web-development/strapi-elb
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Updating single instance

Browse Source
This commit is contained in:
Daniel Tomlinson
2020-07-30 01:20:16 +01:00
parent cae918f832
commit 149a5a199d
4 changed files with 58 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
.ebextensions/04-environment.config
View File

@@ -9,17 +9,17 @@ option_settings:
# value: AKIA23D4RF6OZWGDKV7W # value: AKIA23D4RF6OZWGDKV7W
# - option_name: STRAPI_S3_SECRET_KEY # - option_name: STRAPI_S3_SECRET_KEY
# value: "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" # value: "4sb/fxewDGjMYLocjclPCWDm7JTBCYuFBjQAbbBR"
# - option_name: STRAPI_S3_REGION - option_name: STRAPI_S3_REGION
# value: "eu-west-1" value: "eu-west-1"
# - option_name: STRAPI_S3_BUCKET - option_name: STRAPI_S3_BUCKET
# value: "elb-example-bucket-cf" value: "prod-strapi-eb-strapi-uploads"
# - option_name: RDS_HOSTNAME - option_name: RDS_HOSTNAME
# value: prod-strapi-elb.chgwfe43ss59.eu-west-1.rds.amazonaws.com value: prod-strapi-eb.chgwfe43ss59.eu-west-1.rds.amazonaws.com
# - option_name: RDS_PORT - option_name: RDS_PORT
# value: 5432 value: 5432
# - option_name: RDS_NAME - option_name: RDS_NAME
# value: postgres value: postgres
# - option_name: RDS_USERNAME - option_name: RDS_USERNAME
# value: mainuser value: mainuser
# - option_name: RDS_PASSWORD - option_name: RDS_PASSWORD
# value: password value: password

2
.ebextensions/07-custom-vpc.config
View File

@@ -6,7 +6,7 @@ option_settings:
# DBSubnets: "subnet-0b17872a2b9315fad,subnet-0342e8a0a77b30e23,subnet-0eacb84d238279a58" # DBSubnets: "subnet-0b17872a2b9315fad,subnet-0342e8a0a77b30e23,subnet-0eacb84d238279a58"
# ELBSubnets: "subnet-0b17872a2b9315fad,subnet-0342e8a0a77b30e23,subnet-0eacb84d238279a58" # ELBSubnets: "subnet-0b17872a2b9315fad,subnet-0342e8a0a77b30e23,subnet-0eacb84d238279a58"
aws:autoscaling:launchconfiguration: aws:autoscaling:launchconfiguration:
SecurityGroups: sg-07a97fc88ba143f26 SecurityGroups: sg-087f33381c535528b
# aws:elbv2:loadbalancer: # aws:elbv2:loadbalancer:
# ManagedSecurityGroup: sg-0e6f91df2ed07050a # ManagedSecurityGroup: sg-0e6f91df2ed07050a
# SecurityGroups: sg-0e6f91df2ed07050a # SecurityGroups: sg-0e6f91df2ed07050a

24
infrastructure/main.tf
View File

@@ -8,7 +8,7 @@ provider "aws" {
# tags # tags
locals { locals {
tags = { tags = {
"Project" = "strapi-elb" "Project" = "strapi-eb"
"Description" = "Terraform resources for strapi in Elastic Beanstalk" "Description" = "Terraform resources for strapi in Elastic Beanstalk"
} }
} }
@@ -19,6 +19,7 @@ module "vpc" {
source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.14.0" source = "git::https://github.com/cloudposse/terraform-aws-vpc.git?ref=tags/0.14.0"
stage = var.stage stage = var.stage
name = var.name name = var.name
tags = local.tags
cidr_block = "172.16.0.0/16" cidr_block = "172.16.0.0/16"
enable_default_security_group_with_custom_rules = false enable_default_security_group_with_custom_rules = false
@@ -28,6 +29,7 @@ module "subnets" {
source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.23.0" source = "git::https://github.com/cloudposse/terraform-aws-dynamic-subnets.git?ref=tags/0.23.0"
stage = var.stage stage = var.stage
name = var.name name = var.name
tags = local.tags
availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"] availability_zones = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
vpc_id = module.vpc.vpc_id vpc_id = module.vpc.vpc_id
@@ -41,6 +43,7 @@ resource "aws_security_group" "ec2_security_group" {
name = "${var.stage}-${var.name}-ec2_sg" name = "${var.stage}-${var.name}-ec2_sg"
description = "Security group assigned to the Elastic Scaling group that is applied to the EC2 instances." description = "Security group assigned to the Elastic Scaling group that is applied to the EC2 instances."
vpc_id = module.vpc.vpc_id vpc_id = module.vpc.vpc_id
tags = local.tags
ingress { ingress {
description = "HTTP" description = "HTTP"
@@ -67,12 +70,28 @@ resource "aws_security_group" "ec2_security_group" {
} }
} }
resource "aws_security_group" "rds_security_group_public" {
name = "${var.stage}-${var.name}-rds_public_sg"
description = "Security group for the RDS instance that allows public access from the internet."
vpc_id = module.vpc.vpc_id
tags = local.tags
ingress {
description = "Incoming Postgres"
from_port = 5432
to_port = 5432
protocol = "tcp"
cidr_blocks = ["82.6.205.148/32"]
}
}
# RDS instance # RDS instance
module "rds_instance" { module "rds_instance" {
source = "git::https://github.com/cloudposse/terraform-aws-rds.git?ref=tags/0.20.0" source = "git::https://github.com/cloudposse/terraform-aws-rds.git?ref=tags/0.20.0"
stage = var.stage stage = var.stage
name = var.name name = var.name
tags = local.tags
allocated_storage = 5 allocated_storage = 5
database_name = "postgres" database_name = "postgres"
@@ -83,11 +102,12 @@ module "rds_instance" {
engine = "postgres" engine = "postgres"
engine_version = "12.3" engine_version = "12.3"
instance_class = "db.t2.micro" instance_class = "db.t2.micro"
security_group_ids = [aws_security_group.ec2_security_group.id] security_group_ids = [aws_security_group.ec2_security_group.id]
associate_security_group_ids = [aws_security_group.rds_security_group_public.id]
subnet_ids = module.subnets.public_subnet_ids subnet_ids = module.subnets.public_subnet_ids
vpc_id = module.vpc.vpc_id vpc_id = module.vpc.vpc_id
publicly_accessible = true publicly_accessible = true
tags = local.tags
} }
# S3 bucket # S3 bucket

14
infrastructure/outputs.tf
View File

@@ -1,17 +1,19 @@
# S3 # S3
output "s3_static_assets_id" { output "s3_static_assets_id" {
value = resource.aws_s3_bucket.static_assets.id value = aws_s3_bucket.static_assets.id
description = "Name of the static assets S3 bucket." description = "Name of the static assets S3 bucket."
} }
output "s3_static_assets_arn" {
value = resource.aws_s3_bucket.static_assets.arn
description = "ARN of the static assets S3 bucket."
}
# Security groups # Security groups
output "aws_security_group_ec2_security_group" { output "aws_security_group_ec2_security_group" {
value = aws_security_group.ec2_security_group.id value = aws_security_group.ec2_security_group.id
description = "Security group for the EC2 instances applied by the Elastic Scaler." description = "Security group for the EC2 instances applied by the Elastic Scaler."
} }
# RDS
output "rds_instance_endpoint" {
value = module.rds_instance.instance_endpoint
description = "Endpoint of the RDS instance."
}