From 51374f3eec4bf9234ad1dfaae6a9fb8d15ca4051 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nil=20G=C3=A0llego?=
<73447234+nilgaar@users.noreply.github.com>
Date: Sat, 13 Jul 2024 23:54:31 +0200
Subject: [PATCH 1/3] Develop (#2)
* wip
* chore: Update AWS VPC Terraform templates and workflows
---
.github/workflows/deploy_aws_vpc.yml | 18 ++++++++++++++----
.gitignore | 1 +
IaC/ansible/apache.yml | 27 +++++++++++++++++++++++++++
IaC/aws/terraform/awsEC2s.pub | 1 +
IaC/aws/terraform/ec2.tf | 23 +++++++++++++++++++++++
IaC/aws/terraform/ec2_+_ebs.tf | 22 ----------------------
IaC/aws/terraform/key_pair.tf | 4 ++++
7 files changed, 70 insertions(+), 26 deletions(-)
create mode 100644 IaC/ansible/apache.yml
create mode 100644 IaC/aws/terraform/awsEC2s.pub
create mode 100644 IaC/aws/terraform/ec2.tf
delete mode 100644 IaC/aws/terraform/ec2_+_ebs.tf
create mode 100644 IaC/aws/terraform/key_pair.tf
diff --git a/.github/workflows/deploy_aws_vpc.yml b/.github/workflows/deploy_aws_vpc.yml
index 0203f56..08fadf3 100644
--- a/.github/workflows/deploy_aws_vpc.yml
+++ b/.github/workflows/deploy_aws_vpc.yml
@@ -9,17 +9,27 @@ on:
workflow_dispatch:
jobs:
- build:
+ deploy:
+ name: Deploy Infrastructure
runs-on: ubuntu-latest
+ env:
+ AWS_ACCESS_KEY_ID: ${{ secrets.AWS_INFRA_KEY_ID }}
+ AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_INFRA_KEY }}
steps:
- uses: actions/checkout@v3
+
- uses: opentofu/setup-opentofu@v1.0.3
+ name: Setup OpenTofu
+
- name: OpenTofu Setup and Validate
run: |
cd ./IaC/aws/terraform/
tofu init
tofu validate
tofu plan -var="AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}" -var="AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}"
- env:
- AWS_ACCESS_KEY_ID: ${{ secrets.AWS_INFRA_KEY_ID }}
- AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_INFRA_KEY }}
+
+ - name: Deploy VPC
+ if: github.ref == 'refs/heads/main'
+ run: |
+ cd ./IaC/aws/terraform/
+ tofu apply -auto-approve -var="AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}" -var="AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}"
diff --git a/.gitignore b/.gitignore
index e06d0dd..61b287c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
IaC/aws/terraform/_provider.tf
+awsEC2s
\ No newline at end of file
diff --git a/IaC/ansible/apache.yml b/IaC/ansible/apache.yml
new file mode 100644
index 0000000..1728955
--- /dev/null
+++ b/IaC/ansible/apache.yml
@@ -0,0 +1,27 @@
+- name: Install and start Apache
+ hosts: all
+ become: yes
+ tasks:
+ - name: Update apt repo and cache
+ apt:
+ update_cache: yes
+ cache_valid_time: 3600
+
+ - name: Install Apache
+ apt:
+ name: apache2
+ state: present
+
+ - name: Start and enable Apache
+ systemd:
+ name: apache2
+ enabled: yes
+ state: started
+
+ - name: Set up index.html
+ copy:
+ content: "
Deployed via Ansible
"
+ dest: /var/www/html/index.html
+ owner: www-data
+ group: www-data
+ mode: "0644"
diff --git a/IaC/aws/terraform/awsEC2s.pub b/IaC/aws/terraform/awsEC2s.pub
new file mode 100644
index 0000000..2e35383
--- /dev/null
+++ b/IaC/aws/terraform/awsEC2s.pub
@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEPHgQtk6l3FROLb4x7Gj93xNo8F/m8kj9pQku5lIBLV nil@MacBook-Pro-de-Nil.local
diff --git a/IaC/aws/terraform/ec2.tf b/IaC/aws/terraform/ec2.tf
new file mode 100644
index 0000000..a11af3d
--- /dev/null
+++ b/IaC/aws/terraform/ec2.tf
@@ -0,0 +1,23 @@
+data "aws_ssm_parameter" "ubuntu22" {
+ name = "/aws/service/canonical/ubuntu/server/22.04/stable/current/amd64/hvm/ebs-gp2/ami-id"
+}
+
+resource "aws_instance" "ec2example" {
+ ami = data.aws_ssm_parameter.ubuntu22.value
+ instance_type = "t3.micro"
+ availability_zone = "eu-west-1a"
+ subnet_id = aws_subnet.subnet.id
+ vpc_security_group_ids = [aws_security_group.sec_group.id]
+ associate_public_ip_address = true
+ key_name = aws_key_pair.ec2_key_pair.key_name
+
+ provisioner "local-exec" {
+ command = "ansible-playbook -i '${self.public_ip},' --private-key ${path.module}/ ansible/playbook.yml"
+ }
+
+ provisioner "remote-exec" {
+ inline = [
+ "echo 'Waiting for instance to be ready'"
+ ]
+ }
+}
diff --git a/IaC/aws/terraform/ec2_+_ebs.tf b/IaC/aws/terraform/ec2_+_ebs.tf
deleted file mode 100644
index 2781e91..0000000
--- a/IaC/aws/terraform/ec2_+_ebs.tf
+++ /dev/null
@@ -1,22 +0,0 @@
-data "aws_ssm_parameter" "ubuntu22" {
- name = "/aws/service/canonical/ubuntu/server/22.04/stable/current/amd64/hvm/ebs-gp2/ami-id"
-}
-
-resource "aws_instance" "ec2example" {
- ami = data.aws_ssm_parameter.ubuntu22.value
- instance_type = "t3.micro"
- availability_zone = "eu-west-1a"
- subnet_id = aws_subnet.subnet.id
- vpc_security_group_ids = [aws_security_group.sec_group.id]
-
- associate_public_ip_address = true
-
- user_data = <Deployed via Terraform" | sudo tee /var/www/html/index.html
-EOF
-}
\ No newline at end of file
diff --git a/IaC/aws/terraform/key_pair.tf b/IaC/aws/terraform/key_pair.tf
new file mode 100644
index 0000000..1d6139b
--- /dev/null
+++ b/IaC/aws/terraform/key_pair.tf
@@ -0,0 +1,4 @@
+resource "aws_key_pair" "ec2_key_pair" {
+ key_name = "ec2-key-pair"
+ public_key = file("${path.module}/awsEC2s.pub")
+}
From 9dc0d7d55637bb671160a96909121d500f3513cb Mon Sep 17 00:00:00 2001
From: Nil
Date: Sun, 14 Jul 2024 01:50:59 +0200
Subject: [PATCH 2/3] wip
wip
chore: Add VPC destruction step to AWS deployment workflow
wip
chore: Update VPC destruction step in AWS deployment workflow
chore: Add SSH key setup step to AWS deployment workflow
chore: Add destroy step to AWS deployment workflow
chore: Add needs dependency for destroy job in AWS deployment workflow
chore: Update Apache playbook in AWS EC2 Terraform configuration
chore: Update sleep duration in EC2 Terraform configuration
chore: Update sleep duration in EC2 Terraform configuration
wip
wip
wip
chore: Update EC2 Terraform configuration to use ANSIBLE_HOST_KEY_CHECKING=False
wip
wip
wip
chore: Update EC2 Terraform configuration to use ANSIBLE_HOST_KEY_CHECKING=False
Update EC2 Terraform configuration to use t3.micro instance type and increase sleep duration
---
.github/workflows/deploy_aws_vpc.yml | 10 ++++++++++
IaC/ansible/apache.yml | 1 +
IaC/aws/terraform/ec2.tf | 17 ++++++++++++-----
3 files changed, 23 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/deploy_aws_vpc.yml b/.github/workflows/deploy_aws_vpc.yml
index 08fadf3..8f52119 100644
--- a/.github/workflows/deploy_aws_vpc.yml
+++ b/.github/workflows/deploy_aws_vpc.yml
@@ -21,6 +21,11 @@ jobs:
- uses: opentofu/setup-opentofu@v1.0.3
name: Setup OpenTofu
+ - name: Setup SSH Key using webfactory/ssh-agent
+ uses: webfactory/ssh-agent@v0.5.4
+ with:
+ ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
+
- name: OpenTofu Setup and Validate
run: |
cd ./IaC/aws/terraform/
@@ -33,3 +38,8 @@ jobs:
run: |
cd ./IaC/aws/terraform/
tofu apply -auto-approve -var="AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}" -var="AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}"
+
+ - name: Destroy VPC
+ run: |
+ cd ./IaC/aws/terraform/
+ tofu destroy -auto-approve -var="AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}" -var="AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}"
diff --git a/IaC/ansible/apache.yml b/IaC/ansible/apache.yml
index 1728955..0428125 100644
--- a/IaC/ansible/apache.yml
+++ b/IaC/ansible/apache.yml
@@ -1,3 +1,4 @@
+---
- name: Install and start Apache
hosts: all
become: yes
diff --git a/IaC/aws/terraform/ec2.tf b/IaC/aws/terraform/ec2.tf
index a11af3d..950ce1f 100644
--- a/IaC/aws/terraform/ec2.tf
+++ b/IaC/aws/terraform/ec2.tf
@@ -11,13 +11,20 @@ resource "aws_instance" "ec2example" {
associate_public_ip_address = true
key_name = aws_key_pair.ec2_key_pair.key_name
- provisioner "local-exec" {
- command = "ansible-playbook -i '${self.public_ip},' --private-key ${path.module}/ ansible/playbook.yml"
- }
-
provisioner "remote-exec" {
inline = [
- "echo 'Waiting for instance to be ready'"
+ "echo 'Waiting for instance to be fully ready...'",
+ "sleep 60"
]
}
+
+ provisioner "local-exec" {
+ command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -i '${self.public_ip},' ${path.module}/../../ansible/apache.yml -u 'ubuntu'"
+ }
+
+ connection {
+ type = "ssh"
+ user = "ubuntu"
+ host = self.public_ip
+ }
}
From e65187bd135a25f8a73ad855a305533fedc467b8 Mon Sep 17 00:00:00 2001
From: Nil
Date: Sun, 14 Jul 2024 01:53:55 +0200
Subject: [PATCH 3/3] wip
---
IaC/aws/terraform/ec2.tf | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/IaC/aws/terraform/ec2.tf b/IaC/aws/terraform/ec2.tf
index 950ce1f..1c38e08 100644
--- a/IaC/aws/terraform/ec2.tf
+++ b/IaC/aws/terraform/ec2.tf
@@ -14,7 +14,7 @@ resource "aws_instance" "ec2example" {
provisioner "remote-exec" {
inline = [
"echo 'Waiting for instance to be fully ready...'",
- "sleep 60"
+ "sleep 20"
]
}