From 3b074a32e51b3a45b5174e34a0935d63f1f9a196 Mon Sep 17 00:00:00 2001 From: arunodhayamsam <108027-arunodhayamsam@users.noreply.framagit.org> Date: May 13 2022 10:26:10 +0000 Subject: Add lufi_startup.sh --- diff --git a/.provision/README.md b/.provision/README.md index ec3712f..5055111 100644 --- a/.provision/README.md +++ b/.provision/README.md @@ -4,4 +4,4 @@ An ansible role deploy the application on host machine(Ubuntu 20.04) ## terraform-aws-lufi -A terraform plan creates necessary AWS infrastructure and deploy the lufi. This terraform plan uses the above ansible roles `ansible-role-lufi` to configure the application on AWS. +A terraform plan creates necessary AWS infrastructure and deploy the lufi. This terraform plan uses the `lufi_startup.sh` script to deploy application on AWS and also uses above ansible roles `ansible-role-lufi` to configure the application on AWS. \ No newline at end of file diff --git a/.provision/terraform-aws-lufi/README.md b/.provision/terraform-aws-lufi/README.md index e3b9d26..c5a5161 100644 --- a/.provision/terraform-aws-lufi/README.md +++ b/.provision/terraform-aws-lufi/README.md @@ -16,3 +16,71 @@ | `aws_access_key` | AWSACCESSKEY | Enter your aws access key | | `aws_secrete_key` | AWSSECRETEKEY | Enter your aws secrete key | | `instance_name` | Lufi_app_instance | Set the name for instance | +| `app_dir` | /var/www/ | Set the application directory for the best practice | +| `lufi_owner` | www-data | Set the application user for the best practice | +| `lufi_group` | www-data | Set the application group for the best practice | +| `contact` | contact.example.com | Contact option (mandatory), where you have to put some way for the users to contact you. | +| `report` | report@example.com | report option (mandatory) Put an email address or an URL to let people report illegal files | + + +## Usage of terraform plan with lufi deploy script + +```sh +git clone https://framagit.org/fiat-tux/hat-softwares/lufi.git + +cd lufi/.provision/terraform-aws-lufi + +terraform init +terraform plan +terraform apply +``` +## Usage of terraform plan with ansible role + +- Comment out the below `data template` and `user_data` source in __main.tf__ file + +```hcl +locals { + user_data_vars = { + user = var.lufi_owner + group = var.lufi_group + directory = var.app_dir + git_branch = var.project_version + contact_lufi = var.contact + report_lufi = var.report + } +} +``` + +```hcl +user_data = templatefile("${path.module}/lufi_startup.sh", local.user_data_vars) +``` + +- Add the below provisioner data in __main.tf__ file at the `aws_instance` resource + +```sh + connection { + agent = false + type = "ssh" + host = aws_instance.ec2_instance.public_dns + private_key = "${file(var.private_key)}" + user = "${var.user}" + } + + provisioner "remote-exec" { + inline = [ + "sudo apt update -y", + "sudo apt install python3.9 -y", + ] + } + + provisioner "local-exec" { + command = < hosts && \ + echo "[Lufi]" | tee -a hosts && \ + echo "${aws_instance.ec2_instance.public_ip} ansible_user=${var.user} ansible_ssh_private_key_file=${var.private_key}" | tee -a hosts && \ + export ANSIBLE_HOST_KEY_CHECKING=False && \ + ansible-playbook -u ${var.user} --private-key ${var.private_key} -i hosts site.yml + EOT + } +``` \ No newline at end of file diff --git a/.provision/terraform-aws-lufi/lufi_startup.sh b/.provision/terraform-aws-lufi/lufi_startup.sh new file mode 100644 index 0000000..3c89c0c --- /dev/null +++ b/.provision/terraform-aws-lufi/lufi_startup.sh @@ -0,0 +1,59 @@ +#!/usr/bin/env bash +set -euo pipefail + +echo "**********************************************************************" +echo " *" +echo "Install dependencies *" +echo " *" +echo "**********************************************************************" + +SUDO=sudo +$SUDO apt update +$SUDO apt install jq wget unzip carton build-essential nginx libssl-dev libio-socket-ssl-perl liblwp-protocol-https-perl zlib1g-dev libmojo-sqlite-perl libpq-dev -y + +echo "**********************************************************************" +echo " *" +echo "Configuring the Application *" +echo " *" +echo "**********************************************************************" + +sleep 10; +version=$(curl -s https://framagit.org/api/v4/projects/1998/releases | jq '.[]' | jq -r '.name' | head -1) +echo $version +pushd ${directory} +$SUDO wget https://framagit.org/fiat-tux/hat-softwares/lufi/-/archive/$version/lufi-$version.zip +$SUDO unzip lufi-$version.zip +$SUDO chown ${user} lufi-$version +$SUDO chgrp ${group} lufi-$version +pushd lufi-$version + +echo "**********************************************************************" +echo " *" +echo "Install Carton Packages *" +echo " *" +echo "**********************************************************************" + +$SUDO carton install --deployment --without=test --without=sqlite --without=mysql + +sleep 10; + +$SUDO cp lufi.conf.template lufi.conf + +sed -i 's/127.0.0.1/0.0.0.0/' lufi.conf +sed -i 's/#contact/contact/g' lufi.conf +sed -i "s/contact.example.com/${contact_lufi}/g" lufi.conf +sed -i 's/#report/report/' -i lufi.conf +sed -i "s/report@example.com/${report_lufi}/g" lufi.conf +sed -i "192 , 194 s/#/ /g" lufi.conf && \ +sed -i "195 s/# / /g" lufi.conf && \ +sed -i "196 , 198 s/#/ /g" lufi.conf && \ +sed -i "199 , 201 s/# / /g" lufi.conf && \ +sed -i "202 s/#/ /g" lufi.conf + +echo "**********************************************************************" +echo " *" +echo "Run the Application *" +echo " *" +echo "**********************************************************************" + +$SUDO carton exec hypnotoad script/lufi diff --git a/.provision/terraform-aws-lufi/main.tf b/.provision/terraform-aws-lufi/main.tf index de8fa8f..cd46982 100644 --- a/.provision/terraform-aws-lufi/main.tf +++ b/.provision/terraform-aws-lufi/main.tf @@ -1,3 +1,13 @@ +locals { + user_data_vars = { + user = var.lufi_owner + group = var.lufi_group + directory = var.app_dir + contact_lufi = var.contact + report_lufi = var.report + } +} + #Create the VPC resource "aws_vpc" "vpc" { cidr_block = "${var.vpc_cidr}" @@ -100,38 +110,10 @@ resource "aws_instance" "ec2_instance" { associate_public_ip_address = "true" subnet_id = "${aws_subnet.publicsubnet.id}" vpc_security_group_ids = ["${aws_security_group.security.id}"] + user_data = templatefile("${path.module}/lufi_startup.sh", local.user_data_vars) key_name = "lufi.webapp" - - connection { - agent = false - type = "ssh" - host = aws_instance.ec2_instance.public_dns - private_key = "${file(var.private_key)}" - user = "${var.user}" - } - - provisioner "remote-exec" { - inline = [ - "sudo apt update -y", - "sudo apt install python3.9 -y", - ] - } - - provisioner "local-exec" { - command = < hosts && \ - echo "[Lufi]" | tee -a hosts && \ - echo "${aws_instance.ec2_instance.public_ip} ansible_user=${var.user} ansible_ssh_private_key_file=${var.private_key}" | tee -a hosts && \ - export ANSIBLE_HOST_KEY_CHECKING=False && \ - ansible-playbook -u ${var.user} --private-key ${var.private_key} -i hosts site.yml - EOT - } tags = { Name = "${var.instance_name}" } } - - - diff --git a/.provision/terraform-aws-lufi/provider.tf b/.provision/terraform-aws-lufi/provider.tf index 22f192f..d037bd2 100644 --- a/.provision/terraform-aws-lufi/provider.tf +++ b/.provision/terraform-aws-lufi/provider.tf @@ -1,3 +1,12 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 3.0" + } + } +} + provider "aws" { access_key = "${var.aws_access_key}" secret_key = "${var.aws_secret_key}" diff --git a/.provision/terraform-aws-lufi/vars.tf b/.provision/terraform-aws-lufi/vars.tf index f2bfde5..e944c0e 100644 --- a/.provision/terraform-aws-lufi/vars.tf +++ b/.provision/terraform-aws-lufi/vars.tf @@ -33,4 +33,23 @@ variable "instance_name" { default = "instance_name" } +variable "lufi_owner" { + default = "" +} + +variable "lufi_group" { + default = "" +} + +variable "app_dir" { + default = "" +} + +variable "contact" { + default = "" +} + +variable "report" { + default = "" +}