diff options
| author | Paul Buetow <paul@buetow.org> | 2023-12-31 18:32:48 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2023-12-31 18:32:48 +0200 |
| commit | b8a3eae3d237c81f1eaf0d9aa59b36b93c78bd4f (patch) | |
| tree | 5e8edcc7c2f3a2bd9a91326406ad69b3d42fc1eb | |
| parent | c9343e11b777cace469f02f0c29aa07bae7fdc3c (diff) | |
cleanup playgrounds
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | README.md | 4 | ||||
| -rw-r--r-- | org-buetow-nextcloud.DELETEME/data.tf | 10 | ||||
| -rw-r--r-- | org-buetow-nextcloud.DELETEME/id_rsa.pub | 1 | ||||
| -rw-r--r-- | org-buetow-nextcloud.DELETEME/lb.tf | 58 | ||||
| -rw-r--r-- | org-buetow-nextcloud.DELETEME/main.tf | 52 | ||||
| -rw-r--r-- | org-buetow-nextcloud.DELETEME/remotestates.tf | 17 | ||||
| -rw-r--r-- | org-buetow-nextcloud.DELETEME/user_data.tpl | 33 | ||||
| -rw-r--r-- | playground/README.md | 3 | ||||
| -rw-r--r-- | playground/ec2-instance-test/data.tf | 9 | ||||
| -rw-r--r-- | playground/ec2-instance-test/efs.tf | 28 | ||||
| -rw-r--r-- | playground/ec2-instance-test/elb.tf | 0 | ||||
| -rw-r--r-- | playground/ec2-instance-test/id_rsa.pub | 1 | ||||
| -rw-r--r-- | playground/ec2-instance-test/main.tf | 57 | ||||
| -rw-r--r-- | playground/ec2-instance-test/network.tf | 82 | ||||
| -rw-r--r-- | playground/ec2-instance-test/outputs.tf | 3 | ||||
| -rw-r--r-- | playground/ec2-instance-test/user_data.tpl | 21 | ||||
| -rw-r--r-- | playground/ec2-instance-test/variables.tf | 5 | ||||
| -rw-r--r-- | playground/eks-test/main.tf | 13 | ||||
| -rw-r--r-- | playground/eu-central-1-vpc/main.tf | 57 | ||||
| -rw-r--r-- | playground/eu-central-1-vpc/outputs.tf | 19 |
21 files changed, 0 insertions, 475 deletions
@@ -3,9 +3,7 @@ apply: #cd org-buetow-bastion && terraform apply -auto-approve cd org-buetow-elb && terraform apply -auto-approve cd org-buetow-ecs && terraform apply -auto-approve - #cd org-buetow-nextcloud && terraform apply -auto-approve destroy: - cd org-buetow-nextcloud && terraform destroy -auto-approve cd org-buetow-ecs && terraform destroy -auto-approve cd org-buetow-elb && terraform destroy -auto-approve cd org-buetow-bastion && terraform destroy -auto-approve @@ -37,7 +37,3 @@ In `org-buetow-elb` ## Now set up Fargate/ECS In `org-buetow-ecs` - -## Nextcloud - -In `org-buetow-nextcloud` diff --git a/org-buetow-nextcloud.DELETEME/data.tf b/org-buetow-nextcloud.DELETEME/data.tf deleted file mode 100644 index a2d9ecd..0000000 --- a/org-buetow-nextcloud.DELETEME/data.tf +++ /dev/null @@ -1,10 +0,0 @@ -data "aws_region" "current" {} - -data "template_file" "user_data" { - template = file("${path.module}/user_data.tpl") - - vars = { - region = data.aws_region.current.name - efs_id = data.terraform_remote_state.base.outputs.self_hosted_services_efs_id - } -} diff --git a/org-buetow-nextcloud.DELETEME/id_rsa.pub b/org-buetow-nextcloud.DELETEME/id_rsa.pub deleted file mode 100644 index 0185c3c..0000000 --- a/org-buetow-nextcloud.DELETEME/id_rsa.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDNjjJiqpf7+tb7Ejy2wsTHrOzakG6kJN+zopASjRUrFrGWZXw3xyqMlGR0QhyXEleOEjMlV3SyFEmg4PvDiEnri1MLLVZ/mt24T99C7Hq3UsXXqqwjB1HbUMv6wfNwV3DabiJtdfhlN0F2k2GlYsC/N6Xi3Yt+LF1gW70wCaYB05hGOjiZhlkQbAVX29UqSxIJIa9G9+ZDv7pwB0J9qbKAgwr6kkGoqmiGI01qBixEO0FYs3h+l9R+XWQln4Uw5er/RlvLiqCKcLMzv1Q/pqlKL1wdDTR3ANvf2z7m7Z6GcQmfOuvrHHotEH9uoVOiB+RdeFU86U1mQuzo+hZUBstxC03s44VCYZ075wQe85i7CVDoaSVxyefPaAOOiWZbbyYMk/s+ewP21tIEiMERTm58WTmsouO2zbrwt5rWWWEA0b0hYM8QLEn7l05Lg+2Au052E++NUckqDGyrwPyTY3J7fOVkR+ddIYHZ7WW3djc67HOYbgIAm1cWuTQQttoaOp0= paul@computer diff --git a/org-buetow-nextcloud.DELETEME/lb.tf b/org-buetow-nextcloud.DELETEME/lb.tf deleted file mode 100644 index ef5bf96..0000000 --- a/org-buetow-nextcloud.DELETEME/lb.tf +++ /dev/null @@ -1,58 +0,0 @@ -resource "aws_route53_record" "a_record" { - zone_id = data.terraform_remote_state.base.outputs.buetow_cloud_zone_id - name = "next.buetow.cloud." - type = "A" - - alias { - name = data.terraform_remote_state.elb.outputs.alb_dns_name - zone_id = data.terraform_remote_state.elb.outputs.alb_zone_id - evaluate_target_health = true - } -} - -resource "aws_route53_record" "aaaa_record" { - zone_id = data.terraform_remote_state.base.outputs.buetow_cloud_zone_id - name = "next.buetow.cloud." - type = "AAAA" - - alias { - name = data.terraform_remote_state.elb.outputs.alb_dns_name - zone_id = data.terraform_remote_state.elb.outputs.alb_zone_id - evaluate_target_health = true - } -} - -resource "aws_lb_target_group" "nextcloud_tg" { - name = "nextcloud-tg" - port = 80 - protocol = "HTTP" - vpc_id = data.terraform_remote_state.base.outputs.vpc_id - target_type = "ip" - - health_check { - enabled = true - healthy_threshold = 2 - unhealthy_threshold = 2 - interval = 30 - path = "/" - protocol = "HTTP" - timeout = 3 - matcher = "200-299" - } -} - -resource "aws_lb_listener_rule" "nextcloud_https_listener_rule" { - listener_arn = data.terraform_remote_state.elb.outputs.alb_https_listener_arn - priority = 200 - - action { - type = "forward" - target_group_arn = aws_lb_target_group.nextcloud_tg.arn - } - - condition { - host_header { - values = ["nextcloud.buetow.cloud"] - } - } -} diff --git a/org-buetow-nextcloud.DELETEME/main.tf b/org-buetow-nextcloud.DELETEME/main.tf deleted file mode 100644 index ed604ea..0000000 --- a/org-buetow-nextcloud.DELETEME/main.tf +++ /dev/null @@ -1,52 +0,0 @@ -terraform { - backend "s3" { - bucket = "org-buetow-tfstate" - key = "org-buetow-nextcloud/terraform.tfstate" - region = "eu-central-1" - encrypt = true - } -} - -provider "aws" { - region = "eu-central-1" # or your preferred AWS region -} - -resource "aws_key_pair" "id_rsa_pub" { - key_name = "nextcloud-id-rsa-pub" - public_key = file("${path.module}/id_rsa.pub") -} - -resource "aws_instance" "nextcloud" { - ami = "ami-024f768332f080c5e" # Amazon Linux 2023 - - instance_type = "t2.medium" - key_name = aws_key_pair.id_rsa_pub.key_name - subnet_id = data.terraform_remote_state.base.outputs.public_subnet_a_id - - vpc_security_group_ids = [ - data.terraform_remote_state.base.outputs.allow_ssh_sg_id, - data.terraform_remote_state.base.outputs.allow_web_sg_id, - data.terraform_remote_state.base.outputs.allow_outbound_sg_id, - ] - user_data = data.template_file.user_data.rendered - - tags = { - Name = "nextcloud" # Replace with your desired name - } -} - -resource "aws_route53_record" "nextcloud_a_record" { - zone_id = data.terraform_remote_state.base.outputs.buetow_cloud_zone_id - name = "nextcloud.buetow.cloud" - type = "A" - ttl = "300" - records = [aws_instance.nextcloud.public_ip] -} - -resource "aws_route53_record" "nextcloud_aaaa_record" { - zone_id = data.terraform_remote_state.base.outputs.buetow_cloud_zone_id - name = "nextcloud.buetow.cloud" - type = "AAAA" - ttl = "300" - records = aws_instance.nextcloud.ipv6_addresses -} diff --git a/org-buetow-nextcloud.DELETEME/remotestates.tf b/org-buetow-nextcloud.DELETEME/remotestates.tf deleted file mode 100644 index db9b321..0000000 --- a/org-buetow-nextcloud.DELETEME/remotestates.tf +++ /dev/null @@ -1,17 +0,0 @@ -data "terraform_remote_state" "base" { - backend = "s3" - config = { - bucket = "org-buetow-tfstate" - key = "org-buetow-base/terraform.tfstate" - region = "eu-central-1" - } -} - -data "terraform_remote_state" "elb" { - backend = "s3" - config = { - bucket = "org-buetow-tfstate" - key = "org-buetow-elb/terraform.tfstate" - region = "eu-central-1" - } -} diff --git a/org-buetow-nextcloud.DELETEME/user_data.tpl b/org-buetow-nextcloud.DELETEME/user_data.tpl deleted file mode 100644 index fb902e9..0000000 --- a/org-buetow-nextcloud.DELETEME/user_data.tpl +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -# Docker -sudo yum update -y -sudo yum install docker -y -sudo systemctl enable docker -sudo systemctl start docker -sudo usermod -a -G docker ec2-user - -# EFS -yum install -y amazon-efs-utils -mkdir /mnt/efs -echo '${efs_id}.efs.${region}.amazonaws.com:/ec2/nextcloud /mnt/efs nfs4 defaults,vers=4.1 0 0' >> /etc/fstab -while ! mountpoint /mnt/efs; do - echo 'Retrying to mount file systems after 10s...' - mount -a - sleep 10 -done - -# Nextcloud -sudo docker run \ - --init \ - -d \ - --sig-proxy=false \ - --name nextcloud-aio-mastercontainer \ - --restart always \ - --publish 8080:8080 \ - --env APACHE_PORT=80 \ - --env APACHE_IP_BINDING=0.0.0.0 \ - --volume nextcloud_aio_mastercontainer:/mnt/docker-aio-config \ - --volume /var/run/docker.sock:/var/run/docker.sock:ro \ - --env NEXTCLOUD_DATADIR="/mnt/efs/ec2/nextcloud/ncdata" \ - nextcloud/all-in-one:latest diff --git a/playground/README.md b/playground/README.md deleted file mode 100644 index 54c99bd..0000000 --- a/playground/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# Playground - -Everything in here is not for prod use but as a playground. diff --git a/playground/ec2-instance-test/data.tf b/playground/ec2-instance-test/data.tf deleted file mode 100644 index b6fc413..0000000 --- a/playground/ec2-instance-test/data.tf +++ /dev/null @@ -1,9 +0,0 @@ -# Get latest Amazon Linux 2 AMI -data "aws_ami" "amazon-linux-2" { - most_recent = true - owners = ["amazon"] - filter { - name = "name" - values = ["amzn2-ami-hvm*"] - } -} diff --git a/playground/ec2-instance-test/efs.tf b/playground/ec2-instance-test/efs.tf deleted file mode 100644 index 1f0ae8f..0000000 --- a/playground/ec2-instance-test/efs.tf +++ /dev/null @@ -1,28 +0,0 @@ -resource "aws_efs_file_system" "efs" { - creation_token = "efs" - encrypted = true -} - -resource "aws_efs_mount_target" "efs_mt" { - file_system_id = aws_efs_file_system.efs.id - subnet_id = aws_subnet.public_subnet.id # Replace with your subnet ID - security_groups = [aws_security_group.efs_sg.id] # Replace with your security group ID -} - -resource "aws_security_group" "efs_sg" { - vpc_id = aws_vpc.vpc.id # Replace with your VPC ID - - ingress { - from_port = 2049 # NFS port - to_port = 2049 - protocol = "tcp" - cidr_blocks = ["10.0.0.0/16"] # Replace with the CIDR block of your VPC or EC2 instance subnet - } - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" - cidr_blocks = ["0.0.0.0/0"] - } -} diff --git a/playground/ec2-instance-test/elb.tf b/playground/ec2-instance-test/elb.tf deleted file mode 100644 index e69de29..0000000 --- a/playground/ec2-instance-test/elb.tf +++ /dev/null diff --git a/playground/ec2-instance-test/id_rsa.pub b/playground/ec2-instance-test/id_rsa.pub deleted file mode 100644 index 0185c3c..0000000 --- a/playground/ec2-instance-test/id_rsa.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDNjjJiqpf7+tb7Ejy2wsTHrOzakG6kJN+zopASjRUrFrGWZXw3xyqMlGR0QhyXEleOEjMlV3SyFEmg4PvDiEnri1MLLVZ/mt24T99C7Hq3UsXXqqwjB1HbUMv6wfNwV3DabiJtdfhlN0F2k2GlYsC/N6Xi3Yt+LF1gW70wCaYB05hGOjiZhlkQbAVX29UqSxIJIa9G9+ZDv7pwB0J9qbKAgwr6kkGoqmiGI01qBixEO0FYs3h+l9R+XWQln4Uw5er/RlvLiqCKcLMzv1Q/pqlKL1wdDTR3ANvf2z7m7Z6GcQmfOuvrHHotEH9uoVOiB+RdeFU86U1mQuzo+hZUBstxC03s44VCYZ075wQe85i7CVDoaSVxyefPaAOOiWZbbyYMk/s+ewP21tIEiMERTm58WTmsouO2zbrwt5rWWWEA0b0hYM8QLEn7l05Lg+2Au052E++NUckqDGyrwPyTY3J7fOVkR+ddIYHZ7WW3djc67HOYbgIAm1cWuTQQttoaOp0= paul@computer diff --git a/playground/ec2-instance-test/main.tf b/playground/ec2-instance-test/main.tf deleted file mode 100644 index 4bbc062..0000000 --- a/playground/ec2-instance-test/main.tf +++ /dev/null @@ -1,57 +0,0 @@ -terraform { - backend "s3" { - bucket = "org-buetow-tfstate" - key = "playground/ec2-instance-test/terraform.tfstate" - region = "eu-central-1" - # Optional, if you enabled server-side encryption - encrypt = true - } -} - -provider "aws" { - region = "eu-central-1" # or your preferred AWS region -} - -data "aws_region" "current" {} - -resource "aws_key_pair" "id_rsa_pub" { - key_name = "${var.environment}-ec2_instance_test_paul@earth" - public_key = file("${path.module}/id_rsa.pub") -} - -data "template_file" "user_data" { - template = file("${path.module}/user_data.tpl") - - vars = { - region = data.aws_region.current.name - efs_id = aws_efs_file_system.efs.id - } -} - -resource "aws_instance" "instance" { - ami = data.aws_ami.amazon-linux-2.id - instance_type = "t2.micro" - key_name = aws_key_pair.id_rsa_pub.key_name - subnet_id = aws_subnet.public_subnet.id - - vpc_security_group_ids = [ - aws_security_group.allow_ssh.id, - aws_security_group.allow_http.id, - aws_security_group.allow_https.id, - aws_security_group.allow_outbound.id - ] - user_data = data.template_file.user_data.rendered - depends_on = [aws_efs_file_system.efs] -} - -data "aws_route53_zone" "zone" { - name = "aws.buetow.org." # Replace with your domain name -} - -resource "aws_route53_record" "record" { - zone_id = data.aws_route53_zone.zone.zone_id - name = "${var.environment}-ec2-instance.aws.buetow.org" # Replace with your desired subdomain or leave empty for root - type = "A" - ttl = "300" - records = [aws_instance.instance.public_ip] -} diff --git a/playground/ec2-instance-test/network.tf b/playground/ec2-instance-test/network.tf deleted file mode 100644 index 2f9562e..0000000 --- a/playground/ec2-instance-test/network.tf +++ /dev/null @@ -1,82 +0,0 @@ -resource "aws_vpc" "vpc" { - cidr_block = "10.0.0.0/16" # Specify your CIDR block - enable_dns_support = true - enable_dns_hostnames = true -} - -resource "aws_internet_gateway" "igw" { - vpc_id = aws_vpc.vpc.id -} - -resource "aws_subnet" "public_subnet" { - vpc_id = aws_vpc.vpc.id # Referencing the VPC - cidr_block = "10.0.1.0/24" # Specify your CIDR block for the subnet - availability_zone = "eu-central-1a" # Change to your desired AZ - map_public_ip_on_launch = true -} - -resource "aws_route_table" "route_table" { - vpc_id = aws_vpc.vpc.id - - route { - cidr_block = "0.0.0.0/0" - gateway_id = aws_internet_gateway.igw.id - } -} - -resource "aws_route_table_association" "a" { - subnet_id = aws_subnet.public_subnet.id - route_table_id = aws_route_table.route_table.id -} - -resource "aws_security_group" "allow_ssh" { - name = "allow_ssh" - description = "Allow SSH inbound traffic" - vpc_id = aws_vpc.vpc.id - - ingress { - from_port = 22 - to_port = 22 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -} - -resource "aws_security_group" "allow_http" { - name = "allow_http" - description = "Allow HTTP inbound traffic" - vpc_id = aws_vpc.vpc.id - - ingress { - from_port = 80 - to_port = 80 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -} - -resource "aws_security_group" "allow_https" { - name = "allow_https" - description = "Allow HTTPS inbound traffic" - vpc_id = aws_vpc.vpc.id - - ingress { - from_port = 443 - to_port = 443 - protocol = "tcp" - cidr_blocks = ["0.0.0.0/0"] - } -} - -resource "aws_security_group" "allow_outbound" { - name = "allow_outbound" - description = "Allow outbound traffic" - vpc_id = aws_vpc.vpc.id - - egress { - from_port = 0 - to_port = 0 - protocol = "-1" # -1 means all protocols - cidr_blocks = ["0.0.0.0/0"] # Allows outbound traffic to all IP addresses - } -} diff --git a/playground/ec2-instance-test/outputs.tf b/playground/ec2-instance-test/outputs.tf deleted file mode 100644 index 786fe9b..0000000 --- a/playground/ec2-instance-test/outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "public_ip" { - value = aws_instance.instance.public_ip -} diff --git a/playground/ec2-instance-test/user_data.tpl b/playground/ec2-instance-test/user_data.tpl deleted file mode 100644 index b78fef1..0000000 --- a/playground/ec2-instance-test/user_data.tpl +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -# Docker -sudo yum update -y -sudo amazon-linux-extras install docker -y -sudo service docker enable -sudo service docker start -sudo usermod -a -G docker ec2-user - -# Docker Compose -sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose -sudo chmod +x /usr/local/bin/docker-compose - -# EFS -yum install -y amazon-efs-utils -mkdir /mnt/efs -echo '${efs_id}.efs.${region}.amazonaws.com:/ /mnt/efs nfs4 defaults,vers=4.1 0 0' >> /etc/fstab -while ! mount -a; do - echo 'Retrying to mount file systems after 10s...' - sleep 10 -done diff --git a/playground/ec2-instance-test/variables.tf b/playground/ec2-instance-test/variables.tf deleted file mode 100644 index dd9d035..0000000 --- a/playground/ec2-instance-test/variables.tf +++ /dev/null @@ -1,5 +0,0 @@ -variable "environment" { - description = "The deployment environment" - type = string - default = "playground" -} diff --git a/playground/eks-test/main.tf b/playground/eks-test/main.tf deleted file mode 100644 index c17f136..0000000 --- a/playground/eks-test/main.tf +++ /dev/null @@ -1,13 +0,0 @@ -terraform { - backend "s3" { - bucket = "org-buetow-tfstate" - key = "playground/eks-test/terraform.tfstate" - region = "eu-central-1" - encrypt = true - } -} - -provider "aws" { - region = "eu-central-1" # or your preferred AWS region -} - diff --git a/playground/eu-central-1-vpc/main.tf b/playground/eu-central-1-vpc/main.tf deleted file mode 100644 index ff1c8d8..0000000 --- a/playground/eu-central-1-vpc/main.tf +++ /dev/null @@ -1,57 +0,0 @@ -terraform { - backend "s3" { - bucket = "org-buetow-tfstate" - key = "eu-central-1-vpc/terraform.tfstate" - region = "eu-central-1" - encrypt = true - } -} - -provider "aws" { - region = "eu-central-1" # or your preferred AWS region -} - -# Create a new VPC -resource "aws_vpc" "org_buetow_vpc" { - cidr_block = "10.0.0.0/16" - - tags = { - Name = "org_buetow_vpc" - } -} - -# Fetch availability zones -data "aws_availability_zones" "available" { -} - -# Create three subnets, one for each availability zone -resource "aws_subnet" "eks_control_pane_subnets" { - count = 3 - - cidr_block = "10.0.${count.index + 10}.0/24" - vpc_id = aws_vpc.org_buetow_vpc.id - availability_zone = element(data.aws_availability_zones.available.names, count.index) - - tags = { - Name = "eks_control_pane_subnet-${count.index}" - } -} - -# Create three subnets, one for each availability zone -resource "aws_subnet" "eks_subnets" { - count = 3 - - cidr_block = "10.0.${count.index + 1}.0/24" - vpc_id = aws_vpc.org_buetow_vpc.id - availability_zone = element(data.aws_availability_zones.available.names, count.index) - - tags = { - Name = "eks_subnet-${count.index}" - } -} - -resource "aws_security_group" "org_buetow_sg" { - name = "org-buetow-sg" - description = "Security group of the VPS" - vpc_id = aws_vpc.org_buetow_vpc.id -} diff --git a/playground/eu-central-1-vpc/outputs.tf b/playground/eu-central-1-vpc/outputs.tf deleted file mode 100644 index 6ac0bc1..0000000 --- a/playground/eu-central-1-vpc/outputs.tf +++ /dev/null @@ -1,19 +0,0 @@ -output "vpc_id" { - value = aws_vpc.org_buetow_vpc.id - description = "The IDs of the VPC" -} - -output "eks_control_pane_subnet_ids" { - value = aws_subnet.eks_control_pane_subnets[*].id - description = "The IDs of the EKS control pane subnets" -} - -output "eks_subnet_ids" { - value = aws_subnet.eks_subnets[*].id - description = "The IDs of the EKS subnets" -} - -output "security_group_id" { - value = aws_security_group.org_buetow_sg.id - description = "The IDs of the created security group" -} |