infra.yml

AWSTemplateFormatVersion: 2010-09-09
Description: TeamSpeak server
Parameters:
  TeamSpeakVersion:
    Type: String
    Description: Latest TeamSpeak version number
    Default: "3.13.3"

Resources:
  # Configure instance - use t3.micro to stay within AWS free tier
  EC2Instance:
    Type: AWS::EC2::Instance
    Properties:
      InstanceType: t3.micro
      KeyName: teamspeak-server
      IamInstanceProfile: !Ref InstanceProfile
      SecurityGroups:
        - Ref: InstanceSecurityGroup
      ImageId: ami-0713f98de93617bb4
      UserData:
        Fn::Base64: !Sub |
          #!/bin/bash

          $TeamSpeakVersion = "${TeamSpeakVersion}"

          wget https://files.teamspeak-services.com/releases/server/${TeamSpeakVersion}/teamspeak3-server_linux_amd64-/${TeamSpeakVersion}.tar.bz2

          tar xvfj teamspeak3-server_linux_amd64-${TeamSpeakVersion}.tar.bz2
          cd teamspeak3-server_linux_amd64
          touch .ts3server_license_accepted

          ./ts3server_startscript.sh start

      Tags:
        - Key: Name
          Value: TeamSpeak-EC2Instance

  # Create security rules for the instance
  InstanceSecurityGroup:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: TeamSpeak inbound and outbound security
      SecurityGroupIngress:
        - Description: TeamSpeak 3 default file transfer port.
          IpProtocol: tcp
          FromPort: 30033
          ToPort: 30033
          CidrIp: 0.0.0.0/0
        - Description: TeamSpeak 3 default server query port.
          IpProtocol: tcp
          FromPort: 10011
          ToPort: 10011
          CidrIp: 0.0.0.0/0
        - Description: TeamSpeak 3 server default (voice) port.
          IpProtocol: udp
          FromPort: 9987
          ToPort: 9987
          CidrIp: 0.0.0.0/0
        - Description: Teamspeak 3 default tsdns port.
          IpProtocol: tcp
          FromPort: 41144
          ToPort: 41144
          CidrIp: 0.0.0.0/0
        - Description: SSH traffic
          IpProtocol: tcp
          FromPort: 22
          ToPort: 22
          CidrIp: 0.0.0.0/0
      Tags:
        - Key: Name
          Value: TeamSpeak-EC2SecurityGroup

  # Create and associate an elastic IP to the instance
  ElasticIPAddress:
    DependsOn: EC2Instance
    Type: AWS::EC2::EIP
    Properties:
      InstanceId: !Ref EC2Instance
      Tags:
        - Key: Name
          Value: TeamSpeak-EC2ElasticIPAddress

  # Create a role for the instance
  InstanceRole:
    Type: AWS::IAM::Role
    Properties:
      RoleName: TeamSpeak-IAMRole
      Path: /
      ManagedPolicyArns:
        - arn:aws:iam::aws:policy/service-role/AmazonEC2RoleforSSM
      AssumeRolePolicyDocument:
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - ec2.amazonaws.com
            Action:
              - sts:AssumeRole
      Tags:
        - Key: Name
          Value: TeamSpeak-IAMRole

  # Create an IAM profile for the instance
  InstanceProfile:
    Type: AWS::IAM::InstanceProfile
    Properties:
      InstanceProfileName: TeamSpeak-IAMInstanceProfile
      Path: /
      Roles:
        - !Ref InstanceRole