diff --git a/.gitignore b/.gitignore index 61354cb..52be906 100644 --- a/.gitignore +++ b/.gitignore @@ -80,3 +80,23 @@ npm-debug.log /priv/plts/*.plt /priv/plts/*.plt.hash ## Phoenix + + +## Packer +# Cache objects +packer_cache/ + +# Crash log +crash.log + +# https://www.packer.io/guides/hcl/variables +# Exclude all .pkrvars.hcl files, which are likely to contain sensitive data, +# such as password, private keys, and other secrets. These should not be part of +# version control as they are data points which are potentially sensitive and +# subject to change depending on the environment. +# +*.pkrvars.hcl + +# For built boxes +*.box +## Packer \ No newline at end of file diff --git a/modules/cloud/aws/compute/swarm/main.tf b/modules/cloud/aws/compute/swarm/main.tf new file mode 100644 index 0000000..bde5361 --- /dev/null +++ b/modules/cloud/aws/compute/swarm/main.tf @@ -0,0 +1,139 @@ +terraform { + required_providers { + # https://registry.terraform.io/providers/hashicorp/aws/latest + aws = { + source = "hashicorp/aws" + version = "5.45.0" + } + # https://registry.terraform.io/providers/hashicorp/tls/latest + # 4. Creating a Key Pair with Local and TLS Providers + tls = { + source = "hashicorp/tls" + version = "4.0.5" + } + # https://registry.terraform.io/providers/hashicorp/local/latest + local = { + source = "hashicorp/local" + version = "2.5.1" + + } + } +} + +data "aws_vpc" "main" { + filter { + name = "isDefault" + values = ["true"] + } +} + +data "aws_subnets" "main_subnets" { + filter { + name = "vpc-id" + values = [data.aws_vpc.main.id] + } +} + +resource "tls_private_key" "rsa" { + algorithm = "RSA" + rsa_bits = 4096 +} + +resource "aws_key_pair" "deployer_key" { + key_name = "swarm-key" + public_key = tls_private_key.rsa.public_key_openssh +} + +resource "local_sensitive_file" "private_key" { + filename = var.private_key_path + content = tls_private_key.rsa.private_key_pem + file_permission = "0400" +} + +data "aws_ami" "amazon_linux_docker" { + most_recent = true + + filter { + name = "name" + values = ["amazon-linux-docker*"] + } + # find with aws cli: aws sts get-caller-identity + # owners = ["AWS_ACC_ID_UNSET"] + owners = ["447130666878"] +} + +resource "aws_security_group" "swarm_sg" { + description = "launch-wizard-2 created 2024-04-17T22:18:12.426Z" + egress = [ + { + cidr_blocks = [ + "0.0.0.0/0", + ] + description = "" + from_port = 0 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "-1" + security_groups = [] + self = false + to_port = 0 + }, + ] + ingress = [ + { + cidr_blocks = [ + "0.0.0.0/0", + ] + description = "" + from_port = 22 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 22 + }, + { + cidr_blocks = [ + "0.0.0.0/0", + ] + description = "" + from_port = 4000 + ipv6_cidr_blocks = [] + prefix_list_ids = [] + protocol = "tcp" + security_groups = [] + self = false + to_port = 4000 + }, + ] + tags = {} + tags_all = {} + # vpc_id = "vpc-0021bbe35d223bc80" + vpc_id = data.aws_vpc.main.id +} + +resource "aws_instance" "belly_swarm" { + # ami = "ami-0d421d84814b7d51c" + ami = data.aws_ami.amazon_linux_docker.id + availability_zone = "eu-west-1b" + key_name = aws_key_pair.deployer_key.key_name + subnet_id = data.aws_subnets.main_subnets.ids[1] + user_data = <<-EOF + #!/bin/bash + + docker swarm init + EOF + instance_type = "t2.micro" + tags = { + "Name" = "docker-swarm-manager" + } + vpc_security_group_ids = [ + aws_security_group.swarm_sg.id, + ] +} + +output "ssh_command" { + value = "ssh -i ${var.private_key_path} ec2-user@${aws_instance.belly_swarm.public_ip}" + description = "The SSH command to connect to the instance." +} \ No newline at end of file diff --git a/modules/cloud/aws/compute/swarm/variables.tf b/modules/cloud/aws/compute/swarm/variables.tf new file mode 100644 index 0000000..0661edd --- /dev/null +++ b/modules/cloud/aws/compute/swarm/variables.tf @@ -0,0 +1,4 @@ +variable "private_key_path" { + description = "The path to the private key file." + type = string +} \ No newline at end of file diff --git a/modules/environments/production/.terraform.lock.hcl b/modules/environments/production/.terraform.lock.hcl new file mode 100644 index 0000000..177629a --- /dev/null +++ b/modules/environments/production/.terraform.lock.hcl @@ -0,0 +1,65 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.45.0" + constraints = "5.45.0" + hashes = [ + "h1:8m3+C1VNevzU/8FsABoKp2rTOx3Ue7674INfhfk0TZY=", + "zh:1379bcf45aef3d486ee18b4f767bfecd40a0056510d26107f388be3d7994c368", + "zh:1615a6f5495acfb3a0cb72324587261dd4d72711a3cc51aff13167b14531501e", + "zh:18b69a0f33f8b1862fbd3f200756b7e83e087b73687085f2cf9c7da4c318e3e6", + "zh:2c5e7aecd197bc3d3b19290bad8cf4c390c2c6a77bb165da4e11f53f2dfe2e54", + "zh:3794da9bef97596e3bc60e12cdd915bda5ec2ed62cd1cd93723d58b4981905fe", + "zh:40a5e45ed91801f83db76dffd467dcf425ea2ca8642327cf01119601cb86021c", + "zh:4abfc3f53d0256a7d5d1fa5e931e4601b02db3d1da28f452341d3823d0518f1a", + "zh:4eb0e98078f79aeb06b5ff6115286dc2135d12a80287885698d04036425494a2", + "zh:75470efbadea4a8d783642497acaeec5077fc4a7f3df3340defeaa1c7de29bf7", + "zh:8861a0b4891d5fa2fa7142f236ae613cea966c45b5472e3915a4ac3abcbaf487", + "zh:8bf6f21cd9390b742ca0b4393fde92616ca9e6553fb75003a0999006ad233d35", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:ad73008a044e75d337acda910fb54d8b81a366873c8a413fec1291034899a814", + "zh:bf261713b0b8bebfe8c199291365b87d9043849f28a2dc764bafdde73ae43693", + "zh:da3bafa1fd830be418dfcc730e85085fe67c0d415c066716f2ac350a2306f40a", + ] +} + +provider "registry.terraform.io/hashicorp/local" { + version = "2.5.1" + constraints = "2.5.1" + hashes = [ + "h1:/GAVA/xheGQcbOZEq0qxANOg+KVLCA7Wv8qluxhTjhU=", + "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", + "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", + "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", + "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", + "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", + "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", + "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", + "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", + "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", + "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", + ] +} + +provider "registry.terraform.io/hashicorp/tls" { + version = "4.0.5" + constraints = "4.0.5" + hashes = [ + "h1:zeG5RmggBZW/8JWIVrdaeSJa0OG62uFX5HY1eE8SjzY=", + "zh:01cfb11cb74654c003f6d4e32bbef8f5969ee2856394a96d127da4949c65153e", + "zh:0472ea1574026aa1e8ca82bb6df2c40cd0478e9336b7a8a64e652119a2fa4f32", + "zh:1a8ddba2b1550c5d02003ea5d6cdda2eef6870ece86c5619f33edd699c9dc14b", + "zh:1e3bb505c000adb12cdf60af5b08f0ed68bc3955b0d4d4a126db5ca4d429eb4a", + "zh:6636401b2463c25e03e68a6b786acf91a311c78444b1dc4f97c539f9f78de22a", + "zh:76858f9d8b460e7b2a338c477671d07286b0d287fd2d2e3214030ae8f61dd56e", + "zh:a13b69fb43cb8746793b3069c4d897bb18f454290b496f19d03c3387d1c9a2dc", + "zh:a90ca81bb9bb509063b736842250ecff0f886a91baae8de65c8430168001dad9", + "zh:c4de401395936e41234f1956ebadbd2ed9f414e6908f27d578614aaa529870d4", + "zh:c657e121af8fde19964482997f0de2d5173217274f6997e16389e7707ed8ece8", + "zh:d68b07a67fbd604c38ec9733069fbf23441436fecf554de6c75c032f82e1ef19", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/modules/environments/production/main.tf b/modules/environments/production/main.tf new file mode 100644 index 0000000..7361651 --- /dev/null +++ b/modules/environments/production/main.tf @@ -0,0 +1,9 @@ +# set up production +module "swarm" { + source = "../../../modules/cloud/aws/compute/swarm" + private_key_path = "${path.module}/private_key.pem" +} + +output "swarm_ssh_command" { + value = module.swarm.ssh_command +} \ No newline at end of file diff --git a/modules/environments/production/private_key.pem b/modules/environments/production/private_key.pem new file mode 100644 index 0000000..b8d72fe --- /dev/null +++ b/modules/environments/production/private_key.pem @@ -0,0 +1,51 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIJKQIBAAKCAgEAz9INbdZICvmfNjo8kYy77HFTsNT+Cz3A0+5j7A1rLjLoKRVw +7Ws4qsuiuN7pcnArkX0Aozz4VvsYMTL7XNNPjGOoAKxOBGBhcM5RRVOmI/+9uapL +y+lDqaS8DUNYl+SZ0HGQaKrkc1+qCrKW6J1lkE6cYfJhasIzj0bgYZe4ZWjxOAHF +0gnU33uhU+3iP25TbV9db0mV7i1ESylezEFffGL0UkDVp9bNvqF3coroLdjXldSR +Lcbtls9sD/t54Wnr5Sd1J8SuZ/FL0j2k994J+y+mkqtHwNT/x93ACaPh+w2no8AS +h7tWsn6lqNcuHgCy3ursoX16K4V/Sew5D0bS7HS2Khm7xWgMk/eG3xjCy9sqe2J+ +QwHmvEh/6O/Ph4T9POkjose4w+xiap7+EJmBZtwG6thdcEoPckQ8CB0s4hJc+nOw +MkF60lKEYfuDfxaZjz41yrWQdNwQtSX5MwZkMTg4ZnNGh4INYWXjNlxgu2uUdQYL +aGn7mHTq/GH+TY1A4hnn+zbj1yULxABmwC2j+gRSWF21pCRI8vhS8qQ3KosRTqIV +3JnHy9z3P04/KsR6DsZyrBdGj8FjLmSa/Li6ZLzw3qn/R5UyX3wYoI1ihK2NQ2Af +LNEY7wbtdJ1OpO328vzT4q+4kUmWzcs98C6lOotusMVX0w79QKW4WLdQPCkCAwEA +AQKCAgBAQtqGMTFbu25gzUc3VoYxiaVwU5wui6zZm6hoMIoI4hLpyUh/EZ2XKpqp +gbw797VxKm8NCuhbtQ74/6O8Q1cguRwVATKqpcbbo+B7iG8iSI05IRCJABs9FMRV +cZKufTCWxNb7loRHrLge0LRbP3hNVBGFM/atlVluH2N4qfqJ2RZl1B6AYSvi4w6y +ric8p/fCJS/2HpHu8S5h82vtyvUkuFCGMqgeWwyJutH9qDg9HQUkvnMZ7Z4/+OmY +U5GPgzo/RKE0Z9vqJjHk08z0HEOH2WcviSkJ1pM1ETu1f2h8Qe+pcdYJBIO9c+3z +tH39JwgoaAo9sVgapxACIrpOH/9OMZGtT8AageyBeTauVpBSOL90GxrbBSsrhRRe +bXYUPUSshp8bsmUsAr9XCqAR7dCXf8G2RQXltMJMJTmVDcZlPxIVIM7szQ0vmj42 +29TLaSNvtMGVILSvajVmSJjCMkCYgolX1CDPactMnqcwgpc3YpqvZqrILUtQnLTK +rD4WGdqiALX/hPhpucb38cqEL3FSkNf4b8MB3rN9zCJmKyJCrtwR25cjFxEq9FZd +500ASj5khUKaM7le3QShKrMYAFX1vEhzBBE3IMFGdVD5itC17qGTjuELeBGp1Pds +LfT3EgRCUamf9VVJwUC1Z0QurEQyeMmx7PB22eAjNL8F0XEZEQKCAQEA98SEBU1z +Nvx2g96X2n/cQG7HwpT6WSMYsXSn33UhHXzopQmF4YH7M1UKLNlAaiklRjt5ELhW +1775D8Bdb87f5Jr/YWdhnOQYfZJCOGBFTsztLweISBAAin1sUSJxTux91PJ/MPAu +vrOczUku950qx8LY9WjM69mbryszk3hv08mukqt9wkLIsBGTKajjLm/prKFcqjqc +7dZmYcxnLVpGF1SRxIhDoNeHS2uio5cYR+9PQXskTKYpKoey+0TNWglFkoAeDXZj +ch5K+P2QaRAb3bDztdoWjcTC/zntWN+djrvwdPdiQNPBEfV+Kr4EQvoIzMHSpv7X +A9awmVCp72QvzQKCAQEA1rnAPI89CBubD7s7njxbaQpkX4ky1GuOQ1Q59DBJYf6b +f2Q5dIwf+jT1GCXKpANV9QeDILckZ0LBccE0q+Iu7iK+fJzNNQfBGlBWO8iSK/ce +VijkX891DXzkrhgYYFSVxnda/kPB3xhzvD2ehTh3sVjxWyCepl/DF3bm7CZCFCiX +HpZxq3SeZzlobOZWpkaldLOh7KmvYbwgvETz0M068jScu3umkAI+aPpb7byn6iWG +o5yyMfEG/ky0tXhcLB++owqtU9s6ZJYKs6W7q5N+8KLEaPbZSK7wSFBcSU7dpY1Y +VRqr7YUh/nlr7KELiMt8kWkVqzWAjjBdVHig6sbJzQKCAQEAtCT74GcZmCcjfGnB +eypv16E0OLPc+iZcc9nfnMcq1qfU9vnfj8DUBdSU21ryTL2xzki7k36UFbVSnTM+ +PGbrvuk7OXTTMiFd9R78asUEX3D8Gq+dVNfdrNPYh31FaR7ltojCFbDsK9en8FJ/ +haWOT0PKP1R9ehXz7f65N0Xf+NqwxQ9PFok8JVgB6c5Tr5XLDqscFuEa7IpwUjct +5Xm3cIsamQyCL1XFlv6hd9QJ4XOL6o5ALEK7t6KGbc7uh8IqBYSFVUB4uaZw2Gx0 +LQ97U0qvR89Tiqw/IxbZDT847WiUQlcD5yKPRCF8JFOYAaKN92INaUHsz2uvZymR +BO+RGQKCAQAPTCp65gWGF1ljtIYZztkAUcI24DJj2cnH2C9My0ffGGGBoOVK/VSl +4bH4Z3DZYHd2PnPEF+gbBzF65jXXbQTE6GrDu/QOrB/AvSp3leF8Cl35623huYjw +Tg6IrKTH8B6/he9QoAkm2LoeFhG+EfjNBLYlNNy4o6flew4Wkt8wSngBsNwmR+el +GPzsjThtHilZeBa4IpqhDuMSJqNsI8LoUIE+BiAmsFI77mIwPLmFv+iorVgwoKhL +47EYIJwIdLaDLRaOG9c8JUhb5hnJrndjs2TkyXlPaU8rB7abbmfyDHDXl0/aWxrB +42qh8BM/Sqf0QBVQHj6rYpyzkOh98W2dAoIBAQCdy7xVz+NTrfRxuxWGdUktIp78 +17nZXzwfjU06PPhfY6qfwyFN9zbM6OpLdWMYdQ+oX7qEXQLA1AQg0iJ87RDYyk3t +R/VFSKyO3pi8RSDnxVn8gkhwkPyx4pAzM/kkswS+TI0JcgFXtdIS7ynw/knskUKS +jKCleyr/ptnYqjjVeB3OAns6GANVMP3sIrxB6TQzM6aiyNSCExjREz9eG9J48x+y +D6NXTbiYlazxkHlNZqDqTF8iWZt9kFB4RP+dZ3cjrk6aTdcOAPNa6pabDfmFIzne +UbYZYMIfdr3rvdZpI9FdMIsxBD6eJFBX1YLsGA+twV3lPdtNS7eaF5JIUg0f +-----END RSA PRIVATE KEY----- diff --git a/packer/aws-docker.pkr.hcl b/packer/aws-docker.pkr.hcl new file mode 100644 index 0000000..31109af --- /dev/null +++ b/packer/aws-docker.pkr.hcl @@ -0,0 +1,41 @@ +packer { + required_plugins { + amazon = { + version = ">= 1.3.2" + source = "github.com/hashicorp/amazon" + } + } +} + +source "amazon-ebs" "base" { + ami_regions = var.ami_regions + // source_ami = "YOUR_AMI_ID" + // source_ami = "ami-0d421d84814b7d51c" + source_ami_filter { + filters = { + name = "al2023-ami-2023*" + architecture = "x86_64" + } + most_recent = true + owners = ["amazon"] + } + instance_type = "t2.micro" + ssh_username = "ec2-user" + ami_name = "amazon-linux-docker_{{timestamp}}" +} + +build { + sources = ["source.amazon-ebs.base"] + provisioner "shell" { + // inline = [ + // "sudo dnf update -y", + // "sudo dnf install -y docker", + // "sudo systemctl start docker", + // "sudo systemctl enable docker", + // "sudo usermod -a -G docker ec2-user", "sudo dnf install -y nmap" + // ] + script = "setup.sh" + # run script after cloud-init finishes to avoid race conditions + execute_command = "cloud-init status --wait && sudo -E sh '{{ .Path }}'" + } +} diff --git a/packer/setup.sh b/packer/setup.sh new file mode 100644 index 0000000..89cba5c --- /dev/null +++ b/packer/setup.sh @@ -0,0 +1,8 @@ +#!/bin/bash +set -ex +sudo dnf update -y +sudo dnf install -y docker +sudo systemctl start docker +sudo systemctl enable docker +sudo usermod -a -G docker ec2-user +sudo dnf install -y nmap diff --git a/packer/variables.pkr.hcl b/packer/variables.pkr.hcl new file mode 100644 index 0000000..627ab7e --- /dev/null +++ b/packer/variables.pkr.hcl @@ -0,0 +1,4 @@ +variable "ami_regions" { + type = list(string) + description = "A list of regions where the AMI will be copied to." +}