Infrastructure for azurefire.net and pushbot.party. Hosting for a bunch of services that @smashwilson wants to stash somewhere, deployed to AWS as immutable infrastructure.
These containers run persistently on the CoreOS host:
- pushbot: A hubot instance who's here to protect you from the terrible secret of space.
- az-nginx: An nginx server that terminates incoming TLS connections and proxies requests to other services.
These containers are triggered on a schedule:
- az-tls: Daily verification that the TLS certificate issued from Let's Encrypt is up to date. When expiration is near, acquire a new certificate with a DNS challenge and rebuild the infrastructure.
Each time a new commit is merged into the master branch of this repository, its Travis build:
- Ensures that an Elastic Load Balancer exists and collects information about any pre-existing instances.
- Creates a temporary SSH keypair and uploads it to EC2.
- Launches an EC2 instance with a CoreOS image and waits for it to begin listening on port 22.
- Creates a bash script from a Jinja2 template and executes it over an SSH connection to the new host. The bash script pulls and runs containers for each of the services listed above.
- Registers the new host on the load balancer.
- De-registers any prior hosts from the load balancer. Terminates any prior instances and deletes any unused security groups and keypairs.