-
Notifications
You must be signed in to change notification settings - Fork 0
/
docker-registry-cfn.yml
55 lines (51 loc) · 2.3 KB
/
docker-registry-cfn.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
AWSTemplateFormatVersion: '2010-09-09'
Description: 'Docker Simple Image Registry'
Resources:
App:
Type: AWS::EC2::Instance
Properties:
InstanceType: t2.micro
SecurityGroup:
- !Ref AppSG
# Found from starting "Launch EC2 Instance" from the AWS console.
# NOTE: Different regions have different codes. This one is for an
# Ubuntu 16.04 instance in the Canada-central region.
ImageId: ami-b3d965d7
# This is the name of an EC2 key pair, generated in the AWS console.
KeyName: docker-registry
# A bash script for configuring the fresh Ubuntu instance with docker
# and other tools.
# This grabs the dependencies for docker, apache-utils (for htpasswd),
# and curl. Then, it downloads the official docker image and finally
# creates a new user called "docker" from the existing user called "ubuntu".
#
# With all this complete, the script then installs deps for Letsencrypt
# and grabs new SSL certs from LE and sets up a cron job to renew those
# certs so they never expire.
UserData: !Base64 |
#!/bin/bash
apt-get update -qq
apt-get install -y apt-transport-https ca-certificates curl software-properties-common apache2-utils
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable
apt-get update -qq
apt-get -y install docker-ce
usermod -aG docker ubuntu
curl -L https://github.com/docker/compose/releases/download/1.13.0/docker-compose-`uname -s`-`uname -m` > /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
# curl -L https://dl.eff.org/certbot-auto > /usr/local/bin/certbot-auto
# chmod a+x /usr/local/bin/certbot-auto
# certbot-auto certonly --standalone --email rob.m@myplanet.com -d registry.mbenablers.com
AppSG:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: 'for the app node that allows ssh, http, and docker ports'
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0