Getting started with the Terraform for managing a base free-tier AWS resources.
This is a Terraform project for managing AWS resources.
It can build the next infrastructure:
- VPC
- Public Subnet in the
VPC
- IGW to enable access to or from the Internet for
VPC
- Route Table to associate
IGW
,VPC
andSubnet
- EC2 Instance in the public
Subnet
with the HTTP(s) & SSH access
- Install software
- MACOS
brew install terraform awscli yq
- Create AWS account
- If the file
~/.aws/credentials
doesn't exist, create it and add you Terraform profile to the file. For example:
[terraform]
aws_access_key_id = Your access key
aws_secret_access_key = Your secret access key
- Check AWS account
aws sts get-caller-identity
- Create S3 bucket to store Terraform state
aws s3api create-bucket --bucket world-terraform --region us-east-1
-
Create config file
config.tf
that will contain information how to store state in a given bucket. See example. -
Create SSH key pair to connect to EC2 instance:
cd ./src/free-tier/provision/access
# it creates "free-tier-ec2-key" private key and "free-tier-ec2-key.pub" public key
ssh-keygen -f free-tier-ec2-key
cd ./src/free-tier
terraform init -backend-config="./backend/config.tf"
cd ./src/free-tier
terraform plan
cd ./src/free-tier
terraform apply
ip=$(aws ec2 describe-instances |
yq 'select(.Reservations[].Instances[].State.Code == 16) | .Reservations[].Instances[].NetworkInterfaces[].PrivateIpAddresses[].Association.PublicIp')
echo $ip
ssh-add src/free-tier/provision/access/free-tier-ec2-key
- Edit /etc/hosts add "aws" host name
sudo bash -c "echo $ip aws >> /etc/hosts"
ssh-keygen -R aws
ssh-keyscan -H aws >> ~/.ssh/known_hosts
ssh-keygen -R $ip
ssh-keyscan -H $ip >> ~/.ssh/known_hosts
ssh ec2-user@$ip "sudo amazon-linux-extras install epel -y"
- FIXME
ssh ec2-user@$ip "sudo yum update && sudo yum install -y openvpn"
sudo yum update && sudo yum upgrade && sudo yum install -y telnet
ssh ec2-user@$ip "sudo yum update && sudo yum upgrade && sudo yum install -y telnet openvpn"
ssh ec2-user@$ip "sudo yum update && sudo yum install -y docker python3-pip htop && sudo usermod -a -G docker ec2-user && sudo pip3 install docker-compose"
ssh ec2-user@$ip "sudo systemctl enable docker.service && sudo systemctl start docker.service && systemctl status docker.service"
- Edit src/docker/env-duckdns.sh
SUBDOMAINS=your-subdomain
DUCKDNS_TOKEN=your-token
TOKEN=$DUCKDNS_TOKEN
- Edit src/docker/docker-compose.yaml, set email and Duckdns subdomain FIXME
- Edit src/docker/conf/users.txt FIXME
ssh ec2-user@$ip "mkdir -p docker/conf"
#scp src/docker/docker-compose.yaml src/docker/env-duckdns.sh ec2-user@$ip:./docker/
scp src/docker/conf/dynamic_conf.yml ec2-user@$ip:./docker/conf/dynamic_conf.yml
scp src/docker/conf/users.txt ec2-user@$ip:./docker/conf/users.txt
ssh ec2-user@$ip "cd docker && docker-compose up -d"
-
./src/docker/env-duckdns.sh
TZ=America/Sao_Paulo
SUBDOMAINS=sub-domain-1,sub-domain-2,sub-domain-3,sub-domain-4,sub-domain-5
DUCKDNS_TOKEN=your-token
TOKEN=your-token
- Duckdns logs
ssh ec2-user@$ip "cd docker && docker-compose logs duckdns"
- Traefik logs
ssh ec2-user@$ip "cd docker && docker-compose logs traefik"
aws rds describe-db-instances | yq
cd ./src/free-tier
terraform destroy