From faaf51793afbdc99ac869dda25a84624098e5ac2 Mon Sep 17 00:00:00 2001 From: Naveen Kumar <122601934+n4veenkumar@users.noreply.github.com> Date: Fri, 24 Feb 2023 20:49:13 +0530 Subject: [PATCH] Add a DNS route in aws route53, wrapped script execution inside null_resource, modified startup.sh, add new variable in vars.tf --- deploy/aws/README.md | 2 ++ deploy/aws/main.tf | 43 +++++++++++++++++++++++++++------ deploy/aws/templates/startup.sh | 42 ++++++++++---------------------- deploy/aws/vars.tf | 12 +++++++++ 4 files changed, 62 insertions(+), 37 deletions(-) diff --git a/deploy/aws/README.md b/deploy/aws/README.md index c8866fe29..87d1a4ee4 100644 --- a/deploy/aws/README.md +++ b/deploy/aws/README.md @@ -33,6 +33,8 @@ This repo contains a Terraform plan for deploying Epicyon on an AWS EC2 instance | [aws_internet_gateway.epicyon_gw](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/internet_gateway) | resource | | [aws_route_table.epicyon_route_table](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table) | resource | | [aws_route_table_association.epicyon_route_table_association](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route_table_association) | resource | +| [aws_route53_record.epicyon_route53](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record) | resource | +| [null_resource.null_resource_epicyon](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource | ## Inputs diff --git a/deploy/aws/main.tf b/deploy/aws/main.tf index 4748effc0..22cf0699a 100644 --- a/deploy/aws/main.tf +++ b/deploy/aws/main.tf @@ -1,10 +1,3 @@ -locals { - user_data_vars = { - domain = var.domain - email = var.email - } -} - resource "aws_vpc" "epicyon_vpc" { cidr_block = var.vpc_cidr_block @@ -91,13 +84,21 @@ resource "aws_instance" "epicyon_web" { associate_public_ip_address = true subnet_id = aws_subnet.epicyon_subnet.id vpc_security_group_ids = [aws_security_group.epicyon_sg.id] - user_data = base64encode(templatefile("${path.module}/templates/startup.sh", local.user_data_vars)) key_name = var.key_name tags = { Name = "epicyon_web" } } +resource "aws_route53_record" "epicyon_route53" { + zone_id = var.zone_id + name = var.domain + type = "A" + ttl = 300 + records = [aws_instance.epicyon_web.public_ip] + depends_on = [aws_instance.epicyon_web] +} + resource "aws_iam_role" "epicyon_iam_role" { name = "epicyon_iam_role" assume_role_policy = jsonencode({ @@ -134,3 +135,29 @@ resource "aws_eip_association" "epicyon" { instance_id = aws_instance.epicyon_web.id allocation_id = aws_eip.elastic.id } + +resource "null_resource" "null_resource_epicyon" { + depends_on=[aws_route53_record.epicyon_route53] + triggers = { + id = timestamp() + } + connection { + agent = false + type = "ssh" + host = [aws_instance.epicyon_web.public_ip] + private_key = file(var.private_key) + user = "ubuntu" + } + provisioner "file" { + source = "./templates/startup.sh" + destination = "~/startup.sh" + } + provisioner "remote-exec" { + inline = [ + "chmod +x ~/startup.sh", + "export domain=${var.epicyon_domain}", + "export email=${var.email}", + "bash ~/startup.sh" + ] + } +} diff --git a/deploy/aws/templates/startup.sh b/deploy/aws/templates/startup.sh index e5dc68d2f..65c9c6bbd 100644 --- a/deploy/aws/templates/startup.sh +++ b/deploy/aws/templates/startup.sh @@ -1,17 +1,13 @@ #!/usr/bin/env bash - -export YOUR_DOMAIN=${domain} -export YOUR_EMAIL=${email} - sudo apt update -y sudo apt install -y tor python3-socks imagemagick python3-setuptools python3-cryptography python3-dateutil python3-idna python3-requests python3-flake8 python3-django-timezone-field python3-pyqrcode python3-png python3-bandit libimage-exiftool-perl certbot nginx wget cd /opt || exit sudo git clone https://gitlab.com/bashrc2/epicyon cd /opt/epicyon || exit sudo adduser --system --home=/opt/epicyon --group epicyon -sudo mkdir /var/www/${domain} +sudo mkdir /var/www/$domain sudo mkdir -p /opt/epicyon/accounts/newsmirror -sudo ln -s /opt/epicyon/accounts/newsmirror /var/www/${domain}/newsmirror +sudo ln -s /opt/epicyon/accounts/newsmirror /var/www/$domain/newsmirror sudo tee /tmp/epicyon.service >/dev/null </dev/null </dev/null <