diff --git a/.gitignore b/.gitignore index df20049..33b6b1f 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,5 @@ uploads/ node_modules/ package-lock.json .vscode/ -build/ \ No newline at end of file +build/ +ops/terraform/secrets.tf diff --git a/ops/ansible/apache2-debian.yml b/ops/ansible/apache2-debian.yml deleted file mode 100644 index 7f2d62f..0000000 --- a/ops/ansible/apache2-debian.yml +++ /dev/null @@ -1,65 +0,0 @@ ---- -- hosts: hifive - become: yes - become_user: root - vars: - http_port: 80 - domain: example.com - tasks: - - name: Install apache2 - apt: - pkg: - - apache2 - - python-passlib - state: present - - - name: Permissions apache2 - file: - path: /etc/apache2 - owner: www-data - group: www-data - recurse: yes - - - name: Permissions www - file: - path: /var/www - owner: www-data - group: www-data - recurse: yes - - - name: Start service httpd, if not started - service: - name: apache2 - state: started - - - name: Enable service apache2, and not touch the state - service: - name: apache2 - enabled: yes - - - name: Enable mod_rewrite - apache2_module: - name: rewrite - state: present - - - htpasswd: - path: /etc/apache2/.htpasswd - name: hifive - password: hifive - owner: root - group: www-data - mode: 0640 - - - name: Create virtual host file - template: - src: virtualhost.j2 - dest: /etc/apache2/sites-available/{{ domain }}.conf - force: yes - - - name: a2ensite {{ domain }} - command: a2ensite {{ domain }} - - - name: Reload service apache2 - service: - name: apache2 - state: reloaded diff --git a/ops/ansible/httpd-centos.yml b/ops/ansible/httpd-centos.yml new file mode 100644 index 0000000..a6e2609 --- /dev/null +++ b/ops/ansible/httpd-centos.yml @@ -0,0 +1,77 @@ +--- +- hosts: hifive + become: yes + become_user: root + + tasks: + - name: Yum update + yum: + name: '*' + state: latest + + - name: Install httpd + yum: + name: httpd + state: latest + + - name: Systemd enable httpd + systemd: + name: httpd + enabled: yes + masked: no + + - name: Systemd start httpd + systemd: + name: httpd + state: started + + #- name: Permissions apache2 + #file: + #path: /etc/apache2 + #owner: www-data + #group: www-data + #recurse: yes +# + #- name: Permissions www + #file: + #path: /var/www + #owner: www-data + #group: www-data + #recurse: yes +# + #- name: Start service httpd, if not started + #service: + #name: apache2 + #state: started +# + #- name: Enable service apache2, and not touch the state + #service: + #name: apache2 + #enabled: yes + # + #- name: Enable mod_rewrite + #apache2_module: + #name: rewrite + #state: present + # + #- htpasswd: + #path: /etc/apache2/.htpasswd + #name: hifive + #password: hifive + #owner: root + #group: www-data + #mode: 0640 +# + #- name: Create virtual host file + #template: + #src: virtualhost.j2 + #dest: /etc/apache2/sites-available/{{ domain }}.conf + #force: yes +# + #- name: a2ensite {{ domain }} + #command: a2ensite {{ domain }} +# + #- name: Reload service apache2 + #service: + #name: apache2 + #state: reloaded diff --git a/ops/terraform/master.tf b/ops/terraform/master.tf index 8725d82..3f3494e 100644 --- a/ops/terraform/master.tf +++ b/ops/terraform/master.tf @@ -35,7 +35,7 @@ resource "aws_key_pair" "terraform_ec2_key" { ########################### resource "aws_instance" "webserver" { - ami = "ami-969c2deb" + ami = "ami-04992646d54c69ef4" instance_type = "t2.micro" key_name = "${aws_key_pair.terraform_ec2_key.id}" vpc_security_group_ids = [ diff --git a/ops/terraform/security.tf b/ops/terraform/security.tf index 33a7f04..f49295e 100644 --- a/ops/terraform/security.tf +++ b/ops/terraform/security.tf @@ -24,6 +24,20 @@ resource "aws_security_group" "allow_ssh" { resource "aws_security_group" "allow_http" { name = "allow http" + ingress { + from_port = 80 + to_port = 80 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { from_port = 80 to_port = 80 diff --git a/ops/terraform/terraform.tfstate b/ops/terraform/terraform.tfstate index ae838cc..3174f5c 100644 --- a/ops/terraform/terraform.tfstate +++ b/ops/terraform/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.11.10", - "serial": 5, + "serial": 8, "lineage": "40e25136-2a8a-573c-e896-537bfb7f8b22", "modules": [ { @@ -17,13 +17,13 @@ "data.aws_eip.webserver-ip" ], "primary": { - "id": "eipassoc-008af9caa6691c04b", + "id": "eipassoc-0826b0b47141924ba", "attributes": { "allocation_id": "eipalloc-0f61e902f5f680dc0", - "id": "eipassoc-008af9caa6691c04b", - "instance_id": "i-05ab29acdb857ba07", - "network_interface_id": "eni-04f05313a3fb9d22e", - "private_ip_address": "172.31.33.78", + "id": "eipassoc-0826b0b47141924ba", + "instance_id": "i-09f2de73feb5c3e7a", + "network_interface_id": "eni-02d855d56e40967d0", + "private_ip_address": "172.31.36.68", "public_ip": "35.180.10.123" }, "meta": {}, @@ -40,10 +40,10 @@ "aws_security_group.allow_ssh" ], "primary": { - "id": "i-05ab29acdb857ba07", + "id": "i-09f2de73feb5c3e7a", "attributes": { - "ami": "ami-969c2deb", - "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-05ab29acdb857ba07", + "ami": "ami-04992646d54c69ef4", + "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-09f2de73feb5c3e7a", "associate_public_ip_address": "true", "availability_zone": "eu-west-3c", "cpu_core_count": "1", @@ -56,25 +56,25 @@ "ephemeral_block_device.#": "0", "get_password_data": "false", "iam_instance_profile": "", - "id": "i-05ab29acdb857ba07", + "id": "i-09f2de73feb5c3e7a", "instance_state": "running", "instance_type": "t2.micro", "ipv6_addresses.#": "0", "key_name": "terraform_ec2_key", "monitoring": "false", "network_interface.#": "0", - "network_interface_id": "eni-04f05313a3fb9d22e", + "network_interface_id": "eni-02d855d56e40967d0", "password_data": "", "placement_group": "", - "primary_network_interface_id": "eni-04f05313a3fb9d22e", - "private_dns": "ip-172-31-33-78.eu-west-3.compute.internal", - "private_ip": "172.31.33.78", - "public_dns": "ec2-35-180-131-72.eu-west-3.compute.amazonaws.com", - "public_ip": "35.180.131.72", + "primary_network_interface_id": "eni-02d855d56e40967d0", + "private_dns": "ip-172-31-36-68.eu-west-3.compute.internal", + "private_ip": "172.31.36.68", + "public_dns": "ec2-35-180-10-123.eu-west-3.compute.amazonaws.com", + "public_ip": "35.180.10.123", "root_block_device.#": "1", "root_block_device.0.delete_on_termination": "true", "root_block_device.0.iops": "100", - "root_block_device.0.volume_id": "vol-0b2c3ade9942b0498", + "root_block_device.0.volume_id": "vol-0b1da0548cc9c546e", "root_block_device.0.volume_size": "8", "root_block_device.0.volume_type": "gp2", "security_groups.#": "2", @@ -87,8 +87,8 @@ "tenancy": "default", "volume_tags.%": "0", "vpc_security_group_ids.#": "2", - "vpc_security_group_ids.1275660324": "sg-069d406cd5c97a02e", - "vpc_security_group_ids.1919395107": "sg-000fa76bafd2d1490" + "vpc_security_group_ids.1821931549": "sg-059fe679d9db32397", + "vpc_security_group_ids.2822979855": "sg-082897f758ada2701" }, "meta": { "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { @@ -126,9 +126,9 @@ "type": "aws_security_group", "depends_on": [], "primary": { - "id": "sg-000fa76bafd2d1490", + "id": "sg-082897f758ada2701", "attributes": { - "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-000fa76bafd2d1490", + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-082897f758ada2701", "description": "Managed by Terraform", "egress.#": "2", "egress.2214680975.cidr_blocks.#": "1", @@ -151,8 +151,28 @@ "egress.2617001939.security_groups.#": "0", "egress.2617001939.self": "false", "egress.2617001939.to_port": "443", - "id": "sg-000fa76bafd2d1490", - "ingress.#": "0", + "id": "sg-082897f758ada2701", + "ingress.#": "2", + "ingress.2214680975.cidr_blocks.#": "1", + "ingress.2214680975.cidr_blocks.0": "0.0.0.0/0", + "ingress.2214680975.description": "", + "ingress.2214680975.from_port": "80", + "ingress.2214680975.ipv6_cidr_blocks.#": "0", + "ingress.2214680975.prefix_list_ids.#": "0", + "ingress.2214680975.protocol": "tcp", + "ingress.2214680975.security_groups.#": "0", + "ingress.2214680975.self": "false", + "ingress.2214680975.to_port": "80", + "ingress.2617001939.cidr_blocks.#": "1", + "ingress.2617001939.cidr_blocks.0": "0.0.0.0/0", + "ingress.2617001939.description": "", + "ingress.2617001939.from_port": "443", + "ingress.2617001939.ipv6_cidr_blocks.#": "0", + "ingress.2617001939.prefix_list_ids.#": "0", + "ingress.2617001939.protocol": "tcp", + "ingress.2617001939.security_groups.#": "0", + "ingress.2617001939.self": "false", + "ingress.2617001939.to_port": "443", "name": "allow http", "owner_id": "116854918046", "revoke_rules_on_delete": "false", @@ -175,12 +195,12 @@ "type": "aws_security_group", "depends_on": [], "primary": { - "id": "sg-069d406cd5c97a02e", + "id": "sg-059fe679d9db32397", "attributes": { - "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-069d406cd5c97a02e", + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-059fe679d9db32397", "description": "Managed by Terraform", "egress.#": "0", - "id": "sg-069d406cd5c97a02e", + "id": "sg-059fe679d9db32397", "ingress.#": "1", "ingress.2541437006.cidr_blocks.#": "1", "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", diff --git a/ops/terraform/terraform.tfstate.backup b/ops/terraform/terraform.tfstate.backup index f0f780c..466ee83 100644 --- a/ops/terraform/terraform.tfstate.backup +++ b/ops/terraform/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.11.10", - "serial": 5, + "serial": 8, "lineage": "40e25136-2a8a-573c-e896-537bfb7f8b22", "modules": [ { @@ -10,6 +10,99 @@ ], "outputs": {}, "resources": { + "aws_eip_association.webserver-eip": { + "type": "aws_eip_association", + "depends_on": [ + "aws_instance.webserver", + "data.aws_eip.webserver-ip" + ], + "primary": { + "id": "eipassoc-0826b0b47141924ba", + "attributes": { + "allocation_id": "eipalloc-0f61e902f5f680dc0", + "id": "eipassoc-0826b0b47141924ba", + "instance_id": "i-09f2de73feb5c3e7a", + "network_interface_id": "eni-02d855d56e40967d0", + "private_ip_address": "172.31.36.68", + "public_ip": "35.180.10.123" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, + "aws_instance.webserver": { + "type": "aws_instance", + "depends_on": [ + "aws_key_pair.terraform_ec2_key", + "aws_security_group.allow_http", + "aws_security_group.allow_ssh" + ], + "primary": { + "id": "i-09f2de73feb5c3e7a", + "attributes": { + "ami": "ami-04992646d54c69ef4", + "arn": "arn:aws:ec2:eu-west-3:116854918046:instance/i-09f2de73feb5c3e7a", + "associate_public_ip_address": "true", + "availability_zone": "eu-west-3c", + "cpu_core_count": "1", + "cpu_threads_per_core": "1", + "credit_specification.#": "1", + "credit_specification.0.cpu_credits": "standard", + "disable_api_termination": "false", + "ebs_block_device.#": "0", + "ebs_optimized": "false", + "ephemeral_block_device.#": "0", + "get_password_data": "false", + "iam_instance_profile": "", + "id": "i-09f2de73feb5c3e7a", + "instance_state": "running", + "instance_type": "t2.micro", + "ipv6_addresses.#": "0", + "key_name": "terraform_ec2_key", + "monitoring": "false", + "network_interface.#": "0", + "network_interface_id": "eni-02d855d56e40967d0", + "password_data": "", + "placement_group": "", + "primary_network_interface_id": "eni-02d855d56e40967d0", + "private_dns": "ip-172-31-36-68.eu-west-3.compute.internal", + "private_ip": "172.31.36.68", + "public_dns": "ec2-35-180-74-87.eu-west-3.compute.amazonaws.com", + "public_ip": "35.180.74.87", + "root_block_device.#": "1", + "root_block_device.0.delete_on_termination": "true", + "root_block_device.0.iops": "100", + "root_block_device.0.volume_id": "vol-0b1da0548cc9c546e", + "root_block_device.0.volume_size": "8", + "root_block_device.0.volume_type": "gp2", + "security_groups.#": "2", + "security_groups.1710041364": "allow ssh", + "security_groups.4237835427": "allow http", + "source_dest_check": "true", + "subnet_id": "subnet-6308d02e", + "tags.%": "1", + "tags.Name": "hifive-webserver", + "tenancy": "default", + "volume_tags.%": "0", + "vpc_security_group_ids.#": "2", + "vpc_security_group_ids.1821931549": "sg-059fe679d9db32397", + "vpc_security_group_ids.2822979855": "sg-082897f758ada2701" + }, + "meta": { + "e2bfb730-ecaa-11e6-8f88-34363bc7c4c0": { + "create": 600000000000, + "delete": 1200000000000, + "update": 600000000000 + }, + "schema_version": "1" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, "aws_key_pair.terraform_ec2_key": { "type": "aws_key_pair", "depends_on": [], @@ -33,9 +126,9 @@ "type": "aws_security_group", "depends_on": [], "primary": { - "id": "sg-000fa76bafd2d1490", + "id": "sg-082897f758ada2701", "attributes": { - "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-000fa76bafd2d1490", + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-082897f758ada2701", "description": "Managed by Terraform", "egress.#": "2", "egress.2214680975.cidr_blocks.#": "1", @@ -58,7 +151,7 @@ "egress.2617001939.security_groups.#": "0", "egress.2617001939.self": "false", "egress.2617001939.to_port": "443", - "id": "sg-000fa76bafd2d1490", + "id": "sg-082897f758ada2701", "ingress.#": "0", "name": "allow http", "owner_id": "116854918046", @@ -82,12 +175,12 @@ "type": "aws_security_group", "depends_on": [], "primary": { - "id": "sg-069d406cd5c97a02e", + "id": "sg-059fe679d9db32397", "attributes": { - "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-069d406cd5c97a02e", + "arn": "arn:aws:ec2:eu-west-3:116854918046:security-group/sg-059fe679d9db32397", "description": "Managed by Terraform", "egress.#": "0", - "id": "sg-069d406cd5c97a02e", + "id": "sg-059fe679d9db32397", "ingress.#": "1", "ingress.2541437006.cidr_blocks.#": "1", "ingress.2541437006.cidr_blocks.0": "0.0.0.0/0", diff --git a/ops/terraform/variables.tf b/ops/terraform/variables.tf deleted file mode 100644 index 6426487..0000000 --- a/ops/terraform/variables.tf +++ /dev/null @@ -1,19 +0,0 @@ -########################### -# VARS -########################### - -variable "aws_access_key_id" { - default = "AKIAIHBYYPCVUNGK7HCA" -} - -variable "aws_secret_access_key" { - default = "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" -} - -variable "aws_region" { - default = "eu-west-3" -} - -variable "aws_ssh_key" { - default = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQClFxq0O91KsqPLYWeONMjta9p5XsoP/LjzE1jUayr4n5c7uUb/ND9rab9lD+6DK0fhvN58xfZ4YdqPA1HUubaZtE21TIqL6zcOJ8c2z55iBEpzN6c9x6bmS+ZmOrWMUWsweZa1WWBz6UMDvrCRy+yDysndGOLbHZbjtYPv9Zg/9aCunVYDbQIfStRl9YwrR/wtIAyC5PsXJMoaoGrkh5Ac24upkPXCfm2MDirZuKfeMFh+5gSEzSfXXS1OKSVfXrxh9uL+TyqL1MCOn8QSxHVvdaLql6p0FXZrU53RXg5fVz0OwX2W1iSi/7xJiTcXoqZH7RhsH+gLfi1GdljQ2hCj s0dy@thinkpad" -}