources to try

Refactor terraform main file to be more alike with aws and azure scripts and fixed some things that were wrong in the install script. Changed variables.tf and output.tf as needed

Refactor firewall rules and streamline user data scripts for OpenVidu deployment on GCP

added Elastic deployment for GCP and changed default values of instance type in Single Node and Single Node PRO

openvidu-deployment_ gcp - changed output.tf in all deployments to output the link to secret manager; changed the name of the instance resource of openvidu single node pro; fixed some things that were broken in elastic terraform file and adjusted times for the lambda and the cronjob

openvidu-deployment/community/singlenode/gcp/output.tf

@@ -1,13 +1,5 @@
 # ------------------------- outputs.tf -------------------------
 
-output "openvidu_instance_name" {
-  value = google_compute_instance.openvidu_server.name
-}
-
-output "openvidu_public_ip" {
-  value = length(google_compute_address.public_ip_address) > 0 ? google_compute_address.public_ip_address[0].address : google_compute_instance.openvidu_server.network_interface[0].access_config[0].nat_ip
-}
-
-output "appdata_bucket" {
-  value = local.isEmpty ? google_storage_bucket.bucket[0].name : var.bucketName
+output "secrets_manager" {
+  value = "https://console.cloud.google.com/security/secret-manager?project=${var.projectId}"
 }

openvidu-deployment/community/singlenode/gcp/tf-gpc-openvidu-singlenode.tf

@@ -8,6 +8,24 @@ resource "google_project_service" "cloudresourcemanager_api" { service = "cloudr
 
 resource "random_id" "bucket_suffix" { byte_length = 3 }
 
+
+# Secret Manager secrets for OpenVidu deployment information
+resource "google_secret_manager_secret" "openvidu_shared_info" {
+  for_each = toset([
+    "OPENVIDU_URL", "MEET_INITIAL_ADMIN_USER", "MEET_INITIAL_ADMIN_PASSWORD",
+    "MEET_INITIAL_API_KEY", "LIVEKIT_URL", "LIVEKIT_API_KEY", "LIVEKIT_API_SECRET",
+    "DASHBOARD_URL", "GRAFANA_URL", "MINIO_URL", "DOMAIN_NAME", "LIVEKIT_TURN_DOMAIN_NAME",
+    "REDIS_PASSWORD", "MONGO_ADMIN_USERNAME", "MONGO_ADMIN_PASSWORD", "MONGO_REPLICA_SET_KEY",
+    "MINIO_ACCESS_KEY", "MINIO_SECRET_KEY", "DASHBOARD_ADMIN_USERNAME", "DASHBOARD_ADMIN_PASSWORD",
+    "GRAFANA_ADMIN_USERNAME", "GRAFANA_ADMIN_PASSWORD", "ENABLED_MODULES"
+  ])
+
+  secret_id = each.key
+  replication {
+    auto {}
+  }
+}
+
 # GCS bucket
 resource "google_storage_bucket" "bucket" {
   count                       = 1
@@ -149,31 +167,6 @@ get_meta() { curl -s -H "Metadata-Flavor: Google" "$${METADATA_URL}/$1"; }
 # Create counter file for tracking script executions
 echo 1 > /usr/local/bin/openvidu_install_counter.txt
 
-# Create all the secrets
-gcloud secrets create OPENVIDU_URL --replication-policy=automatic || true
-gcloud secrets create MEET_INITIAL_ADMIN_USER --replication-policy=automatic || true
-gcloud secrets create MEET_INITIAL_ADMIN_PASSWORD --replication-policy=automatic || true
-gcloud secrets create MEET_INITIAL_API_KEY --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_URL --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_API_KEY --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_API_SECRET --replication-policy=automatic || true
-gcloud secrets create DASHBOARD_URL --replication-policy=automatic || true
-gcloud secrets create GRAFANA_URL --replication-policy=automatic || true
-gcloud secrets create MINIO_URL --replication-policy=automatic || true
-gcloud secrets create DOMAIN_NAME --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_TURN_DOMAIN_NAME --replication-policy=automatic || true
-gcloud secrets create REDIS_PASSWORD --replication-policy=automatic || true
-gcloud secrets create MONGO_ADMIN_USERNAME --replication-policy=automatic || true 
-gcloud secrets create MONGO_ADMIN_PASSWORD --replication-policy=automatic || true 
-gcloud secrets create MONGO_REPLICA_SET_KEY --replication-policy=automatic || true
-gcloud secrets create MINIO_ACCESS_KEY --replication-policy=automatic || true
-gcloud secrets create MINIO_SECRET_KEY --replication-policy=automatic || true
-gcloud secrets create DASHBOARD_ADMIN_USERNAME --replication-policy=automatic || true
-gcloud secrets create DASHBOARD_ADMIN_PASSWORD --replication-policy=automatic || true
-gcloud secrets create GRAFANA_ADMIN_USERNAME --replication-policy=automatic || true
-gcloud secrets create GRAFANA_ADMIN_PASSWORD --replication-policy=automatic || true
-gcloud secrets create ENABLED_MODULES --replication-policy=automatic || true
-
 # Configure domain
 if [[ "${var.domainName}" == "" ]]; then
   [ ! -d "/usr/share/openvidu" ] && mkdir -p /usr/share/openvidu

openvidu-deployment/community/singlenode/gcp/variables.tf

@@ -88,7 +88,7 @@ variable "initialMeetApiKey" {
 variable "instanceType" {
   description = "Specifies the GCE machine type for your OpenVidu instance"
   type        = string
-  default     = "e2-standard-8"
+  default     = "e2-standard-2"
   validation {
     condition     = can(regex("^(e2-(micro|small|medium|standard-[2-9]|standard-1[0-6]|highmem-[2-9]|highmem-1[0-6]|highcpu-[2-9]|highcpu-1[0-6])|n1-(standard-[1-9]|standard-[1-9][0-9]|highmem-[2-9]|highmem-[1-9][0-9]|highcpu-[1-9]|highcpu-[1-9][0-9])|n2-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-2][0-8]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-2][0-8]|highcpu-[1-9][0-9]|highcpu-1[0-2][0-8])|n2d-(standard-[2-9]|standard-[1-9][0-9]|standard-2[0-2][0-4]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-9[0-6]|highcpu-[1-9][0-9]|highcpu-2[0-2][0-4])|c2-(standard-[4-9]|standard-[1-5][0-9]|standard-60)|c2d-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-1][0-2]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-1][0-2]|highcpu-[1-9][0-9]|highcpu-1[0-1][0-2])|m1-(ultramem-[4-9][0-9]|ultramem-160)|m2-(ultramem-208|ultramem-416|megamem-416)|m3-(ultramem-32|ultramem-64|ultramem-128|megamem-64|megamem-128)|a2-(standard-[1-9]|standard-[1-9][0-9]|standard-96|highmem-1g|ultramem-1g|megamem-1g)|a3-(standard-[1-9]|standard-[1-9][0-9]|standard-80|highmem-1g|megamem-1g)|g2-(standard-[4-9]|standard-[1-9][0-9]|standard-96)|t2d-(standard-[1-9]|standard-[1-9][0-9]|standard-60)|t2a-(standard-[1-9]|standard-[1-9][0-9]|standard-48)|h3-(standard-88)|f1-(micro)|t4g-(micro|small|medium|standard-[1-9]|standard-[1-9][0-9]))$", var.instanceType))
     error_message = "The instance type is not valid"
@@ -127,4 +127,4 @@ variable "turnOwnPrivateCertificate" {
   description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
   type        = string
   default     = ""
-}
+}

openvidu-deployment/pro/elastic/gcp/output.tf

@@ -0,0 +1,6 @@
+# ------------------------- outputs.tf -------------------------
+
+output "secrets_manager" {
+  value = "https://console.cloud.google.com/security/secret-manager?project=${var.projectId}"
+}
+

openvidu-deployment/pro/elastic/gcp/variables.tf

@@ -0,0 +1,180 @@
+# ------------------------- variables -------------------------
+
+# Variables used by the configuration
+variable "projectId" {
+  description = "GCP project id where the resourw es will be created."
+  type        = string
+}
+
+variable "region" {
+  description = "GCP region where resources will be created."
+  type        = string
+  default     = "europe-west2"
+}
+
+variable "zone" {
+  description = "GCP zone that some resources will use."
+  type        = string
+  default     = "europe-west2-b"
+}
+
+variable "stackName" {
+  description = "Stack name for OpenVidu deployment."
+  type        = string
+}
+
+variable "certificateType" {
+  description = "[selfsigned] Not recommended for production use. Just for testing purposes or development environments. You don't need a FQDN to use this option. [owncert] Valid for production environments. Use your own certificate. You need a FQDN to use this option. [letsencrypt] Valid for production environments. Can be used with or without a FQDN (if no FQDN is provided, a random sslip.io domain will be used)."
+  type        = string
+  default     = "letsencrypt"
+  validation {
+    condition     = contains(["selfsigned", "owncert", "letsencrypt"], var.certificateType)
+    error_message = "certificateType must be one of: selfsigned, owncert, letsencrypt"
+  }
+}
+
+variable "publicIpAddress" {
+  description = "Previously created Public IP address for the OpenVidu Deployment. Blank will generate a public IP."
+  type        = string
+  default     = ""
+  validation {
+    condition     = can(regex("^$|^([01]?\\d{1,2}|2[0-4]\\d|25[0-5])\\.([01]?\\d{1,2}|2[0-4]\\d|25[0-5])\\.([01]?\\d{1,2}|2[0-4]\\d|25[0-5])\\.([01]?\\d{1,2}|2[0-4]\\d|25[0-5])$", var.publicIpAddress))
+    error_message = "The Public Elastic IP does not have a valid IPv4 format"
+  }
+}
+
+variable "domainName" {
+  description = "Domain name for the OpenVidu Deployment."
+  type        = string
+  default     = ""
+  validation {
+    condition     = can(regex("^$|^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]$", var.domainName))
+    error_message = "The domain name does not have a valid domain name format"
+  }
+}
+
+variable "ownPublicCertificate" {
+  description = "If certificate type is 'owncert', this parameter will be used to specify the public certificate"
+  type        = string
+  default     = ""
+}
+
+variable "ownPrivateCertificate" {
+  description = "If certificate type is 'owncert', this parameter will be used to specify the private certificate"
+  type        = string
+  default     = ""
+}
+
+variable "initialMeetAdminPassword" {
+  description = "Initial password for the 'admin' user in OpenVidu Meet. If not provided, a random password will be generated."
+  type        = string
+  default     = ""
+  validation {
+    condition     = can(regex("^[A-Za-z0-9_-]*$", var.initialMeetAdminPassword))
+    error_message = "Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to generate a random password."
+  }
+}
+
+variable "initialMeetApiKey" {
+  description = "Initial API key for OpenVidu Meet. If not provided, no API key will be set and the user can set it later from Meet Console."
+  type        = string
+  default     = ""
+  validation {
+    condition     = can(regex("^[A-Za-z0-9_-]*$", var.initialMeetApiKey))
+    error_message = "Must contain only alphanumeric characters (A-Z, a-z, 0-9). Leave empty to not set an initial API key."
+  }
+}
+
+variable "masterNodeInstanceType" {
+  description = "Specifies the GCE machine type for your OpenVidu Master Node"
+  type        = string
+  default     = "e2-standard-2"
+  validation {
+    condition     = can(regex("^(e2-(micro|small|medium|standard-[2-9]|standard-1[0-6]|highmem-[2-9]|highmem-1[0-6]|highcpu-[2-9]|highcpu-1[0-6])|n1-(standard-[1-9]|standard-[1-9][0-9]|highmem-[2-9]|highmem-[1-9][0-9]|highcpu-[1-9]|highcpu-[1-9][0-9])|n2-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-2][0-8]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-2][0-8]|highcpu-[1-9][0-9]|highcpu-1[0-2][0-8])|n2d-(standard-[2-9]|standard-[1-9][0-9]|standard-2[0-2][0-4]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-9[0-6]|highcpu-[1-9][0-9]|highcpu-2[0-2][0-4])|c2-(standard-[4-9]|standard-[1-5][0-9]|standard-60)|c2d-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-1][0-2]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-1][0-2]|highcpu-[1-9][0-9]|highcpu-1[0-1][0-2])|m1-(ultramem-[4-9][0-9]|ultramem-160)|m2-(ultramem-208|ultramem-416|megamem-416)|m3-(ultramem-32|ultramem-64|ultramem-128|megamem-64|megamem-128)|a2-(standard-[1-9]|standard-[1-9][0-9]|standard-96|highmem-1g|ultramem-1g|megamem-1g)|a3-(standard-[1-9]|standard-[1-9][0-9]|standard-80|highmem-1g|megamem-1g)|g2-(standard-[4-9]|standard-[1-9][0-9]|standard-96)|t2d-(standard-[1-9]|standard-[1-9][0-9]|standard-60)|t2a-(standard-[1-9]|standard-[1-9][0-9]|standard-48)|h3-(standard-88)|f1-(micro)|t4g-(micro|small|medium|standard-[1-9]|standard-[1-9][0-9]))$", var.masterNodeInstanceType))
+    error_message = "The instance type is not valid"
+  }
+}
+
+variable "mediaNodeInstanceType" {
+  description = "Specifies the GCE machine type for your OpenVidu Media Nodes"
+  type        = string
+  default     = "e2-standard-2"
+  validation {
+    condition     = can(regex("^(e2-(micro|small|medium|standard-[2-9]|standard-1[0-6]|highmem-[2-9]|highmem-1[0-6]|highcpu-[2-9]|highcpu-1[0-6])|n1-(standard-[1-9]|standard-[1-9][0-9]|highmem-[2-9]|highmem-[1-9][0-9]|highcpu-[1-9]|highcpu-[1-9][0-9])|n2-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-2][0-8]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-2][0-8]|highcpu-[1-9][0-9]|highcpu-1[0-2][0-8])|n2d-(standard-[2-9]|standard-[1-9][0-9]|standard-2[0-2][0-4]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-9[0-6]|highcpu-[1-9][0-9]|highcpu-2[0-2][0-4])|c2-(standard-[4-9]|standard-[1-5][0-9]|standard-60)|c2d-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-1][0-2]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-1][0-2]|highcpu-[1-9][0-9]|highcpu-1[0-1][0-2])|m1-(ultramem-[4-9][0-9]|ultramem-160)|m2-(ultramem-208|ultramem-416|megamem-416)|m3-(ultramem-32|ultramem-64|ultramem-128|megamem-64|megamem-128)|a2-(standard-[1-9]|standard-[1-9][0-9]|standard-96|highmem-1g|ultramem-1g|megamem-1g)|a3-(standard-[1-9]|standard-[1-9][0-9]|standard-80|highmem-1g|megamem-1g)|g2-(standard-[4-9]|standard-[1-9][0-9]|standard-96)|t2d-(standard-[1-9]|standard-[1-9][0-9]|standard-60)|t2a-(standard-[1-9]|standard-[1-9][0-9]|standard-48)|h3-(standard-88)|f1-(micro)|t4g-(micro|small|medium|standard-[1-9]|standard-[1-9][0-9]))$", var.mediaNodeInstanceType))
+    error_message = "The instance type is not valid"
+  }
+}
+
+variable "initialNumberOfMediaNodes" {
+  description = "Number of initial media nodes to deploy"
+  type        = number
+  default     = 1
+}
+
+variable "minNumberOfMediaNodes" {
+  description = "Minimum number of media nodes to deploy"
+  type        = number
+  default     = 1
+}
+
+variable "maxNumberOfMediaNodes" {
+  description = "Maximum number of media nodes to deploy"
+  type        = number
+  default     = 2
+}
+
+variable "scaleTargetCPU" {
+  description = "Target CPU percentage to scale up or down"
+  type        = number
+  default     = 50
+}
+
+variable "bucketName" {
+  description = "Name of the GCS bucket to store data and recordings. If empty, a bucket will be created"
+  type        = string
+  default     = ""
+}
+
+variable "openviduLicense" {
+  description = "Visit https://openvidu.io/account"
+  type        = string
+  sensitive   = true
+}
+
+variable "rtcEngine" {
+  description = "RTCEngine media engine to use"
+  type        = string
+  default     = "pion"
+  validation {
+    condition     = contains(["pion", "mediasoup"], var.rtcEngine)
+    error_message = "rtcEngine must be one of: pion, mediasoup"
+  }
+}
+
+variable "additionalInstallFlags" {
+  description = "Additional optional flags to pass to the OpenVidu installer (comma-separated, e.g.,'--flag1=value, --flag2')."
+  type        = string
+  default     = ""
+  validation {
+    condition     = can(regex("^[A-Za-z0-9, =_.\\-]*$", var.additionalInstallFlags))
+    error_message = "Must be a comma-separated list of flags (for example, --flag=value, --bool-flag)."
+  }
+}
+
+variable "turnDomainName" {
+  description = "(Optional) Domain name for the TURN server with TLS. Only needed if your users are behind restrictive firewalls"
+  type        = string
+  default     = ""
+}
+
+variable "turnOwnPublicCertificate" {
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  type        = string
+  default     = ""
+}
+
+variable "turnOwnPrivateCertificate" {
+  description = "(Optional) This setting is applicable if the certificate type is set to 'owncert' and the TurnDomainName is specified."
+  type        = string
+  default     = ""
+}

openvidu-deployment/pro/elastic/gcp/versions.tf

@@ -0,0 +1,20 @@
+terraform {
+  required_version = ">= 1.5.0"
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = ">= 4.0"
+    }
+    random = {
+      source  = "hashicorp/random"
+      version = ">= 3.0"
+    }
+  }
+}
+
+provider "google" {
+  project = var.projectId
+  region  = var.region
+  zone    = var.zone
+}
+

openvidu-deployment/pro/singlenode/gcp/output.tf

@@ -1,13 +1,6 @@
 # ------------------------- outputs.tf -------------------------
 
-output "openvidu_instance_name" {
-  value = google_compute_instance.openvidu_server.name
+output "secrets_manager" {
+  value = "https://console.cloud.google.com/security/secret-manager?project=${var.projectId}"
 }
 
-output "openvidu_public_ip" {
-  value = length(google_compute_address.public_ip_address) > 0 ? google_compute_address.public_ip_address[0].address : google_compute_instance.openvidu_server.network_interface[0].access_config[0].nat_ip
-}
-
-output "appdata_bucket" {
-  value = local.isEmpty ? google_storage_bucket.bucket[0].name : var.bucketName
-}

openvidu-deployment/pro/singlenode/gcp/tf-gpc-openvidu-singlenode.tf

@@ -8,6 +8,24 @@ resource "google_project_service" "cloudresourcemanager_api" { service = "cloudr
 
 resource "random_id" "bucket_suffix" { byte_length = 3 }
 
+# Secret Manager secrets for OpenVidu deployment information
+resource "google_secret_manager_secret" "openvidu_shared_info" {
+  for_each = toset([
+    "OPENVIDU_URL", "MEET_INITIAL_ADMIN_USER", "MEET_INITIAL_ADMIN_PASSWORD",
+    "MEET_INITIAL_API_KEY", "LIVEKIT_URL", "LIVEKIT_API_KEY", "LIVEKIT_API_SECRET",
+    "DASHBOARD_URL", "GRAFANA_URL", "MINIO_URL", "DOMAIN_NAME", "LIVEKIT_TURN_DOMAIN_NAME",
+    "OPENVIDU_PRO_LICENSE", "OPENVIDU_RTC_ENGINE", "REDIS_PASSWORD", "MONGO_ADMIN_USERNAME",
+    "MONGO_ADMIN_PASSWORD", "MONGO_REPLICA_SET_KEY", "MINIO_ACCESS_KEY", "MINIO_SECRET_KEY",
+    "DASHBOARD_ADMIN_USERNAME", "DASHBOARD_ADMIN_PASSWORD", "GRAFANA_ADMIN_USERNAME",
+    "GRAFANA_ADMIN_PASSWORD", "ENABLED_MODULES"
+  ])
+
+  secret_id = each.key
+  replication {
+    auto {}
+  }
+}
+
 # GCS bucket
 resource "google_storage_bucket" "bucket" {
   count                       = 1
@@ -56,7 +74,7 @@ resource "google_compute_firewall" "firewall" {
   }
 
   source_ranges = ["0.0.0.0/0"]
-  target_tags   = [lower("${var.stackName}-vm-ce")]
+  target_tags   = [lower("${var.stackName}-vm-pro")]
 }
 
 # Create Public Ip address (if not provided)
@@ -68,11 +86,11 @@ resource "google_compute_address" "public_ip_address" {
 
 # Compute instance for OpenVidu
 resource "google_compute_instance" "openvidu_server" {
-  name         = lower("${var.stackName}-vm-ce")
+  name         = lower("${var.stackName}-vm-pro")
   machine_type = var.instanceType
   zone         = var.zone
 
-  tags = [lower("${var.stackName}-vm-ce")]
+  tags = [lower("${var.stackName}-vm-pro")]
 
   boot_disk {
     initialize_params {
@@ -149,33 +167,6 @@ get_meta() { curl -s -H "Metadata-Flavor: Google" "$${METADATA_URL}/$1"; }
 # Create counter file for tracking script executions
 echo 1 > /usr/local/bin/openvidu_install_counter.txt
 
-# Create all the secrets
-gcloud secrets create OPENVIDU_URL --replication-policy=automatic || true
-gcloud secrets create MEET_INITIAL_ADMIN_USER --replication-policy=automatic || true
-gcloud secrets create MEET_INITIAL_ADMIN_PASSWORD --replication-policy=automatic || true
-gcloud secrets create MEET_INITIAL_API_KEY --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_URL --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_API_KEY --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_API_SECRET --replication-policy=automatic || true
-gcloud secrets create DASHBOARD_URL --replication-policy=automatic || true
-gcloud secrets create GRAFANA_URL --replication-policy=automatic || true
-gcloud secrets create MINIO_URL --replication-policy=automatic || true
-gcloud secrets create DOMAIN_NAME --replication-policy=automatic || true
-gcloud secrets create LIVEKIT_TURN_DOMAIN_NAME --replication-policy=automatic || true
-gcloud secrets create OPENVIDU_PRO_LICENSE --replication-policy=automatic || true
-gcloud secrets create OPENVIDU_RTC_ENGINE --replication-policy=automatic || true
-gcloud secrets create REDIS_PASSWORD --replication-policy=automatic || true
-gcloud secrets create MONGO_ADMIN_USERNAME --replication-policy=automatic || true 
-gcloud secrets create MONGO_ADMIN_PASSWORD --replication-policy=automatic || true 
-gcloud secrets create MONGO_REPLICA_SET_KEY --replication-policy=automatic || true
-gcloud secrets create MINIO_ACCESS_KEY --replication-policy=automatic || true
-gcloud secrets create MINIO_SECRET_KEY --replication-policy=automatic || true
-gcloud secrets create DASHBOARD_ADMIN_USERNAME --replication-policy=automatic || true
-gcloud secrets create DASHBOARD_ADMIN_PASSWORD --replication-policy=automatic || true
-gcloud secrets create GRAFANA_ADMIN_USERNAME --replication-policy=automatic || true
-gcloud secrets create GRAFANA_ADMIN_PASSWORD --replication-policy=automatic || true
-gcloud secrets create ENABLED_MODULES --replication-policy=automatic || true
-
 # Configure domain
 if [[ "${var.domainName}" == "" ]]; then
   [ ! -d "/usr/share/openvidu" ] && mkdir -p /usr/share/openvidu

openvidu-deployment/pro/singlenode/gcp/variables.tf

@@ -88,7 +88,7 @@ variable "initialMeetApiKey" {
 variable "instanceType" {
   description = "Specifies the GCE machine type for your OpenVidu instance"
   type        = string
-  default     = "e2-standard-8"
+  default     = "e2-standard-2"
   validation {
     condition     = can(regex("^(e2-(micro|small|medium|standard-[2-9]|standard-1[0-6]|highmem-[2-9]|highmem-1[0-6]|highcpu-[2-9]|highcpu-1[0-6])|n1-(standard-[1-9]|standard-[1-9][0-9]|highmem-[2-9]|highmem-[1-9][0-9]|highcpu-[1-9]|highcpu-[1-9][0-9])|n2-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-2][0-8]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-2][0-8]|highcpu-[1-9][0-9]|highcpu-1[0-2][0-8])|n2d-(standard-[2-9]|standard-[1-9][0-9]|standard-2[0-2][0-4]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-9[0-6]|highcpu-[1-9][0-9]|highcpu-2[0-2][0-4])|c2-(standard-[4-9]|standard-[1-5][0-9]|standard-60)|c2d-(standard-[2-9]|standard-[1-9][0-9]|standard-1[0-1][0-2]|highmem-[2-9]|highmem-[1-9][0-9]|highmem-1[0-1][0-2]|highcpu-[1-9][0-9]|highcpu-1[0-1][0-2])|m1-(ultramem-[4-9][0-9]|ultramem-160)|m2-(ultramem-208|ultramem-416|megamem-416)|m3-(ultramem-32|ultramem-64|ultramem-128|megamem-64|megamem-128)|a2-(standard-[1-9]|standard-[1-9][0-9]|standard-96|highmem-1g|ultramem-1g|megamem-1g)|a3-(standard-[1-9]|standard-[1-9][0-9]|standard-80|highmem-1g|megamem-1g)|g2-(standard-[4-9]|standard-[1-9][0-9]|standard-96)|t2d-(standard-[1-9]|standard-[1-9][0-9]|standard-60)|t2a-(standard-[1-9]|standard-[1-9][0-9]|standard-48)|h3-(standard-88)|f1-(micro)|t4g-(micro|small|medium|standard-[1-9]|standard-[1-9][0-9]))$", var.instanceType))
     error_message = "The instance type is not valid"
@@ -101,6 +101,22 @@ variable "bucketName" {
   default     = ""
 }
 
+variable "openviduLicense" {
+  description = "Visit https://openvidu.io/account"
+  type        = string
+  sensitive   = true
+}
+
+variable "RTCEngine" {
+  description = "RTCEngine media engine to use. Allowed values are 'pion' and 'mediasoup'."
+  type        = string
+  default     = "pion"
+  validation {
+    condition     = contains(["pion", "mediasoup"], var.RTCEngine)
+    error_message = "RTCEngine must be one of: pion, mediasoup"
+  }
+}
+
 variable "additionalInstallFlags" {
   description = "Additional optional flags to pass to the OpenVidu installer (comma-separated, e.g.,'--flag1=value, --flag2')."
   type        = string
@@ -128,23 +144,3 @@ variable "turnOwnPrivateCertificate" {
   type        = string
   default     = ""
 }
-
-variable "openviduLicense" {
-  description = "Visit https://openvidu.io/account"
-  type        = string
-  validation {
-    condition     = can(regex("^(?!\\s*$).+$", var.openviduLicense))
-    error_message = "OpenVidu Pro License is mandatory."
-  }
-  sensitive = true
-}
-
-variable "RTCEngine" {
-  description = "RTCEngine media engine to use. Allowed values are 'pion' and 'mediasoup'."
-  type        = string
-  default     = "pion"
-  validation {
-    condition     = contains(["pion", "mediasoup"], var.RTCEngine)
-    error_message = "RTCEngine must be one of: pion, mediasoup"
-  }
-}