From 1d7850f6bf3f1a629a41a95680326ec5c6772055 Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Sat, 22 Jan 2022 21:55:36 +0000 Subject: [PATCH 01/12] add aws cloud9 terraform configuration --- .gitignore | 4 + .gitpod.Dockerfile | 2 + .vscode/settings.json | 3 +- libs/aws-cloud9-terraform/.babelrc | 3 + libs/aws-cloud9-terraform/.eslintrc.json | 18 + libs/aws-cloud9-terraform/README.md | 3 + .../cloud9-ec2-instance.tf | 28 + libs/aws-cloud9-terraform/main.tf | 71 ++ libs/aws-cloud9-terraform/src/index.ts | 1 + .../src/lib/aws-cloud9-terraform.ts | 3 + libs/aws-cloud9-terraform/terraform.tfstate | 968 ++++++++++++++++++ libs/aws-cloud9-terraform/tsconfig.json | 16 + libs/aws-cloud9-terraform/tsconfig.lib.json | 10 + tsconfig.base.json | 3 + workspace.json | 15 + 15 files changed, 1147 insertions(+), 1 deletion(-) create mode 100644 libs/aws-cloud9-terraform/.babelrc create mode 100644 libs/aws-cloud9-terraform/.eslintrc.json create mode 100644 libs/aws-cloud9-terraform/README.md create mode 100644 libs/aws-cloud9-terraform/cloud9-ec2-instance.tf create mode 100644 libs/aws-cloud9-terraform/main.tf create mode 100644 libs/aws-cloud9-terraform/src/index.ts create mode 100644 libs/aws-cloud9-terraform/src/lib/aws-cloud9-terraform.ts create mode 100644 libs/aws-cloud9-terraform/terraform.tfstate create mode 100644 libs/aws-cloud9-terraform/tsconfig.json create mode 100644 libs/aws-cloud9-terraform/tsconfig.lib.json diff --git a/.gitignore b/.gitignore index 0845852..ae9354a 100644 --- a/.gitignore +++ b/.gitignore @@ -40,3 +40,7 @@ testem.log Thumbs.db **/.env + +**/.terraform +**/*.lock.hcl +**/*.tfstate.* diff --git a/.gitpod.Dockerfile b/.gitpod.Dockerfile index 2fbb812..78adc91 100644 --- a/.gitpod.Dockerfile +++ b/.gitpod.Dockerfile @@ -20,3 +20,5 @@ RUN wget https://github.com/gruntwork-io/cloud-nuke/releases/download/${CLOUD_NU ### https://github.com/jckuester/awsls#installation RUN brew install jckuester/tap/awsls +### Install terraform cli 1.1.3 as of 01/18/2022 +RUN brew tap hashicorp/tap && brew install hashicorp/tap/terraform diff --git a/.vscode/settings.json b/.vscode/settings.json index 43fb340..39c5c40 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -8,6 +8,7 @@ "users", "nx", "devx", - "spotify-passport-auth-express" + "spotify-passport-auth-express", + "serverless-framework-nestjs-sample" ] } diff --git a/libs/aws-cloud9-terraform/.babelrc b/libs/aws-cloud9-terraform/.babelrc new file mode 100644 index 0000000..cf7ddd9 --- /dev/null +++ b/libs/aws-cloud9-terraform/.babelrc @@ -0,0 +1,3 @@ +{ + "presets": [["@nrwl/web/babel", { "useBuiltIns": "usage" }]] +} diff --git a/libs/aws-cloud9-terraform/.eslintrc.json b/libs/aws-cloud9-terraform/.eslintrc.json new file mode 100644 index 0000000..9d9c0db --- /dev/null +++ b/libs/aws-cloud9-terraform/.eslintrc.json @@ -0,0 +1,18 @@ +{ + "extends": ["../../.eslintrc.json"], + "ignorePatterns": ["!**/*"], + "overrides": [ + { + "files": ["*.ts", "*.tsx", "*.js", "*.jsx"], + "rules": {} + }, + { + "files": ["*.ts", "*.tsx"], + "rules": {} + }, + { + "files": ["*.js", "*.jsx"], + "rules": {} + } + ] +} diff --git a/libs/aws-cloud9-terraform/README.md b/libs/aws-cloud9-terraform/README.md new file mode 100644 index 0000000..7dbff34 --- /dev/null +++ b/libs/aws-cloud9-terraform/README.md @@ -0,0 +1,3 @@ +# aws-cloud9-terraform + +This library was generated with [Nx](https://nx.dev). diff --git a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf new file mode 100644 index 0000000..85d549b --- /dev/null +++ b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf @@ -0,0 +1,28 @@ +data "aws_iam_instance_profile" "this" { + name = "foobar" +} + +module "cloud9_workstation" { + source = "cloudposse/ec2-instance/aws" + version = "0.40.0" + + assign_eip_address = true + associate_public_ip_address = true + + ssh_key_pair = "development" + instance_type = "t2.micro" + vpc_id = "vpc-aa7a84c0" + subnet = "subnet-fd6b7780" + # security_groups = var.security_groups + instance_profile = data.aws_iam_instance_profile.this.name + + name = "vymarkov" + namespace = "eg" + stage = "dev" + + # https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent-status-and-restart.html + user_data = < Date: Mon, 24 Jan 2022 10:49:01 +0000 Subject: [PATCH 02/12] save work [skip ci] --- .gitignore | 1 + .../cloud9-ec2-instance.tf | 104 +- libs/aws-cloud9-terraform/main.tf | 95 +- libs/aws-cloud9-terraform/terraform.tfstate | 968 ------------------ 4 files changed, 137 insertions(+), 1031 deletions(-) delete mode 100644 libs/aws-cloud9-terraform/terraform.tfstate diff --git a/.gitignore b/.gitignore index ae9354a..37c6c38 100644 --- a/.gitignore +++ b/.gitignore @@ -43,4 +43,5 @@ Thumbs.db **/.terraform **/*.lock.hcl +**/*.tfstate **/*.tfstate.* diff --git a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf index 85d549b..8b58ec6 100644 --- a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf +++ b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf @@ -1,28 +1,98 @@ -data "aws_iam_instance_profile" "this" { - name = "foobar" +module "labels" { + source = "cloudposse/label/null" + # Cloud Posse recommends pinning every module to a specific version + version = "0.25.0" + + namespace = "lazyorange" + environment = "development" + name = "vscode-remote-workstation" + delimiter = "-" + attributes = [] + + tags = { + Terraform = true + } } -module "cloud9_workstation" { - source = "cloudposse/ec2-instance/aws" - version = "0.40.0" +// https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-assumable-role +// https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/examples/iam-assumable-role +module "iam_assumable_role_workstation" { + source = "terraform-aws-modules/iam/aws//modules/iam-assumable-role" + version = "~> 4" - assign_eip_address = true - associate_public_ip_address = true + trusted_role_services = [ + "ec2.amazonaws.com" + ] + + # trusted_role_arns = [ + # "arn:aws:iam::912888207281:user/gitpod" + # ] + + # arn:aws:iam::912888207281:user/gitpod + + create_role = true + create_instance_profile = true + + role_name = "custom" + role_requires_mfa = false + + custom_role_policy_arns = [ + "arn:aws:iam::aws:policy/AmazonSSMFullAccess", + "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess" + ] + number_of_custom_role_policy_arns = 2 +} + +// https://github.com/terraform-aws-modules/terraform-aws-ec2-instance +module "workstation-2" { + source = "terraform-aws-modules/ec2-instance/aws" + version = "~> 3.0" - ssh_key_pair = "development" - instance_type = "t2.micro" - vpc_id = "vpc-aa7a84c0" - subnet = "subnet-fd6b7780" - # security_groups = var.security_groups - instance_profile = data.aws_iam_instance_profile.this.name + name = module.labels.id + cpu_credits = "unlimited" - name = "vymarkov" - namespace = "eg" - stage = "dev" + ami = "ami-0994cdfed5f3888d6" + instance_type = "t2.micro" + key_name = "development" + monitoring = true + vpc_security_group_ids = ["sg-2faab34d"] + subnet_id = "subnet-fd6b7780" + + associate_public_ip_address = true + iam_instance_profile = module.iam_assumable_role_workstation.iam_instance_profile_name # https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent-status-and-restart.html user_data = < Date: Mon, 24 Jan 2022 11:25:19 +0000 Subject: [PATCH 03/12] save work --- libs/aws-cloud9-terraform/backend.tf | 13 +++++++++++++ libs/aws-cloud9-terraform/main.tf | 21 ++++++++++++++++++--- 2 files changed, 31 insertions(+), 3 deletions(-) create mode 100644 libs/aws-cloud9-terraform/backend.tf diff --git a/libs/aws-cloud9-terraform/backend.tf b/libs/aws-cloud9-terraform/backend.tf new file mode 100644 index 0000000..28a241a --- /dev/null +++ b/libs/aws-cloud9-terraform/backend.tf @@ -0,0 +1,13 @@ +terraform { + required_version = ">= 0.12.2" + + backend "s3" { + region = "eu-central-1" + bucket = "lo-development-terraform-state" + key = "terraform.tfstate" + dynamodb_table = "lo-development-terraform-state-lock" + profile = "" + role_arn = "" + encrypt = "true" + } +} diff --git a/libs/aws-cloud9-terraform/main.tf b/libs/aws-cloud9-terraform/main.tf index 3fa3621..e12cb58 100644 --- a/libs/aws-cloud9-terraform/main.tf +++ b/libs/aws-cloud9-terraform/main.tf @@ -5,9 +5,6 @@ terraform { version = "~> 3.0" } } - - backend "http" { - } } # Configure the AWS Provider @@ -15,6 +12,24 @@ provider "aws" { region = "eu-central-1" } +# You cannot create a new backend by simply defining this and then +# immediately proceeding to "terraform apply". The S3 backend must +# be bootstrapped according to the simple yet essential procedure in +# https://github.com/cloudposse/terraform-aws-tfstate-backend#usage +module "terraform_state_backend" { + source = "cloudposse/tfstate-backend/aws" + # Cloud Posse recommends pinning every module to a specific version + version = "0.38.1" + namespace = "lo" + stage = "development" + name = "terraform" + attributes = ["state"] + + terraform_backend_config_file_path = "." + terraform_backend_config_file_name = "backend.tf" + force_destroy = false +} + # data "aws_iam_user" "gitpod_user" { # user_name = "cloud9-user" # } From ad55d77904980678a886568bd13f350f8ff2a9f1 Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Mon, 24 Jan 2022 13:28:25 +0000 Subject: [PATCH 04/12] add packer config --- .gitpod.Dockerfile | 1 + .../cloud9-ec2-instance.tf | 55 +++++----------- .../packer/aws-workstation-ubuntu.pkr.hcl | 63 +++++++++++++++++++ 3 files changed, 80 insertions(+), 39 deletions(-) create mode 100644 libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl diff --git a/.gitpod.Dockerfile b/.gitpod.Dockerfile index 78adc91..8fb8425 100644 --- a/.gitpod.Dockerfile +++ b/.gitpod.Dockerfile @@ -22,3 +22,4 @@ RUN brew install jckuester/tap/awsls ### Install terraform cli 1.1.3 as of 01/18/2022 RUN brew tap hashicorp/tap && brew install hashicorp/tap/terraform +RUN brew install hashicorp/tap/packer diff --git a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf index 8b58ec6..8acb03f 100644 --- a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf +++ b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf @@ -48,51 +48,28 @@ module "workstation-2" { source = "terraform-aws-modules/ec2-instance/aws" version = "~> 3.0" - name = module.labels.id - cpu_credits = "unlimited" + name = module.labels.id + tags = module.labels.tags + + + ami = "ami-03aaf730676832ac6" + instance_type = "t3.large" + cpu_credits = "unlimited" + key_name = "development" + monitoring = true - ami = "ami-0994cdfed5f3888d6" - instance_type = "t2.micro" - key_name = "development" - monitoring = true vpc_security_group_ids = ["sg-2faab34d"] subnet_id = "subnet-fd6b7780" associate_public_ip_address = true iam_instance_profile = module.iam_assumable_role_workstation.iam_instance_profile_name - # https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-agent-status-and-restart.html - user_data = < Date: Sat, 29 Jan 2022 12:07:25 +0000 Subject: [PATCH 05/12] save work --- .../packer/aws-workstation-ubuntu.pkr.hcl | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl index aef5bb5..456b5a1 100644 --- a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl +++ b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl @@ -16,7 +16,7 @@ variable skaffold_version { } source "amazon-ebs" "ubuntu" { - ami_name = "aws-vscode-workstation-linux-aws" + ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.2" instance_type = "t2.micro" region = "eu-central-1" @@ -56,7 +56,9 @@ build { "curl -Lo skaffold https://storage.googleapis.com/skaffold/releases/v{var.skaffold_version}/skaffold-linux-amd64 && chmod +x skaffold && sudo mv skaffold /usr/local/bin", - "sudo snap install docker" + "sudo snap install docker", + "sleep 30", + "sudo chmod 666 /var/run/docker.sock" ] } From 52f097ff70ca27314bd8070e393fe3d1eb7944c6 Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Sun, 30 Jan 2022 17:01:38 +0000 Subject: [PATCH 06/12] save work [skip ci] --- .tool-versions | 9 +++ .../cloud9-ec2-instance.tf | 35 ++++++++---- .../packer/aws-workstation-ubuntu.pkr.hcl | 56 +++++++++++++------ .../packer/install_asdf_plugins.sh | 30 ++++++++++ .../packer/variables.pkr.hcl | 12 ++++ libs/aws-cloud9-terraform/variables.tf | 25 +++++++++ 6 files changed, 137 insertions(+), 30 deletions(-) create mode 100644 .tool-versions create mode 100755 libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh create mode 100644 libs/aws-cloud9-terraform/packer/variables.pkr.hcl create mode 100644 libs/aws-cloud9-terraform/variables.tf diff --git a/.tool-versions b/.tool-versions new file mode 100644 index 0000000..c430056 --- /dev/null +++ b/.tool-versions @@ -0,0 +1,9 @@ +terraform 1.1.4 +vault 1.9.3 + +kubectl 1.23.3 +skaffold 1.35.2 + +awscli 2.4.15 +aws-vault 6.4.0 +redis-cli 6.2.6 diff --git a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf index 8acb03f..6c5a1e1 100644 --- a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf +++ b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf @@ -14,6 +14,23 @@ module "labels" { } } +module "vscode_workstation_sg" { + source = "terraform-aws-modules/security-group/aws" + version = "4.8.0" + + name = "${module.labels.id}-sg" + tags = module.labels.tags + + description = "Security group for user-service with custom ports open within VPC" + vpc_id = var.vpc_id + + # ingress_cidr_blocks = [""] + egress_rules = ["all-all"] + + ingress_cidr_blocks = ["${var.workstation_ip}/32"] + ingress_rules = ["ssh-tcp"] +} + // https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-assumable-role // https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/examples/iam-assumable-role module "iam_assumable_role_workstation" { @@ -24,12 +41,6 @@ module "iam_assumable_role_workstation" { "ec2.amazonaws.com" ] - # trusted_role_arns = [ - # "arn:aws:iam::912888207281:user/gitpod" - # ] - - # arn:aws:iam::912888207281:user/gitpod - create_role = true create_instance_profile = true @@ -51,15 +62,15 @@ module "workstation-2" { name = module.labels.id tags = module.labels.tags - - ami = "ami-03aaf730676832ac6" - instance_type = "t3.large" + ami = var.ami + instance_type = var.ec2_instance_type # "t3.large" cpu_credits = "unlimited" - key_name = "development" monitoring = true - vpc_security_group_ids = ["sg-2faab34d"] - subnet_id = "subnet-fd6b7780" + key_name = var.ssh_key_name + + vpc_security_group_ids = [module.vscode_workstation_sg.security_group_id] + subnet_id = var.subnet_id associate_public_ip_address = true iam_instance_profile = module.iam_assumable_role_workstation.iam_instance_profile_name diff --git a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl index 456b5a1..bbc38b8 100644 --- a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl +++ b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl @@ -7,18 +7,10 @@ packer { } } -variable terraform_version { - default = "1.1.4" -} - -variable skaffold_version { - default = "1.35.2" -} - source "amazon-ebs" "ubuntu" { - ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.2" + ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.5" instance_type = "t2.micro" - region = "eu-central-1" + region = var.region source_ami_filter { filters = { @@ -35,10 +27,30 @@ source "amazon-ebs" "ubuntu" { build { name = "aws-vscode-workstation" + sources = [ "source.amazon-ebs.ubuntu" ] + provisioner "file" { + content = <> ~/.zshrc", + + "sudo apt-get install postgresql-client -yq", + + "zsh ./install_asdf_plugins.sh" ] } diff --git a/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh b/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh new file mode 100755 index 0000000..34a823e --- /dev/null +++ b/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +# install adsf version manager +git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.9.0 + +echo -e '\n. $HOME/.asdf/asdf.sh' >> ~/.zshrc +echo -e '\n. $HOME/.asdf/completions/asdf.bash' >> ~/.zshrc + +source $HOME/.asdf/asdf.sh + +asdf plugin-add boundary https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add consul https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add nomad https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add packer https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add sentinel https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add serf https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add terraform https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add vault https://github.com/asdf-community/asdf-hashicorp.git +asdf plugin-add waypoint https://github.com/asdf-community/asdf-hashicorp.git + +# +asdf plugin-add kubectl https://github.com/asdf-community/asdf-kubectl.git +asdf plugin-add skaffold https://github.com/virtualstaticvoid/asdf-skaffold.git + +# +asdf plugin add awscli +asdf plugin-add aws-vault https://github.com/virtualstaticvoid/asdf-aws-vault.git +# +asdf plugin add redis-cli https://github.com/NeoHsu/asdf-redis-cli.git + diff --git a/libs/aws-cloud9-terraform/packer/variables.pkr.hcl b/libs/aws-cloud9-terraform/packer/variables.pkr.hcl new file mode 100644 index 0000000..1a2f980 --- /dev/null +++ b/libs/aws-cloud9-terraform/packer/variables.pkr.hcl @@ -0,0 +1,12 @@ + +variable terraform_version { + default = "1.1.4" +} + +variable skaffold_version { + default = "1.35.2" +} + +variable "region" { + default = "eu-central-1" +} diff --git a/libs/aws-cloud9-terraform/variables.tf b/libs/aws-cloud9-terraform/variables.tf new file mode 100644 index 0000000..a395a3a --- /dev/null +++ b/libs/aws-cloud9-terraform/variables.tf @@ -0,0 +1,25 @@ +variable ami { + type = string + default = "ami-049164e77a2c5b5f9" +} + +variable ec2_instance_type { + type = string + default = "t2.micro" +} + +variable subnet_id { + default = "subnet-fd6b7780" +} + +variable vpc_id { + type = string +} + +variable workstation_ip { + type = string +} + +variable ssh_key_name { + type = string +} From 5ed9f503158bb528bf788cfb70dcf1787cc29438 Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Mon, 31 Jan 2022 10:06:09 +0000 Subject: [PATCH 07/12] format code --- .../cloud9-ec2-instance.tf | 8 +++---- libs/aws-cloud9-terraform/main.tf | 2 +- libs/aws-cloud9-terraform/variables.tf | 22 ++++++++++++------- 3 files changed, 19 insertions(+), 13 deletions(-) diff --git a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf index 6c5a1e1..34dda99 100644 --- a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf +++ b/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf @@ -15,10 +15,10 @@ module "labels" { } module "vscode_workstation_sg" { - source = "terraform-aws-modules/security-group/aws" + source = "terraform-aws-modules/security-group/aws" version = "4.8.0" - name = "${module.labels.id}-sg" + name = "${module.labels.id}-sg" tags = module.labels.tags description = "Security group for user-service with custom ports open within VPC" @@ -28,7 +28,7 @@ module "vscode_workstation_sg" { egress_rules = ["all-all"] ingress_cidr_blocks = ["${var.workstation_ip}/32"] - ingress_rules = ["ssh-tcp"] + ingress_rules = ["ssh-tcp"] } // https://github.com/terraform-aws-modules/terraform-aws-iam/tree/master/modules/iam-assumable-role @@ -67,7 +67,7 @@ module "workstation-2" { cpu_credits = "unlimited" monitoring = true - key_name = var.ssh_key_name + key_name = var.ssh_key_name vpc_security_group_ids = [module.vscode_workstation_sg.security_group_id] subnet_id = var.subnet_id diff --git a/libs/aws-cloud9-terraform/main.tf b/libs/aws-cloud9-terraform/main.tf index e12cb58..f8c4bce 100644 --- a/libs/aws-cloud9-terraform/main.tf +++ b/libs/aws-cloud9-terraform/main.tf @@ -9,7 +9,7 @@ terraform { # Configure the AWS Provider provider "aws" { - region = "eu-central-1" + region = var.region } # You cannot create a new backend by simply defining this and then diff --git a/libs/aws-cloud9-terraform/variables.tf b/libs/aws-cloud9-terraform/variables.tf index a395a3a..1aeabb3 100644 --- a/libs/aws-cloud9-terraform/variables.tf +++ b/libs/aws-cloud9-terraform/variables.tf @@ -1,25 +1,31 @@ -variable ami { - type = string +variable "ami" { + type = string default = "ami-049164e77a2c5b5f9" } -variable ec2_instance_type { - type = string +variable "ec2_instance_type" { + type = string default = "t2.micro" } -variable subnet_id { +variable "subnet_id" { + type = string default = "subnet-fd6b7780" } -variable vpc_id { +variable "vpc_id" { type = string } -variable workstation_ip { +variable "workstation_ip" { type = string } -variable ssh_key_name { +variable "ssh_key_name" { type = string } + +variable "region" { + type = string + default = "eu-central-1" +} \ No newline at end of file From bf8495e88504d4f5378c113007d3a2e5868e81ae Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Mon, 31 Jan 2022 10:33:12 +0000 Subject: [PATCH 08/12] refactore terraform structure [skip ci] --- .gitignore | 1 - libs/aws-cloud9-terraform/.terraform.lock.hcl | 59 ++++++++++++ libs/aws-cloud9-terraform/backend.tf | 13 --- .../examples/minimal/.terraform.lock.hcl | 59 ++++++++++++ .../examples/minimal/fixtures.auto.tfvars | 6 ++ .../examples/minimal/main.tf | 29 ++++++ .../examples/minimal/providers.tf | 14 +++ .../examples/minimal/variables.tf | 31 +++++++ libs/aws-cloud9-terraform/main.tf | 89 ------------------- .../ec2-instance.tf} | 2 +- libs/aws-cloud9-terraform/terraform/main.tf | 14 +++ .../{ => terraform}/variables.tf | 0 12 files changed, 213 insertions(+), 104 deletions(-) create mode 100644 libs/aws-cloud9-terraform/.terraform.lock.hcl delete mode 100644 libs/aws-cloud9-terraform/backend.tf create mode 100644 libs/aws-cloud9-terraform/examples/minimal/.terraform.lock.hcl create mode 100644 libs/aws-cloud9-terraform/examples/minimal/fixtures.auto.tfvars create mode 100644 libs/aws-cloud9-terraform/examples/minimal/main.tf create mode 100644 libs/aws-cloud9-terraform/examples/minimal/providers.tf create mode 100644 libs/aws-cloud9-terraform/examples/minimal/variables.tf delete mode 100644 libs/aws-cloud9-terraform/main.tf rename libs/aws-cloud9-terraform/{cloud9-ec2-instance.tf => terraform/ec2-instance.tf} (98%) create mode 100644 libs/aws-cloud9-terraform/terraform/main.tf rename libs/aws-cloud9-terraform/{ => terraform}/variables.tf (100%) diff --git a/.gitignore b/.gitignore index 37c6c38..3e79af1 100644 --- a/.gitignore +++ b/.gitignore @@ -42,6 +42,5 @@ Thumbs.db **/.env **/.terraform -**/*.lock.hcl **/*.tfstate **/*.tfstate.* diff --git a/libs/aws-cloud9-terraform/.terraform.lock.hcl b/libs/aws-cloud9-terraform/.terraform.lock.hcl new file mode 100644 index 0000000..08d02b1 --- /dev/null +++ b/libs/aws-cloud9-terraform/.terraform.lock.hcl @@ -0,0 +1,59 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "3.74.0" + constraints = ">= 2.0.0, >= 3.0.0, ~> 3.0, >= 3.34.0, >= 3.72.0" + hashes = [ + "h1:YNOblHBUf+XTjGTfIIsAMGp4weXB+tmQrMPCrpmM1/U=", + "zh:00767509c13c0d1c7ad6af702c6942e6572aa6d529b40a00baacc0e73faafea2", + "zh:03aafdc903ad49c2eda03889f927f44212674c50e475a9c6298850381319eec2", + "zh:2de8a6a97b180f909d652f215125aa4683e99db15fcf3b28d62e3d542f875ed6", + "zh:3ac29ebc3af99028f4230a79f56606a0c2954b68767bd749b921a76eb4f3bd30", + "zh:50add2e2d118a15a644360eabc5a34cec59f2560b491f8fabf9c52ab83ca7b09", + "zh:85dd8e81910ab79f841a4a595fdd8ac358fbfe460956144afb0be3d81f91fe10", + "zh:895de83d0f0941fde31bfc53fa6b1ea276901f006bec221bbdee4771a04f3693", + "zh:a15c9724aac52d1ba5001d2d83e42843099b52b1638ea29d84e20be0f45fa4f1", + "zh:c982a64463bd73e9bff2589de214b1de0a571438d9015001f9eae45cfc3a2559", + "zh:e9ef973c18078324e43213ea1252c12b9441e566bf054ddfdbff5dd62f3035d9", + "zh:f297e705b0f339c8baa27ae70db5df9aa6578adfe1ea3d2ba8edc186512464eb", + ] +} + +provider "registry.terraform.io/hashicorp/local" { + version = "2.1.0" + constraints = ">= 1.3.0" + hashes = [ + "h1:EYZdckuGU3n6APs97nS2LxZm3dDtGqyM4qaIvsmac8o=", + "zh:0f1ec65101fa35050978d483d6e8916664b7556800348456ff3d09454ac1eae2", + "zh:36e42ac19f5d68467aacf07e6adcf83c7486f2e5b5f4339e9671f68525fc87ab", + "zh:6db9db2a1819e77b1642ec3b5e95042b202aee8151a0256d289f2e141bf3ceb3", + "zh:719dfd97bb9ddce99f7d741260b8ece2682b363735c764cac83303f02386075a", + "zh:7598bb86e0378fd97eaa04638c1a4c75f960f62f69d3662e6d80ffa5a89847fe", + "zh:ad0a188b52517fec9eca393f1e2c9daea362b33ae2eb38a857b6b09949a727c1", + "zh:c46846c8df66a13fee6eff7dc5d528a7f868ae0dcf92d79deaac73cc297ed20c", + "zh:dc1a20a2eec12095d04bf6da5321f535351a594a636912361db20eb2a707ccc4", + "zh:e57ab4771a9d999401f6badd8b018558357d3cbdf3d33cc0c4f83e818ca8e94b", + "zh:ebdcde208072b4b0f8d305ebf2bfdc62c926e0717599dcf8ec2fd8c5845031c3", + "zh:ef34c52b68933bedd0868a13ccfd59ff1c820f299760b3c02e008dc95e2ece91", + ] +} + +provider "registry.terraform.io/hashicorp/time" { + version = "0.7.2" + constraints = ">= 0.7.0" + hashes = [ + "h1:YYLAfhMFP5nhV2iZPslqsLkZN+6sZo7gMJW7pLcLfM8=", + "zh:0bbe0158c2a9e3f5be911b7e94477586110c51746bb13d102054f22754565bda", + "zh:3250af7fd49b8aaf2ccc895588af05197d886e38b727e3ba33bcbb8cc96ad34d", + "zh:35e4de0437f4fa9c1ad69aaf8136413be2369ea607d78e04bb68dc66a6a520b8", + "zh:369756417a6272e79cad31eb2c82c202f6a4b6e4204a893f656644ba9e149fa2", + "zh:390370f1179d89b33c3a0731691e772d5450a7d59fc66671ec625e201db74aa2", + "zh:3d12ac905259d225c685bc42e5507ed0fbdaa5a09c30dce7c1932d908df857f7", + "zh:75f63e5e1c68e6c5bccba4568c3564e2774eb3a7a19189eb8e2b6e0d58c8f8cc", + "zh:7c22a2078a608e3e0278c4cbc9c483909062ebd1843bddaf8f176346c6d378b1", + "zh:7cfb3c02f78f0060d59c757c4726ab45a962ce4a9cf4833beca704a1020785bd", + "zh:a0325917f47c28a2ed088dedcea0d9520d91b264e63cc667fe4336ac993c0c11", + "zh:c181551d4c0a40b52e236f1755cc340aeca0fb5dcfd08b3b1c393a7667d2f327", + ] +} diff --git a/libs/aws-cloud9-terraform/backend.tf b/libs/aws-cloud9-terraform/backend.tf deleted file mode 100644 index 28a241a..0000000 --- a/libs/aws-cloud9-terraform/backend.tf +++ /dev/null @@ -1,13 +0,0 @@ -terraform { - required_version = ">= 0.12.2" - - backend "s3" { - region = "eu-central-1" - bucket = "lo-development-terraform-state" - key = "terraform.tfstate" - dynamodb_table = "lo-development-terraform-state-lock" - profile = "" - role_arn = "" - encrypt = "true" - } -} diff --git a/libs/aws-cloud9-terraform/examples/minimal/.terraform.lock.hcl b/libs/aws-cloud9-terraform/examples/minimal/.terraform.lock.hcl new file mode 100644 index 0000000..08d02b1 --- /dev/null +++ b/libs/aws-cloud9-terraform/examples/minimal/.terraform.lock.hcl @@ -0,0 +1,59 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "3.74.0" + constraints = ">= 2.0.0, >= 3.0.0, ~> 3.0, >= 3.34.0, >= 3.72.0" + hashes = [ + "h1:YNOblHBUf+XTjGTfIIsAMGp4weXB+tmQrMPCrpmM1/U=", + "zh:00767509c13c0d1c7ad6af702c6942e6572aa6d529b40a00baacc0e73faafea2", + "zh:03aafdc903ad49c2eda03889f927f44212674c50e475a9c6298850381319eec2", + "zh:2de8a6a97b180f909d652f215125aa4683e99db15fcf3b28d62e3d542f875ed6", + "zh:3ac29ebc3af99028f4230a79f56606a0c2954b68767bd749b921a76eb4f3bd30", + "zh:50add2e2d118a15a644360eabc5a34cec59f2560b491f8fabf9c52ab83ca7b09", + "zh:85dd8e81910ab79f841a4a595fdd8ac358fbfe460956144afb0be3d81f91fe10", + "zh:895de83d0f0941fde31bfc53fa6b1ea276901f006bec221bbdee4771a04f3693", + "zh:a15c9724aac52d1ba5001d2d83e42843099b52b1638ea29d84e20be0f45fa4f1", + "zh:c982a64463bd73e9bff2589de214b1de0a571438d9015001f9eae45cfc3a2559", + "zh:e9ef973c18078324e43213ea1252c12b9441e566bf054ddfdbff5dd62f3035d9", + "zh:f297e705b0f339c8baa27ae70db5df9aa6578adfe1ea3d2ba8edc186512464eb", + ] +} + +provider "registry.terraform.io/hashicorp/local" { + version = "2.1.0" + constraints = ">= 1.3.0" + hashes = [ + "h1:EYZdckuGU3n6APs97nS2LxZm3dDtGqyM4qaIvsmac8o=", + "zh:0f1ec65101fa35050978d483d6e8916664b7556800348456ff3d09454ac1eae2", + "zh:36e42ac19f5d68467aacf07e6adcf83c7486f2e5b5f4339e9671f68525fc87ab", + "zh:6db9db2a1819e77b1642ec3b5e95042b202aee8151a0256d289f2e141bf3ceb3", + "zh:719dfd97bb9ddce99f7d741260b8ece2682b363735c764cac83303f02386075a", + "zh:7598bb86e0378fd97eaa04638c1a4c75f960f62f69d3662e6d80ffa5a89847fe", + "zh:ad0a188b52517fec9eca393f1e2c9daea362b33ae2eb38a857b6b09949a727c1", + "zh:c46846c8df66a13fee6eff7dc5d528a7f868ae0dcf92d79deaac73cc297ed20c", + "zh:dc1a20a2eec12095d04bf6da5321f535351a594a636912361db20eb2a707ccc4", + "zh:e57ab4771a9d999401f6badd8b018558357d3cbdf3d33cc0c4f83e818ca8e94b", + "zh:ebdcde208072b4b0f8d305ebf2bfdc62c926e0717599dcf8ec2fd8c5845031c3", + "zh:ef34c52b68933bedd0868a13ccfd59ff1c820f299760b3c02e008dc95e2ece91", + ] +} + +provider "registry.terraform.io/hashicorp/time" { + version = "0.7.2" + constraints = ">= 0.7.0" + hashes = [ + "h1:YYLAfhMFP5nhV2iZPslqsLkZN+6sZo7gMJW7pLcLfM8=", + "zh:0bbe0158c2a9e3f5be911b7e94477586110c51746bb13d102054f22754565bda", + "zh:3250af7fd49b8aaf2ccc895588af05197d886e38b727e3ba33bcbb8cc96ad34d", + "zh:35e4de0437f4fa9c1ad69aaf8136413be2369ea607d78e04bb68dc66a6a520b8", + "zh:369756417a6272e79cad31eb2c82c202f6a4b6e4204a893f656644ba9e149fa2", + "zh:390370f1179d89b33c3a0731691e772d5450a7d59fc66671ec625e201db74aa2", + "zh:3d12ac905259d225c685bc42e5507ed0fbdaa5a09c30dce7c1932d908df857f7", + "zh:75f63e5e1c68e6c5bccba4568c3564e2774eb3a7a19189eb8e2b6e0d58c8f8cc", + "zh:7c22a2078a608e3e0278c4cbc9c483909062ebd1843bddaf8f176346c6d378b1", + "zh:7cfb3c02f78f0060d59c757c4726ab45a962ce4a9cf4833beca704a1020785bd", + "zh:a0325917f47c28a2ed088dedcea0d9520d91b264e63cc667fe4336ac993c0c11", + "zh:c181551d4c0a40b52e236f1755cc340aeca0fb5dcfd08b3b1c393a7667d2f327", + ] +} diff --git a/libs/aws-cloud9-terraform/examples/minimal/fixtures.auto.tfvars b/libs/aws-cloud9-terraform/examples/minimal/fixtures.auto.tfvars new file mode 100644 index 0000000..16aeffa --- /dev/null +++ b/libs/aws-cloud9-terraform/examples/minimal/fixtures.auto.tfvars @@ -0,0 +1,6 @@ +ami = "ami-049164e77a2c5b5f9" +vpc_id = "vpc-2a1b2541" +subnet_id = "subnet-d99aba94" +workstation_ip = "62.216.35.230" +ssh_key_name = "development" +region = "eu-central-1" diff --git a/libs/aws-cloud9-terraform/examples/minimal/main.tf b/libs/aws-cloud9-terraform/examples/minimal/main.tf new file mode 100644 index 0000000..022138b --- /dev/null +++ b/libs/aws-cloud9-terraform/examples/minimal/main.tf @@ -0,0 +1,29 @@ +# You cannot create a new backend by simply defining this and then +# immediately proceeding to "terraform apply". The S3 backend must +# be bootstrapped according to the simple yet essential procedure in +# https://github.com/cloudposse/terraform-aws-tfstate-backend#usage +module "terraform_state_backend" { + source = "cloudposse/tfstate-backend/aws" + # Cloud Posse recommends pinning every module to a specific version + version = "0.38.1" + namespace = "lo" + stage = "develop" + name = "terraform" + attributes = ["state"] + + terraform_backend_config_file_path = "." + terraform_backend_config_file_name = "backend.tf" + force_destroy = true +} + +module "vscode_workstation" { + source = "../../terraform" + + region = var.region + + ami = "ami-049164e77a2c5b5f9" + vpc_id = var.vpc_id + subnet_id = var.subnet_id + workstation_ip = var.workstation_ip + ssh_key_name = var.ssh_key_name +} diff --git a/libs/aws-cloud9-terraform/examples/minimal/providers.tf b/libs/aws-cloud9-terraform/examples/minimal/providers.tf new file mode 100644 index 0000000..5ca1ea5 --- /dev/null +++ b/libs/aws-cloud9-terraform/examples/minimal/providers.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 3.0" + } + } +} + +# Configure the AWS Provider +provider "aws" { + region = var.region +} + diff --git a/libs/aws-cloud9-terraform/examples/minimal/variables.tf b/libs/aws-cloud9-terraform/examples/minimal/variables.tf new file mode 100644 index 0000000..5aca1ca --- /dev/null +++ b/libs/aws-cloud9-terraform/examples/minimal/variables.tf @@ -0,0 +1,31 @@ +variable "ami" { + type = string + default = "ami-049164e77a2c5b5f9" +} + +variable "ec2_instance_type" { + type = string + default = "t2.micro" +} + +variable "subnet_id" { + type = string + default = "subnet-fd6b7780" +} + +variable "vpc_id" { + type = string +} + +variable "workstation_ip" { + type = string +} + +variable "ssh_key_name" { + type = string +} + +variable "region" { + type = string + default = "eu-central-1" +} diff --git a/libs/aws-cloud9-terraform/main.tf b/libs/aws-cloud9-terraform/main.tf deleted file mode 100644 index f8c4bce..0000000 --- a/libs/aws-cloud9-terraform/main.tf +++ /dev/null @@ -1,89 +0,0 @@ -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 3.0" - } - } -} - -# Configure the AWS Provider -provider "aws" { - region = var.region -} - -# You cannot create a new backend by simply defining this and then -# immediately proceeding to "terraform apply". The S3 backend must -# be bootstrapped according to the simple yet essential procedure in -# https://github.com/cloudposse/terraform-aws-tfstate-backend#usage -module "terraform_state_backend" { - source = "cloudposse/tfstate-backend/aws" - # Cloud Posse recommends pinning every module to a specific version - version = "0.38.1" - namespace = "lo" - stage = "development" - name = "terraform" - attributes = ["state"] - - terraform_backend_config_file_path = "." - terraform_backend_config_file_name = "backend.tf" - force_destroy = false -} - -# data "aws_iam_user" "gitpod_user" { -# user_name = "cloud9-user" -# } - -# // https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloud9_environment_ec2 -# resource "aws_cloud9_environment_ec2" "demo" { -# instance_type = "t2.micro" -# name = "demo" - -# automatic_stop_time_minutes = 30 - -# tags = { -# user_name = data.aws_iam_user.gitpod_user.user_name, -# owner_emails_address = "vymarkov@gmail.com" -# } -# } - -# resource "aws_cloud9_environment_membership" "demo" { -# environment_id = aws_cloud9_environment_ec2.demo.id -# permissions = "read-write" -# user_arn = data.aws_iam_user.gitpod_user.arn -# } - -# data "aws_instance" "cloud9-instance" { -# filter { -# name = "tag:aws:cloud9:environment" -# values = [aws_cloud9_environment_ec2.demo.id] -# } -# } - -# data "aws_security_group" "cloud9_default_sg" { -# name = element(data.aws_instance.cloud9-instance.security_groups[*], 0) -# } - -# resource "aws_security_group_rule" "allow_ssh_from_developer_workstation" { -# type = "ingress" -# from_port = 22 -# to_port = 22 -# protocol = "tcp" -# cidr_blocks = ["195.69.222.254/32"] -# security_group_id = data.aws_security_group.cloud9_default_sg.id -# } - -# output "owner_id" { -# value = data.aws_iam_user.gitpod_user.user_id -# } - -# output "ssh_command" { -# # value = "ssh ec2-user@${data.aws_instance["cloud9-instance"].public_ip}" -# value = "ssh ec2-user@${data.aws_instance.cloud9-instance.public_ip}" -# } - -# output "security_groups" { -# value = element(data.aws_instance.cloud9-instance.security_groups[*], 0) -# } - -# // security_groups diff --git a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf b/libs/aws-cloud9-terraform/terraform/ec2-instance.tf similarity index 98% rename from libs/aws-cloud9-terraform/cloud9-ec2-instance.tf rename to libs/aws-cloud9-terraform/terraform/ec2-instance.tf index 34dda99..b7e8dee 100644 --- a/libs/aws-cloud9-terraform/cloud9-ec2-instance.tf +++ b/libs/aws-cloud9-terraform/terraform/ec2-instance.tf @@ -55,7 +55,7 @@ module "iam_assumable_role_workstation" { } // https://github.com/terraform-aws-modules/terraform-aws-ec2-instance -module "workstation-2" { +module "vscode_workstation_ec2" { source = "terraform-aws-modules/ec2-instance/aws" version = "~> 3.0" diff --git a/libs/aws-cloud9-terraform/terraform/main.tf b/libs/aws-cloud9-terraform/terraform/main.tf new file mode 100644 index 0000000..5ca1ea5 --- /dev/null +++ b/libs/aws-cloud9-terraform/terraform/main.tf @@ -0,0 +1,14 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 3.0" + } + } +} + +# Configure the AWS Provider +provider "aws" { + region = var.region +} + diff --git a/libs/aws-cloud9-terraform/variables.tf b/libs/aws-cloud9-terraform/terraform/variables.tf similarity index 100% rename from libs/aws-cloud9-terraform/variables.tf rename to libs/aws-cloud9-terraform/terraform/variables.tf From c9c90118d23fdd79d90de1e9a08f0288532e0793 Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Mon, 31 Jan 2022 19:26:38 +0200 Subject: [PATCH 09/12] feat(): Update aws-workstation-ubuntu.pkr.hcl [skip ci] --- libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl | 2 ++ 1 file changed, 2 insertions(+) diff --git a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl index bbc38b8..d2b0c8b 100644 --- a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl +++ b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl @@ -75,6 +75,8 @@ EOF "git clone https://github.com/zsh-users/antigen.git ~/antigen", "echo \"source ~/antigen/antigen.zsh\" >> ~/.zshrc", + + "echo \"\nsource ~/.nvm/nvm.sh\n\" >> ~/.zshrc", "sudo apt-get install postgresql-client -yq", From a58bc04d16641278e4237de3d3e42a45ba266bfd Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Mon, 31 Jan 2022 19:37:04 +0200 Subject: [PATCH 10/12] feat(): Update aws-workstation-ubuntu.pkr.hcl [skip ci] --- .../aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl index d2b0c8b..a10f7aa 100644 --- a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl +++ b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl @@ -65,6 +65,7 @@ EOF "sudo snap install docker", "sleep 30", "sudo chmod 666 /var/run/docker.sock", + # install zsh "sudo apt-get install -yq zsh", @@ -77,8 +78,10 @@ EOF "echo \"source ~/antigen/antigen.zsh\" >> ~/.zshrc", "echo \"\nsource ~/.nvm/nvm.sh\n\" >> ~/.zshrc", + "echo \"export AWS_VAULT_BACKEND="file"\" >> ~/.zshrc", "sudo apt-get install postgresql-client -yq", + "zsh ./install_asdf_plugins.sh" ] From 276f0cbf31ca18c78012e69975307a3f344826dd Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Tue, 1 Feb 2022 11:29:31 +0000 Subject: [PATCH 11/12] feat: change size of root volume to 60 by default [skip ci] --- .../examples/minimal/variables.tf | 2 +- .../packer/aws-workstation-ubuntu.pkr.hcl | 47 +++++++------------ .../packer/install_asdf_plugins.sh | 6 +++ .../packer/install_tools.sh | 26 ++++++++++ .../terraform/ec2-instance.tf | 10 ++++ 5 files changed, 60 insertions(+), 31 deletions(-) create mode 100755 libs/aws-cloud9-terraform/packer/install_tools.sh diff --git a/libs/aws-cloud9-terraform/examples/minimal/variables.tf b/libs/aws-cloud9-terraform/examples/minimal/variables.tf index 5aca1ca..6ab3194 100644 --- a/libs/aws-cloud9-terraform/examples/minimal/variables.tf +++ b/libs/aws-cloud9-terraform/examples/minimal/variables.tf @@ -1,6 +1,6 @@ variable "ami" { type = string - default = "ami-049164e77a2c5b5f9" + default = "ami-0eaa6183e540e9b04" } variable "ec2_instance_type" { diff --git a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl index a10f7aa..4790a65 100644 --- a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl +++ b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl @@ -8,7 +8,7 @@ packer { } source "amazon-ebs" "ubuntu" { - ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.5" + ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.6" instance_type = "t2.micro" region = var.region @@ -33,7 +33,9 @@ build { ] provisioner "file" { - content = <> ~/.zshrc", - - "echo \"\nsource ~/.nvm/nvm.sh\n\" >> ~/.zshrc", - "echo \"export AWS_VAULT_BACKEND="file"\" >> ~/.zshrc", - - "sudo apt-get install postgresql-client -yq", - - - "zsh ./install_asdf_plugins.sh" + "./install_tools.sh", + "./install_asdf_plugins.sh" ] } diff --git a/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh b/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh index 34a823e..5c182e4 100755 --- a/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh +++ b/libs/aws-cloud9-terraform/packer/install_asdf_plugins.sh @@ -27,4 +27,10 @@ asdf plugin add awscli asdf plugin-add aws-vault https://github.com/virtualstaticvoid/asdf-aws-vault.git # asdf plugin add redis-cli https://github.com/NeoHsu/asdf-redis-cli.git +asdf plugin add sonarscanner https://github.com/virtualstaticvoid/asdf-sonarscanner.git +asdf plugin add jq +asdf plugin add ruby +asdf plugin add nodejs + +asdf install diff --git a/libs/aws-cloud9-terraform/packer/install_tools.sh b/libs/aws-cloud9-terraform/packer/install_tools.sh new file mode 100755 index 0000000..33df67a --- /dev/null +++ b/libs/aws-cloud9-terraform/packer/install_tools.sh @@ -0,0 +1,26 @@ +#!/bin/bash + +sudo apt-get update +sudo apt-get install -qy wget unzip curl git procps libssl-dev zlib1g-dev + +sudo apt-get install -qy linux-headers-$(uname -r) build-essential +sudo snap install amazon-ssm-agent --classic + + +sudo snap install docker +sleep 30 +sudo chmod 666 /var/run/docker.sock + +# install zsh +sudo apt-get install -yq zsh + +git clone https://github.com/ohmyzsh/ohmyzsh.git ~/.oh-my-zsh +cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc + # "sudo chsh -s $(which zsh)", + +curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash + +echo "\nsource ~/.nvm/nvm.sh\n" >> ~/.zshrc +echo "export AWS_VAULT_BACKEND=file" >> ~/.zshrc + +sudo apt-get install postgresql-client -yq diff --git a/libs/aws-cloud9-terraform/terraform/ec2-instance.tf b/libs/aws-cloud9-terraform/terraform/ec2-instance.tf index b7e8dee..6f25805 100644 --- a/libs/aws-cloud9-terraform/terraform/ec2-instance.tf +++ b/libs/aws-cloud9-terraform/terraform/ec2-instance.tf @@ -51,6 +51,7 @@ module "iam_assumable_role_workstation" { "arn:aws:iam::aws:policy/AmazonSSMFullAccess", "arn:aws:iam::aws:policy/AmazonS3ReadOnlyAccess" ] + number_of_custom_role_policy_arns = 2 } @@ -83,4 +84,13 @@ module "vscode_workstation_ec2" { # sudo snap install aws-cli --classic # EOF + root_block_device = [ + { + encrypted = false + volume_type = "gp3" + throughput = 200 + volume_size = 60 + }, + ] + } From 0f3ada20da3b90d4b70a29a2c454d800776a6132 Mon Sep 17 00:00:00 2001 From: Vitaly Markov Date: Tue, 1 Feb 2022 13:56:19 +0000 Subject: [PATCH 12/12] save work [skip ci] --- .../packer/aws-workstation-ubuntu.pkr.hcl | 4 +++- libs/aws-cloud9-terraform/packer/install_tools.sh | 4 ++-- libs/aws-cloud9-terraform/terraform/outputs.tf | 9 +++++++++ 3 files changed, 14 insertions(+), 3 deletions(-) create mode 100644 libs/aws-cloud9-terraform/terraform/outputs.tf diff --git a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl index 4790a65..81c4d09 100644 --- a/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl +++ b/libs/aws-cloud9-terraform/packer/aws-workstation-ubuntu.pkr.hcl @@ -8,7 +8,7 @@ packer { } source "amazon-ebs" "ubuntu" { - ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.6" + ami_name = "aws-vscode-workstation-linux-aws-0.0.1-rc.7" instance_type = "t2.micro" region = var.region @@ -69,6 +69,8 @@ EOF ] inline = [ + "echo 'Sleeping for 30 seconds to give Ubuntu enough time to initialize (otherwise, packages may fail to install).'", + "sleep 30", "./install_tools.sh", "./install_asdf_plugins.sh" ] diff --git a/libs/aws-cloud9-terraform/packer/install_tools.sh b/libs/aws-cloud9-terraform/packer/install_tools.sh index 33df67a..0aed88e 100755 --- a/libs/aws-cloud9-terraform/packer/install_tools.sh +++ b/libs/aws-cloud9-terraform/packer/install_tools.sh @@ -5,7 +5,7 @@ sudo apt-get install -qy wget unzip curl git procps libssl-dev zlib1g-dev sudo apt-get install -qy linux-headers-$(uname -r) build-essential sudo snap install amazon-ssm-agent --classic - +sudo apt-get install ec2-instance-connect -qy sudo snap install docker sleep 30 @@ -16,7 +16,7 @@ sudo apt-get install -yq zsh git clone https://github.com/ohmyzsh/ohmyzsh.git ~/.oh-my-zsh cp ~/.oh-my-zsh/templates/zshrc.zsh-template ~/.zshrc - # "sudo chsh -s $(which zsh)", +# "sudo chsh -s $(which zsh)", curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash diff --git a/libs/aws-cloud9-terraform/terraform/outputs.tf b/libs/aws-cloud9-terraform/terraform/outputs.tf new file mode 100644 index 0000000..c5fcadf --- /dev/null +++ b/libs/aws-cloud9-terraform/terraform/outputs.tf @@ -0,0 +1,9 @@ +output "ec2_instance_id" { + description = "The ID of the instance" + value = module.vscode_workstation_ec2.id +} + +output "public_ip" { + description = "The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws_eip with your instance, you should refer to the EIP's address directly and not use `public_ip` as this field will change after the EIP is attached" + value = module.vscode_workstation_ec2.public_ip +}