ab47c46e by Volodymyr Tsap

initial commit

0 parents
# Compiled files
*.tfstate
*.tfstate.backup
# Module directory
.terraform/
# Packer script to build the universal AMI.
```
# setup your AMS access parameters in ~/.aws
# build the AMI
./packer-build-ami.sh
```
TOMCAT8_USER=tomcat8
TOMCAT8_GROUP=tomcat8
JAVA_OPTS="-Djava.awt.headless=true -Xmx512m -XX:+UseConcMarkSweepGC"
driftfile /var/lib/ntp/ntp.drift
restrict default nomodify nopeer noquery notrap limited kod
restrict -6 default nomodify nopeer noquery notrap limited kod
restrict 127.0.0.1
restrict -6 ::1
server 0.amazon.pool.ntp.org iburst
server 1.amazon.pool.ntp.org iburst
server 2.amazon.pool.ntp.org iburst
server 3.amazon.pool.ntp.org iburst
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDS2AobPFQwjqYtvMoehWuZzpcWxxrndl0yZWUWlPp9FycejV/WMbaQToi8SbgdW5v8MY1LO1DhQIbGYt3x8Oq3UZ3OsyWLH4uOMIUe8vI/FjlvjoRErIEWag6R1ISq9kcDjECfmFxjbJY6X0y1xtOYlJXORfVFQsCthgehUscnNKMdMtdA/Jd+Oe4OjEtsPuErDClnkSKe1D8H0dRVLU+UVPQw53LZlqZRK0KE5e8MPMDtJyhL21AjrxrfmpsliXi/3d82VsZJxyn2at48OlNRqJ+IL/6rLP9O2b1pRgDBgC4GME9hVrlbVcXxc4OAAPOfqCuchk7bw61aivrJByVee23GtZkNt3xhHYuvuMM6ose+boo2BydIcg5ZvRgiNcZrUKS/j5bH6Fhpxx/rr3r1B8rBaL2DruXUrJ3X8GuORbMro9tZpHaU6E5Sq5rPYLNL+XySAaK4iyIuytFhcoZDDzhtywNUKPyCqQOEkeZp8OsXMs5E9lkJ5ffDzEjCl299yEb9Vgig35xkmljIXb7FxWLHuAKx5InGlQqo7pty0oRz5VGxcAQ+EAKr/7VlcXOO/mZx4/7BNblEO68M3xpCeXGyyJzrpLwSmmvDF76Y8D1ulYtq2Z72+cKiiibWjLWDaTidKY+WjaeL8HI+9AaWz8lW8vL+Ulyre1Z8o+4w5w== bohdaq@gmail.com
# This file is managed by Ansible, don't make changes here - they will be overwritten.
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
export EDITOR=$(which vim)
export PAGER=$(which less)
export LESS="-R"
export GREP_COLORS='ms=01;31:mc=01;31:sl=:cx=:fn=0;49;92:ln=32:bn=32:se=36'
export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/opt/bin
export LANG=en_US.utf8
export LC_ALL=en_US.utf8
export HISTFILESIZE=10000
export HISTSIZE=10000
export HISTCONTROL=erasedups
export HISTIGNORE="&:ls:screen *:top:htop"
export HISTTIMEFORMAT="%t%d.%m.%y %H:%M:%S%t"
shopt -s histappend
complete -cf man
complete -cf nice
complete -cf ionice
alias c='clear'
alias s='set -o vi'
alias h='htop'
alias t='top'
alias m='mysql -e "SHOW FULL PROCESSLIST;"'
alias mf='mysql -e "SHOW FULL PROCESSLIST; show engine innodb status\G"'
alias d='dirs -v'
alias pu="pushd"
alias po="popd"
alias i='ip addr'
alias v='vim "+colorscheme elflord" "+syntax on"'
alias p='pwd'
alias ru="export INPUTRC=/root/.inputrc.yamato"
alias e='egrep'
alias config_show="e -v '(^#|^$|^[[:space:]]+#)'"
alias sy='/bin/systemctl'
# http://www.cyberciti.biz/faq/linux-which-process-is-using-swap/
# for file in /proc/*/status ; do awk '/VmSwap|Name/{printf $2 " " $3}END{ print ""}' $file; done | sort -k 2 -n -r | less'
alias show_swap_usage='for file in /proc/*/status ; do awk '\''/VmSwap|Name/{printf $2 " " $3}END{ print ""}'\'' $file; done | sort -k 2 -n -r | less'
# notify shortcut
jobdone() {
echo "DONE!" | mail -s "$(hostname): ${1:-Your job is done} [NOSR]" ${2:-yamato@shalb.com}
}
# count size of directories
dudu() {
ionice -c 3 nice -n 20 du -x -h --max-depth="$1" "$2" > /tmp/du
sort -h /tmp/du > /tmp/du_sorted
jobdone
}
# strace wrapper
str() {
strace -vyCTrf -s 1024 -o /tmp/strace.log -p "$1"
}
# custom aliases
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCke3hZ6iQJS3JU2KoPbfVjHkIlHnKMpVBQPDbzAY+RIbRXjdo2AExT1Ke9PTvEUMwktctZuwZbaX2h49fFVgKCcXcJoPuOJXiChaa5u0D5BxkwFaiATZDk8/dGnyJufqfydgHWdzG+QOXq38MTvr14b8xIJ+d/RuGt+jpxcOdaBbQPLSsy63ePwfX5QlhWNiLfLXAoQ2vFp+aY7H8XgFch3rWY/X4RBOpIY4CYpZZZRRnfq+Ys0qwAjB4pPRZe6DKjvaJEHJp+d77yNGXOhQYRexMWvlflU56mC7Qa5KRch4kj245EKEmTPofo9rA7GwohEQys69p/bxg6pZjNGUbL dracut@auth.shalb.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCi6UIVruH0CfKewYlSjA7oR6gjahZrkJ+k/0cj46nvYrORVcds2cijZPT34ACWkvXV8oYvXGWmvlGXV5H1sD0356zpjhRnGo6j4UZVS6KYX5HwObdZ6H/i+A9knEyXxOCyo6p4VeJIYGhVYcQT4GDAkxb8WXHVP0Ax/kUqrKx0a2tK9JjGkuLbufQc3yWhqcfZSVRU2a+M8f8EUmGLOc2VEi2mGoxVgikrelJ0uIGjLn63L6trrsbvasoBuILeXOAO1xICwtYFek/MexQ179NKqQ1Wx/+9Yx4Xc63MB0vR7kde6wxx2Auzp7CjJBFcSTz0TXSRsvF3mnUUoUrclNkr voa@auth.shalb.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1myxMk1aXkYFv1uv2Ba4yy0JAbgiLgRr0knK+3dQGzmlOJU9Z2qviAESM/UUsZukPB2JfhO/Zy2++7RrCyJh90YXx6C1ldV7OyDQ+XUxYchqneBtXalJdfRPpkanPKoPSCcIs4SV493BblzrT9ECZel6Y4BmW6raSCxjhNyjEjnWxJOOA5U65vV1AcjeXtnwe0aM6rGu4MkWxZPmEh9FsKx7FWmH/RlZbMpzFNI5TvMl6fXYsdiEBi1q33jceDCgOeXHfNM/KKiOjttmYZtdBGA83kUaRbJBKlMrZAPTDnFyLez3eNUglI9IrzCazPrJsTBO025vKYhZCQ5ZB8Lhf gelo@auth.shalb.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC/ppVu6sQk8hhX/Mft7jbG1fPHfEiSJEjDYLmGZAnjl2zFbdGCumfcuhopy9A1p26s8RUwdiDR5PIgiTRfTE2nstJCCgZuiq9qRiMrVem0F99mRCtpR7d/5vQh9zasqV2IRfAihFh0JiRvrxWjPuk0I9xul1kOB9slKqsRUHVtpMc7il38i5F7GAC01MaAb9j1PLLR21J86vUznq7e4LETLalqNHHSzRcxMNDOAbzf48z5ymOtf7P1m/eyerYOxJzBg8aR46UWs7dfPjbfQjtx3vvU30wprIlMwuoBLj0Zcpjwk0TOyukXlWtDJj/t0h5A4CA4q8jaZvpYGX6y+/Sl yamato@auth.shalb.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC872U0xIGtOQRXhOXHITkSDBhHsk5jxYX8YvXqsYh86AjONbHf/dvukJdUoTErmc9EcWJ3NshHlZbc+EMXULzuGlgQDGqwTQxKBXFbMX4u9p3ZCwDtQJqL15JTpIJ7UjWAlSbnOeqidLEIG1K7aiY+hbVSg/dIZ6od0RtJCicZrP0LSGnqR6OJZOlKN9ryFJ51z2V+OIPjyOpjfVZQXoO8KYBBFF8OhfDHUBFR/VolNEQedj9hLfd+rIuEwSlAPBnx6GQkgwp1JwOGXIlizklBHdOHqUB3QAPdt5mILNgwDvon0eb38jjapV6nJgSH1BASBt8l64LA6SGUSAOENCv3 arti@auth.shalb.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC9+eRDg5IArS8N0KVcOqP64ozZvbZQDHOq7BFVwDsoWxMGLlxhgdx/55cpOUXan+cnHPpRT2dGuGftr624SYV60TwrhGHukN0Kc4l0FtSvhjfLi1JN+3hSMdICAMWW7jYoSVNfQ+RAicRfEhjoCrcl0SmEYFlDT9OjiOLG9PxehKzgiJSAdCYoHSvirYM5vJJ7eYpeZkkECEtbX0xNzf9sPGKAgiRdD3UB3RTtoftsdqf6/ew6RLcZ7DVT89v6fXhWEqomWHZoHJf3sPeKVQgqgh+z8fJsea/Lkmc03pZmMNW2B8+xtbwW7/rmwU3o+44KXVqQ1kP9WKCgihD/RJiv logka@auth.shalb.com
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDfozZljVqfwmebNPIU7t+A0+UkTArd5pBvlZgSHk8ojCWRfTHV67Jggg5Kk8SkIRa1mT6/4Adl5rpyHWZsL+ND0hzWjpFG4A4V6dHN1/EFyLfx0bIck7pzBjq0IMHR1cZ+RjzyrhxpIkATtIvipZGy1zdyPQEyXKKx2kWvUlAUgqkpE9XZPazk3iYupajpXuegZOckuCgNPVjw/qxwWi5c6LrUgTHWBA+HbhShXXus6ogVC9X1xcon4wFoxveHfZemN5X09BP38pAyzIJAskCYqGDfTehI6cSc7EEycWnEx2B0vUKEVAcTyRXxjSPOk2vil+pTAdhaUfRAqAqeYiPL root@rundeck.shalb.com
#!/bin/bash
java_config_file=/usr/share/tomcat8/bin/setenv.sh
java_additional_params=$@
cat > ${java_config_file} << EOF
JAVA_OPTS="\$JAVA_OPTS ${java_additional_params}"
EOF
#!/bin/bash
packer build xp-ami-packer.json
#!/bin/bash
_apt_opts="sudo DEBIAN_FRONTEND=noninteractive apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold"
_apt_install_cmd="${_apt_opts} install"
_apt_upgrade_cmd="${_apt_opts} dist-upgrade"
ssh_auth_key_file="/root/.ssh/authorized_keys"
ssh_root_pubkey="ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCi6UIVruH0CfKewYlSjA7oR6gjahZrkJ+k/0cj46nvYrORVcds2cijZPT34ACWkvXV8oYvXGWmvlGXV5H1sD0356zpjhRnGo6j4UZVS6KYX5HwObdZ6H/i+A9knEyXxOCyo6p4VeJIYGhVYcQT4GDAkxb8WXHVP0Ax/kUqrKx0a2tK9JjGkuLbufQc3yWhqcfZSVRU2a+M8f8EUmGLOc2VEi2mGoxVgikrelJ0uIGjLn63L6trrsbvasoBuILeXOAO1xICwtYFek/MexQ179NKqQ1Wx/+9Yx4Xc63MB0vR7kde6wxx2Auzp7CjJBFcSTz0TXSRsvF3mnUUoUrclNkr voa@shalb.com"
# deploy configs (preinstall)
sudo chown -R root:root /tmp/configs_preinstall
sudo rsync -av /tmp/configs_preinstall/ /
# add ssh pubkey for root user
sudo sed -i "\$a${ssh_root_pubkey}" "${ssh_auth_key_file}"
# upgrade all packages
sudo apt-get update
${_apt_upgrade_cmd}
# install additional soft
${_apt_install_cmd} htop atop mtr sysstat tcptraceroute nload unzip iotop apt-file unzip mysql-client
# Ntp
${_apt_install_cmd} ntp
sudo systemctl enable ntp
sudo systemctl start ntp
# Postfix
echo "postfix postfix/mailname string example.com" | sudo debconf-set-selections
echo "postfix postfix/main_mailer_type string 'Internet Site'" | sudo debconf-set-selections
${_apt_install_cmd} postfix mailutils mutt
# Oracle Java
sudo apt-add-repository -y ppa:webupd8team/java
sudo apt-get update
echo 'oracle-java8-installer shared/accepted-oracle-license-v1-1 select true' | sudo /usr/bin/debconf-set-selections
${_apt_install_cmd} oracle-java8-installer
# Tomcat
#${_apt_install_cmd} tomcat8 haveged
#sudo rm -rf /var/lib/tomcat8/webapps/ROOT/
# clear logs
sudo rm -rf /var/log/*/*
# Apache2
#${_apt_install_cmd} apache2
# Install Play Framework
cd /opt
sudo wget https://downloads.typesafe.com/play/1.5.0/play-1.5.0.zip
sudo unzip play-1.5.0.zip
sudo ln -s /opt/play-1.5.0/play /usr/local/bin/play
# deploy configs (post-install)
sudo chown -R root:root /tmp/configs
sudo rsync -av /tmp/configs/ /
sudo chown -R ubuntu:ubuntu /home/ubuntu
{
"variables": {
"aws_access_key": "",
"aws_secret_key": ""
},
"_comment": "ubuntu/images/*ubuntu-xenial-16.04-amd64-server-*",
"builders": [{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "eu-central-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170721",
"root-device-type": "ebs"
},
"most_recent": true
},
"subnet_id": "subnet-f1e92d8a",
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": "xpdays-ami {{timestamp}}"
}],
"provisioners": [
{
"type": "file",
"source": "./configs",
"destination": "/tmp/"
},
{
"type": "shell",
"script": "provision-ami.sh"
}
]
}
## Define provider
provider "aws" {
region = "eu-central-1"
}
## Get instance AMI
data "aws_ami" "ubuntu" {
most_recent = true
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-*-16.04-amd64-server-*"]
}
}
# Define the instance
resource "aws_instance" "test-ec2instance" {
ami = "${data.aws_ami.ubuntu.id}"
instance_type = "t2.micro"
}
## Get instance AMI
data "aws_ami" "ubuntu" {
most_recent = true
filter {
name = "name"
values = ["ubuntu/images/hvm-ssd/ubuntu-*-16.04-amd64-server-*"]
}
}
## Define provider
provider "aws" {
region = "${var.region}"
}
# Define the instance
resource "aws_instance" "test-ec2instance" {
ami = "${data.aws_ami.ubuntu.id}"
vpc_security_group_ids = [ "${var.vpc_security_group_ids[1]}" ]
instance_type = "${lookup(var.instance_type, var.environment)}"
count = 1
}
# String
region = "eu-central-1"
# List
vpc_security_group_ids = [ "sg-84e649ed", "sg-90ea45fa" ]
# Map
instance_type = {
production = "t2.micro"
development = "m3.medium"
}
# Map of Lists
vpc_security_group_ids_map = {
eu-central-1 = [ "sg-84e649ed", "sg-90ea45fa" ]
eu-west-1 = [ "sg-1d4ab664", "sg-90ea45fa" ]
}
variable "region" {
type = "string"
default = "eu-central-1"
description = "The AWS region"
}
variable "environment" {
description = "The Environment Type"
default = "production"
}
variable "vpc_security_group_ids" {
type = "list"
}
variable "instance_type" {
type = "map"
default = {}
}
variable "vpc_security_group_ids_map" {
type = "map"
default = {}
}
## Get instance AMI
data "aws_ami" "xpdays-ami" {
most_recent = true
filter {
name = "name"
values = ["xpdays-ami*"]
}
}
## Define provider
provider "aws" {
region = "${var.region}"
}
# Define the instance
resource "aws_instance" "xpdays-instance" {
ami = "${data.aws_ami.xpdays-ami.id}"
vpc_security_group_ids = [ "${var.vpc_security_group_ids}" ]
instance_type = "${lookup(var.instance_type, var.environment)}"
user_data = <<EOF
#!/bin/bash
hostname xpdays${count.index + 1} && hostname > /etc/hostname
echo "127.0.0.1 localhost xpdays1" > /etc/hosts
cd /home/ubuntu
git clone https://bitbucket.org/bohdaq/wisehands.me.git
cd /home/ubuntu/wisehands.me/ && play deps
mkdir -p /home/ubuntu/wisehands.me/modules/guice-1.2
cd /home/ubuntu/wisehands.me/modules/guice-1.2
wget https://www.playframework.com/modules/guice-1.2.zip
unzip guice-1.2.zip
sed -i 's/mysql-database-endpoint/${aws_db_instance.db-instance.username}:${aws_db_instance.db-instance.password}@${aws_db_instance.db-instance.endpoint}\/${aws_db_instance.db-instance.name}/g' /home/ubuntu/wisehands.me/conf/application.conf
cd /home/ubuntu/wisehands.me/ && play run
EOF
tags {
Name = "xpdays${count.index + 1}"
}
count = 1
}
## Print Output
output "xpdays_instance_public_ip" {
value = "${join(",",aws_instance.xpdays-instance.*.public_ip)}"
}
resource "aws_db_subnet_group" "default_db_subnet_group" {
name = "main"
subnet_ids = ["${var.default_db_subnet_group_subnet_ids[var.region]}"]
tags {
Name = "Default DB subnet group"
}
}
resource "aws_db_instance" "db-instance" {
allocated_storage = 10
storage_type = "gp2"
engine = "mysql"
engine_version = "5.7.17"
instance_class = "db.t2.micro"
name = "wisehandsdb"
username = "root"
password = "53N4CsNmQrxh2"
db_subnet_group_name = "${aws_db_subnet_group.default_db_subnet_group.id}"
final_snapshot_identifier = "snapshot-defaultdbinstance${count.index + 1}"
skip_final_snapshot = true
publicly_accessible = true
tags {
key = "Name"
value = "default-db-instance${count.index + 1}-${var.environment}"
}
}
output "database_endpoint" {
value = "${aws_db_instance.db-instance.username}:${aws_db_instance.db-instance.password}@${aws_db_instance.db-instance.endpoint}/${aws_db_instance.db-instance.name}"
}
# String
region = "eu-central-1"
# List
vpc_security_group_ids = [ "sg-84e649ed", "sg-90ea45fa" ]
# Map
instance_type = {
production = "t2.micro"
development = "m3.medium"
}
# Map of Lists
default_db_subnet_group_subnet_ids = {
eu-central-1 = [ "subnet-f1e92d8a", "subnet-304b7f7a" ]
eu-west-1 = [ "subnet-f1e92d8a", "subnet-304b7f7a" ]
}
variable "region" {
type = "string"
default = "eu-central-1"
description = "The AWS region"
}
variable "environment" {
description = "The Environment Type"
default = "production"
}
variable "vpc_security_group_ids" {
type = "list"
}
variable "instance_type" {
type = "map"
default = {}
}
variable "default_db_subnet_group_subnet_ids" {
type = "map"
default = {}
}