diff --git a/README.md b/README.md index fe5fe56..dde551a 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,23 @@ # wimermedia-infrastructure This deploys my wordpress/mysql site to digital ocean with terraform and ansible. + +## Requirements +1. python +2. pip +3. DIGITALOCEAN_KEY environment variable +4. CLOUDFLARE_KEY environment variable + +## Usage +Deployment script (is idempotent): +```shell +bash deploy.sh +``` + +Destroy script: +```shell +bash destroy.sh +``` + +## How's it work? +1. Deploys infrastructure and updates A record in cloudflare with Terraform. +2. Configures infrastructure with pipenv and ansible. Ansible uses a dynamic inventory file that reads Terraform state and separates host groups based on tags in digital ocean. \ No newline at end of file diff --git a/ansible/Pipfile b/ansible/Pipfile new file mode 100644 index 0000000..f1799b9 --- /dev/null +++ b/ansible/Pipfile @@ -0,0 +1,14 @@ +[[source]] + +url = "https://pypi.python.org/simple" +verify_ssl = true +name = "pypi" + + +[dev-packages] + + + +[packages] + +ansible = "==2.4.0.0" \ No newline at end of file diff --git a/ansible/Pipfile.lock b/ansible/Pipfile.lock new file mode 100644 index 0000000..04902c0 --- /dev/null +++ b/ansible/Pipfile.lock @@ -0,0 +1,251 @@ +{ + "_meta": { + "hash": { + "sha256": "5e3ab379ececd07b53a4358359347ad15d8b52a1450667be72eb7c2a01c01487" + }, + "pipfile-spec": 6, + "requires": {}, + "sources": [ + { + "name": "pypi", + "url": "https://pypi.python.org/simple", + "verify_ssl": true + } + ] + }, + "default": { + "ansible": { + "hashes": [ + "sha256:1a276fee7f72d4e6601a7994879e8467edb763dacc3e215258cfe71350b77c76" + ], + "index": "pypi", + "version": "==2.4.0.0" + }, + "asn1crypto": { + "hashes": [ + "sha256:2f1adbb7546ed199e3c90ef23ec95c5cf3585bac7d11fb7eb562a3fe89c64e87", + "sha256:9d5c20441baf0cb60a4ac34cc447c6c189024b6b4c6cd7877034f4965c464e49" + ], + "version": "==0.24.0" + }, + "bcrypt": { + "hashes": [ + "sha256:01477981abf74e306e8ee31629a940a5e9138de000c6b0898f7f850461c4a0a5", + "sha256:054d6e0acaea429e6da3613fcd12d05ee29a531794d96f6ab959f29a39f33391", + "sha256:0872eeecdf9a429c1420158500eedb323a132bc5bf3339475151c52414729e70", + "sha256:09a3b8c258b815eadb611bad04ca15ec77d86aa9ce56070e1af0d5932f17642a", + "sha256:0f317e4ffbdd15c3c0f8ab5fbd86aa9aabc7bea18b5cc5951b456fe39e9f738c", + "sha256:2788c32673a2ad0062bea850ab73cffc0dba874db10d7a3682b6f2f280553f20", + "sha256:321d4d48be25b8d77594d8324c0585c80ae91ac214f62db9098734e5e7fb280f", + "sha256:346d6f84ff0b493dbc90c6b77136df83e81f903f0b95525ee80e5e6d5e4eef84", + "sha256:34dd60b90b0f6de94a89e71fcd19913a30e83091c8468d0923a93a0cccbfbbff", + "sha256:3b4c23300c4eded8895442c003ae9b14328ae69309ac5867e7530de8bdd7875d", + "sha256:43d1960e7db14042319c46925892d5fa99b08ff21d57482e6f5328a1aca03588", + "sha256:49e96267cd9be55a349fd74f9852eb9ae2c427cd7f6455d0f1765d7332292832", + "sha256:63e06ffdaf4054a89757a3a1ab07f1b922daf911743114a54f7c561b9e1baa58", + "sha256:67ed1a374c9155ec0840214ce804616de49c3df9c5bc66740687c1c9b1cd9e8d", + "sha256:6b662a5669186439f4f583636c8d6ea77cf92f7cfe6aae8d22edf16c36840574", + "sha256:6efd9ca20aefbaf2e7e6817a2c6ed4a50ff6900fafdea1bcb1d0e9471743b144", + "sha256:8569844a5d8e1fdde4d7712a05ab2e6061343ac34af6e7e3d7935b2bd1907bfd", + "sha256:8629ea6a8a59f865add1d6a87464c3c676e60101b8d16ef404d0a031424a8491", + "sha256:988cac675e25133d01a78f2286189c1f01974470817a33eaf4cfee573cfb72a5", + "sha256:9a6fedda73aba1568962f7543a1f586051c54febbc74e87769bad6a4b8587c39", + "sha256:9eced8962ce3b7124fe20fd358cf8c7470706437fa064b9874f849ad4c5866fc", + "sha256:a005ed6163490988711ff732386b08effcbf8df62ae93dd1e5bda0714fad8afb", + "sha256:ae35dbcb6b011af6c840893b32399252d81ff57d52c13e12422e16b5fea1d0fb", + "sha256:b1e8491c6740f21b37cca77bc64677696a3fb9f32360794d57fa8477b7329eda", + "sha256:c906bdb482162e9ef48eea9f8c0d967acceb5c84f2d25574c7d2a58d04861df1", + "sha256:cb18ffdc861dbb244f14be32c47ab69604d0aca415bee53485fcea4f8e93d5ef", + "sha256:cc2f24dc1c6c88c56248e93f28d439ee4018338567b0bbb490ea26a381a29b1e", + "sha256:d860c7fff18d49e20339fc6dffc2d485635e36d4b2cccf58f45db815b64100b4", + "sha256:d86da365dda59010ba0d1ac45aa78390f56bf7f992e65f70b3b081d5e5257b09", + "sha256:e22f0997622e1ceec834fd25947dc2ee2962c2133ea693d61805bc867abaf7ea", + "sha256:f2fe545d27a619a552396533cddf70d83cecd880a611cdfdbb87ca6aec52f66b", + "sha256:f425e925485b3be48051f913dbe17e08e8c48588fdf44a26b8b14067041c0da6", + "sha256:f7fd3ed3745fe6e81e28dc3b3d76cce31525a91f32a387e1febd6b982caf8cdb", + "sha256:f9210820ee4818d84658ed7df16a7f30c9fba7d8b139959950acef91745cc0f7" + ], + "version": "==3.1.4" + }, + "cffi": { + "hashes": [ + "sha256:151b7eefd035c56b2b2e1eb9963c90c6302dc15fbd8c1c0a83a163ff2c7d7743", + "sha256:1553d1e99f035ace1c0544050622b7bc963374a00c467edafac50ad7bd276aef", + "sha256:1b0493c091a1898f1136e3f4f991a784437fac3673780ff9de3bcf46c80b6b50", + "sha256:2ba8a45822b7aee805ab49abfe7eec16b90587f7f26df20c71dd89e45a97076f", + "sha256:3bb6bd7266598f318063e584378b8e27c67de998a43362e8fce664c54ee52d30", + "sha256:3c85641778460581c42924384f5e68076d724ceac0f267d66c757f7535069c93", + "sha256:3eb6434197633b7748cea30bf0ba9f66727cdce45117a712b29a443943733257", + "sha256:495c5c2d43bf6cebe0178eb3e88f9c4aa48d8934aa6e3cddb865c058da76756b", + "sha256:4c91af6e967c2015729d3e69c2e51d92f9898c330d6a851bf8f121236f3defd3", + "sha256:57b2533356cb2d8fac1555815929f7f5f14d68ac77b085d2326b571310f34f6e", + "sha256:770f3782b31f50b68627e22f91cb182c48c47c02eb405fd689472aa7b7aa16dc", + "sha256:79f9b6f7c46ae1f8ded75f68cf8ad50e5729ed4d590c74840471fc2823457d04", + "sha256:7a33145e04d44ce95bcd71e522b478d282ad0eafaf34fe1ec5bbd73e662f22b6", + "sha256:857959354ae3a6fa3da6651b966d13b0a8bed6bbc87a0de7b38a549db1d2a359", + "sha256:87f37fe5130574ff76c17cab61e7d2538a16f843bb7bca8ebbc4b12de3078596", + "sha256:95d5251e4b5ca00061f9d9f3d6fe537247e145a8524ae9fd30a2f8fbce993b5b", + "sha256:9d1d3e63a4afdc29bd76ce6aa9d58c771cd1599fbba8cf5057e7860b203710dd", + "sha256:a36c5c154f9d42ec176e6e620cb0dd275744aa1d804786a71ac37dc3661a5e95", + "sha256:a6a5cb8809091ec9ac03edde9304b3ad82ad4466333432b16d78ef40e0cce0d5", + "sha256:ae5e35a2c189d397b91034642cb0eab0e346f776ec2eb44a49a459e6615d6e2e", + "sha256:b0f7d4a3df8f06cf49f9f121bead236e328074de6449866515cea4907bbc63d6", + "sha256:b75110fb114fa366b29a027d0c9be3709579602ae111ff61674d28c93606acca", + "sha256:ba5e697569f84b13640c9e193170e89c13c6244c24400fc57e88724ef610cd31", + "sha256:be2a9b390f77fd7676d80bc3cdc4f8edb940d8c198ed2d8c0be1319018c778e1", + "sha256:ca1bd81f40adc59011f58159e4aa6445fc585a32bb8ac9badf7a2c1aa23822f2", + "sha256:d5d8555d9bfc3f02385c1c37e9f998e2011f0db4f90e250e5bc0c0a85a813085", + "sha256:e55e22ac0a30023426564b1059b035973ec82186ddddbac867078435801c7801", + "sha256:e90f17980e6ab0f3c2f3730e56d1fe9bcba1891eeea58966e89d352492cc74f4", + "sha256:ecbb7b01409e9b782df5ded849c178a0aa7c906cf8c5a67368047daab282b184", + "sha256:ed01918d545a38998bfa5902c7c00e0fee90e957ce036a4000a88e3fe2264917", + "sha256:edabd457cd23a02965166026fd9bfd196f4324fe6032e866d0f3bd0301cd486f", + "sha256:fdf1c1dc5bafc32bc5d08b054f94d659422b05aba244d6be4ddc1c72d9aa70fb" + ], + "markers": "platform_python_implementation != 'PyPy'", + "version": "==1.11.5" + }, + "cryptography": { + "hashes": [ + "sha256:3f3b65d5a16e6b52fba63dc860b62ca9832f51f1a2ae5083c78b6840275f12dd", + "sha256:5251e7de0de66810833606439ca65c9b9e45da62196b0c88bfadf27740aac09f", + "sha256:551a3abfe0c8c6833df4192a63371aa2ff43afd8f570ed345d31f251d78e7e04", + "sha256:5cb990056b7cadcca26813311187ad751ea644712022a3976443691168781b6f", + "sha256:60bda7f12ecb828358be53095fc9c6edda7de8f1ef571f96c00b2363643fa3cd", + "sha256:64b5c67acc9a7c83fbb4b69166f3105a0ab722d27934fac2cb26456718eec2ba", + "sha256:6fef51ec447fe9f8351894024e94736862900d3a9aa2961528e602eb65c92bdb", + "sha256:77d0ad229d47a6e0272d00f6bf8ac06ce14715a9fd02c9a97f5a2869aab3ccb2", + "sha256:808fe471b1a6b777f026f7dc7bd9a4959da4bfab64972f2bbe91e22527c1c037", + "sha256:9b62fb4d18529c84b961efd9187fecbb48e89aa1a0f9f4161c61b7fc42a101bd", + "sha256:9e5bed45ec6b4f828866ac6a6bedf08388ffcfa68abe9e94b34bb40977aba531", + "sha256:9fc295bf69130a342e7a19a39d7bbeb15c0bcaabc7382ec33ef3b2b7d18d2f63", + "sha256:abd070b5849ed64e6d349199bef955ee0ad99aefbad792f0c587f8effa681a5e", + "sha256:ba6a774749b6e510cffc2fb98535f717e0e5fd91c7c99a61d223293df79ab351", + "sha256:c332118647f084c983c6a3e1dba0f3bcb051f69d12baccac68db8d62d177eb8a", + "sha256:d6f46e862ee36df81e6342c2177ba84e70f722d9dc9c6c394f9f1f434c4a5563", + "sha256:db6013746f73bf8edd9c3d1d3f94db635b9422f503db3fc5ef105233d4c011ab", + "sha256:f57008eaff597c69cf692c3518f6d4800f0309253bb138b526a37fe9ef0c7471", + "sha256:f6c821ac253c19f2ad4c8691633ae1d1a17f120d5b01ea1d256d7b602bc59887" + ], + "version": "==2.2.2" + }, + "enum34": { + "hashes": [ + "sha256:2d81cbbe0e73112bdfe6ef8576f2238f2ba27dd0d55752a776c41d38b7da2850", + "sha256:644837f692e5f550741432dd3f223bbb9852018674981b1664e5dc339387588a", + "sha256:6bd0f6ad48ec2aa117d3d141940d484deccda84d4fcd884f5c3d93c23ecd8c79", + "sha256:8ad8c4783bf61ded74527bffb48ed9b54166685e4230386a9ed9b1279e2df5b1" + ], + "markers": "python_version < '3'", + "version": "==1.1.6" + }, + "idna": { + "hashes": [ + "sha256:156a6814fb5ac1fc6850fb002e0852d56c0c8d2531923a51032d1b70760e186e", + "sha256:684a38a6f903c1d71d6d5fac066b58d7768af4de2b832e426ec79c30daa94a16" + ], + "version": "==2.7" + }, + "ipaddress": { + "hashes": [ + "sha256:64b28eec5e78e7510698f6d4da08800a5c575caa4a286c93d651c5d3ff7b6794", + "sha256:b146c751ea45cad6188dd6cf2d9b757f6f4f8d6ffb96a023e6f2e26eea02a72c" + ], + "markers": "python_version < '3'", + "version": "==1.0.22" + }, + "jinja2": { + "hashes": [ + "sha256:74c935a1b8bb9a3947c50a54766a969d4846290e1e788ea44c1392163723c3bd", + "sha256:f84be1bb0040caca4cea721fcbbbbd61f9be9464ca236387158b0feea01914a4" + ], + "version": "==2.10" + }, + "markupsafe": { + "hashes": [ + "sha256:a6be69091dac236ea9c6bc7d012beab42010fa914c459791d627dad4910eb665" + ], + "version": "==1.0" + }, + "paramiko": { + "hashes": [ + "sha256:24fb31c947de85fbdeca09e222d41206781581fb0bdf118d2ef18f6e414cd388", + "sha256:33e36775a6c71790ba7692a73f948b329cf9295a72b0102144b031114bd2a4f3" + ], + "version": "==2.4.1" + }, + "pyasn1": { + "hashes": [ + "sha256:a66dcda18dbf6e4663bde70eb30af3fc4fe1acb2d14c4867a861681887a5f9a2", + "sha256:fb81622d8f3509f0026b0683fe90fea27be7284d3826a5f2edf97f69151ab0fc" + ], + "version": "==0.4.3" + }, + "pycparser": { + "hashes": [ + "sha256:99a8ca03e29851d96616ad0404b4aad7d9ee16f25c9f9708a11faf2810f7b226" + ], + "version": "==2.18" + }, + "pynacl": { + "hashes": [ + "sha256:04e30e5bdeeb2d5b34107f28cd2f5bbfdc6c616f3be88fc6f53582ff1669eeca", + "sha256:0bfa0d94d2be6874e40f896e0a67e290749151e7de767c5aefbad1121cad7512", + "sha256:11aa4e141b2456ce5cecc19c130e970793fa3a2c2e6fbb8ad65b28f35aa9e6b6", + "sha256:13bdc1fe084ff9ac7653ae5a924cae03bf4bb07c6667c9eb5b6eb3c570220776", + "sha256:14339dc233e7a9dda80a3800e64e7ff89d0878ba23360eea24f1af1b13772cac", + "sha256:1d33e775fab3f383167afb20b9927aaf4961b953d76eeb271a5703a6d756b65b", + "sha256:2a42b2399d0428619e58dac7734838102d35f6dcdee149e0088823629bf99fbb", + "sha256:2dce05ac8b3c37b9e2f65eab56c544885607394753e9613fd159d5e2045c2d98", + "sha256:63cfccdc6217edcaa48369191ae4dca0c390af3c74f23c619e954973035948cd", + "sha256:6453b0dae593163ffc6db6f9c9c1597d35c650598e2c39c0590d1757207a1ac2", + "sha256:73a5a96fb5fbf2215beee2353a128d382dbca83f5341f0d3c750877a236569ef", + "sha256:8abb4ef79161a5f58848b30ab6fb98d8c466da21fdd65558ce1d7afc02c70b5f", + "sha256:8ac1167195b32a8755de06efd5b2d2fe76fc864517dab66aaf65662cc59e1988", + "sha256:8f505f42f659012794414fa57c498404e64db78f1d98dfd40e318c569f3c783b", + "sha256:9c8a06556918ee8e3ab48c65574f318f5a0a4d31437fc135da7ee9d4f9080415", + "sha256:a1e25fc5650cf64f01c9e435033e53a4aca9de30eb9929d099f3bb078e18f8f2", + "sha256:be71cd5fce04061e1f3d39597f93619c80cdd3558a6c9ba99a546f144a8d8101", + "sha256:c5b1a7a680218dee9da0f1b5e24072c46b3c275d35712bc1d505b85bb03441c0", + "sha256:cb785db1a9468841a1265c9215c60fe5d7af2fb1b209e3316a152704607fc582", + "sha256:cf6877124ae6a0698404e169b3ba534542cfbc43f939d46b927d956daf0a373a", + "sha256:d0eb5b2795b7ee2cbcfcadacbe95a13afbda048a262bd369da9904fecb568975", + "sha256:d3a934e2b9f20abac009d5b6951067cfb5486889cb913192b4d8288b216842f1", + "sha256:d795f506bcc9463efb5ebb0f65ed77921dcc9e0a50499dedd89f208445de9ecb", + "sha256:d8aaf7e5d6b0e0ef7d6dbf7abeb75085713d0100b4eb1a4e4e857de76d77ac45", + "sha256:de2aaca8386cf4d70f1796352f2346f48ddb0bed61dc43a3ce773ba12e064031", + "sha256:e0d38fa0a75f65f556fb912f2c6790d1fa29b7dd27a1d9cc5591b281321eaaa9", + "sha256:eb2acabbd487a46b38540a819ef67e477a674481f84a82a7ba2234b9ba46f752", + "sha256:eeee629828d0eb4f6d98ac41e9a3a6461d114d1d0aa111a8931c049359298da0", + "sha256:f5836463a3c0cca300295b229b6c7003c415a9d11f8f9288ddbd728e2746524c", + "sha256:f5ce9e26d25eb0b2d96f3ef0ad70e1d3ae89b5d60255c462252a3e456a48c053", + "sha256:fabf73d5d0286f9e078774f3435601d2735c94ce9e514ac4fb945701edead7e4" + ], + "version": "==1.2.1" + }, + "pyyaml": { + "hashes": [ + "sha256:3d7da3009c0f3e783b2c873687652d83b1bbfd5c88e9813fb7e5b03c0dd3108b", + "sha256:3ef3092145e9b70e3ddd2c7ad59bdd0252a94dfe3949721633e41344de00a6bf", + "sha256:40c71b8e076d0550b2e6380bada1f1cd1017b882f7e16f09a65be98e017f211a", + "sha256:558dd60b890ba8fd982e05941927a3911dc409a63dcb8b634feaa0cda69330d3", + "sha256:a7c28b45d9f99102fa092bb213aa12e0aaf9a6a1f5e395d36166639c1f96c3a1", + "sha256:aa7dd4a6a427aed7df6fb7f08a580d68d9b118d90310374716ae90b710280af1", + "sha256:bc558586e6045763782014934bfaf39d48b8ae85a2713117d16c39864085c613", + "sha256:d46d7982b62e0729ad0175a9bc7e10a566fc07b224d2c79fafb5e032727eaa04", + "sha256:d5eef459e30b09f5a098b9cea68bebfeb268697f78d647bd255a085371ac7f3f", + "sha256:e01d3203230e1786cd91ccfdc8f8454c8069c91bee3962ad93b87a4b2860f537", + "sha256:e170a9e6fcfd19021dd29845af83bb79236068bf5fd4df3327c1be18182b2531" + ], + "version": "==3.13" + }, + "six": { + "hashes": [ + "sha256:70e8a77beed4562e7f14fe23a786b54f6296e34344c23bc42f07b15018ff98e9", + "sha256:832dc0e10feb1aa2c68dcc57dbb658f1c7e65b9b61af69048abc87a2db00a0eb" + ], + "version": "==1.11.0" + } + }, + "develop": {} +} diff --git a/ansible/ansible-deploy.sh b/ansible/ansible-deploy.sh new file mode 100644 index 0000000..7ef8cff --- /dev/null +++ b/ansible/ansible-deploy.sh @@ -0,0 +1,2 @@ +#!/bin/bash +ANSIBLE_HOST_KEY_CHECKING=False TF_STATE=../terraform/terraform.tfstate ansible-playbook --inventory-file=terraform-inventory --private-key ~/.ssh/id_home playbooks/site.yml \ No newline at end of file diff --git a/ansible/group_vars/all b/ansible/group_vars/all new file mode 100644 index 0000000..3918375 --- /dev/null +++ b/ansible/group_vars/all @@ -0,0 +1,5 @@ +--- +# Variables listed here are applicable to all host groups + +docker_compose_version_to_install: 1.18.0 +docker_ce_version_to_install: 17.09.1~ce-0~ubuntu diff --git a/ansible/playbooks/site.yml b/ansible/playbooks/site.yml new file mode 100644 index 0000000..ba0f991 --- /dev/null +++ b/ansible/playbooks/site.yml @@ -0,0 +1,32 @@ +--- +- name: All hosts ansible dependencies + hosts: all + user: root + gather_facts: false + serial: 100% + vars: + ansible_ssh_common_args: '-o StrictHostKeyChecking=no' + tasks: + # - name: Wait for connection + # wait_for_connection: + # delay: 60 + # timeout: 180 + - include_tasks: ../tasks/ansible-dependencies.yml + +- name: Sql host setup + hosts: sql + user: root + gather_facts: true + serial: 100% + vars: + ansible_ssh_common_args: '-o StrictHostKeyChecking=no' + +- name: Web host setup + hosts: web + user: root + gather_facts: true + serial: 100% + vars: + ansible_ssh_common_args: '-o StrictHostKeyChecking=no' + tasks: + - include_tasks: ../tasks/ubuntu-common.yml diff --git a/ansible/tasks/ansible-dependencies.yml b/ansible/tasks/ansible-dependencies.yml new file mode 100644 index 0000000..ceaffcb --- /dev/null +++ b/ansible/tasks/ansible-dependencies.yml @@ -0,0 +1,11 @@ +--- +- name: Install package dependencies + raw: apt-get update -qq && apt-get install -y python-dev python-simplejson python-urllib3 python-openssl python-pyasn1 python-pip ca-certificates + +- name: Install pip dependencies + raw: pip install ndg-httpsclient + ignore_errors: true + +- name: Install pip dependencies again because it fails sometimes + raw: pip install ndg-httpsclient + ignore_errors: true \ No newline at end of file diff --git a/ansible/tasks/ubuntu-common.yml b/ansible/tasks/ubuntu-common.yml new file mode 100644 index 0000000..6acc272 --- /dev/null +++ b/ansible/tasks/ubuntu-common.yml @@ -0,0 +1,49 @@ +--- +- name: Add docker key + apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + +- name: Add docker repo + apt_repository: + repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable + state: present + +- name: Update apt + apt: update_cache=yes + +- name: Install standard programs + apt: name={{ item }} state=present force=yes + with_items: + - htop + - curl + - openssh-server + - git + - rsync + - zip + - unzip + - fail2ban + - ntp + - mysql-client + - wget + - nfs-common + - docker-ce={{docker_ce_version_to_install}} + - sshpass + - ack-grep + - dnsutils + - nmon + - build-essential + - tmux + +- name: Docker compose version + get_url: + url: "https://github.com/docker/compose/releases/download/{{docker_compose_version_to_install}}/docker-compose-{{ ansible_system }}-{{ ansible_userspace_architecture }}" + dest: /usr/local/bin/docker-compose + validate_certs: false + mode: 755 + group: docker + +- name: Set timezone to NewYork + timezone: + name: America/New_York + ignore_errors: true \ No newline at end of file diff --git a/ansible/terraform-inventory b/ansible/terraform-inventory new file mode 100644 index 0000000..f75cc6e Binary files /dev/null and b/ansible/terraform-inventory differ diff --git a/deploy.sh b/deploy.sh new file mode 100644 index 0000000..9c1a33d --- /dev/null +++ b/deploy.sh @@ -0,0 +1,12 @@ +#!/bin/bash +#curl -o wimermedia.com.zip http://jenkins.wimer.home/job/webback/lastSuccessfulBuild/artifact/gcp-backup.zip + +cd terraform +./terraform init +./terraform plan -var "digitalocean_key=${DIGITALOCEAN_KEY}" -var "cloudflare_key=${CLOUDFLARE_KEY}" +./terraform apply -var "digitalocean_key=${DIGITALOCEAN_KEY}" -var "cloudflare_key=${CLOUDFLARE_KEY}" -auto-approve -refresh=true + +sleep 60s +cd ../ansible +pipenv install +pipenv run bash ansible-deploy.sh \ No newline at end of file diff --git a/destroy.sh b/destroy.sh new file mode 100644 index 0000000..a9f3acc --- /dev/null +++ b/destroy.sh @@ -0,0 +1,4 @@ +#!/bin/bash + +cd terraform +./terraform destroy -var "digitalocean_key=${DIGITALOCEAN_KEY}" -var "cloudflare_key=${CLOUDFLARE_KEY}" -force \ No newline at end of file diff --git a/install-terraform.sh b/install-terraform.sh new file mode 100644 index 0000000..8ed21fe --- /dev/null +++ b/install-terraform.sh @@ -0,0 +1,6 @@ +curl -o terraform.zip https://releases.hashicorp.com/terraform/0.11.7/terraform_0.11.7_linux_amd64.zip +unzip terraform.zip +rm terraform.zip + +#https://github.com/adammck/terraform-inventory/releases +#curl -o terraform-inventory.zip https://github.com/adammck/terraform-inventory/releases/download/v0.7-pre/terraform-inventory_v0.7-pre_linux_amd64.zip \ No newline at end of file diff --git a/terraform/.terraform/plugins/linux_amd64/lock.json b/terraform/.terraform/plugins/linux_amd64/lock.json new file mode 100644 index 0000000..72cfe63 --- /dev/null +++ b/terraform/.terraform/plugins/linux_amd64/lock.json @@ -0,0 +1,4 @@ +{ + "cloudflare": "4f6ed9f84cc8f74e6315e6f271d803d41f10fda43a92ea33416231710153576e", + "digitalocean": "ad8f159851bbdf8d2756d834742f11aa63da964024b7dae448f0c73128c17403" +} \ No newline at end of file diff --git a/terraform/.terraform/plugins/linux_amd64/terraform-provider-cloudflare_v1.0.0_x4 b/terraform/.terraform/plugins/linux_amd64/terraform-provider-cloudflare_v1.0.0_x4 new file mode 100644 index 0000000..d74c64b Binary files /dev/null and b/terraform/.terraform/plugins/linux_amd64/terraform-provider-cloudflare_v1.0.0_x4 differ diff --git a/terraform/.terraform/plugins/linux_amd64/terraform-provider-digitalocean_v0.1.3_x4 b/terraform/.terraform/plugins/linux_amd64/terraform-provider-digitalocean_v0.1.3_x4 new file mode 100644 index 0000000..48b55f3 Binary files /dev/null and b/terraform/.terraform/plugins/linux_amd64/terraform-provider-digitalocean_v0.1.3_x4 differ diff --git a/terraform/cloudflare.tf b/terraform/cloudflare.tf new file mode 100644 index 0000000..e59098c --- /dev/null +++ b/terraform/cloudflare.tf @@ -0,0 +1,16 @@ +variable "cloudflare_key" {} + +# Configure the Cloudflare provider +provider "cloudflare" { + email = "jacob.wimer@gmail.com" + token = "${var.cloudflare_key}" +} + +# Create a record +resource "cloudflare_record" "wimermedia-record" { + domain = "wimermedia.com" + name = "terraform" +# value = "${digitalocean_floating_ip.web.ip_address}" + value = "${digitalocean_droplet.web.ipv4_address}" + type = "A" +} \ No newline at end of file diff --git a/terraform/digital-ocean.tf b/terraform/digital-ocean.tf new file mode 100644 index 0000000..690e5d0 --- /dev/null +++ b/terraform/digital-ocean.tf @@ -0,0 +1,62 @@ +variable "digitalocean_key" {} + +variable "region" { + default = "nyc1" +} +variable "image" { + default = "ubuntu-16-04-x64" +} +variable "sql-size" { + default = "2gb" +} +variable "web-size" { + default = "2gb" +} +variable "home-ssh-key" { + default = "14:17:41:55:1e:be:39:31:3d:f7:99:75:36:fd:23:21" +} + +# Configure the DigitalOcean Provider +provider "digitalocean" { + token = "${var.digitalocean_key}" +} + +# Server tags +resource "digitalocean_tag" "web" { + name = "web" +} +resource "digitalocean_tag" "prod" { + name = "prod" +} +resource "digitalocean_tag" "sql" { + name = "sql" +} + +# Create a web server +resource "digitalocean_droplet" "web" { + name = "wimermedia-web" + size = "${var.web-size}" + image = "${var.image}" + region = "${var.region}" + ipv6 = true + private_networking = true + ssh_keys = ["${var.home-ssh-key}"] + tags = ["${digitalocean_tag.web.id}","${digitalocean_tag.prod.id}"] +} + +#resource "digitalocean_floating_ip" "web" { +# droplet_id = "${digitalocean_droplet.web.id}" +# region = "${digitalocean_droplet.web.region}" +#} + +# Create a sql server +resource "digitalocean_droplet" "sql" { + name = "wimermedia-sql" + size = "${var.sql-size}" + image = "${var.image}" + region = "${var.region}" + ipv6 = true + private_networking = true + ssh_keys = ["${var.home-ssh-key}"] + tags = ["${digitalocean_tag.sql.id}","${digitalocean_tag.prod.id}"] +} \ No newline at end of file diff --git a/terraform/terraform b/terraform/terraform new file mode 100644 index 0000000..5044f2d Binary files /dev/null and b/terraform/terraform differ diff --git a/terraform/terraform.tfstate b/terraform/terraform.tfstate new file mode 100644 index 0000000..d277291 --- /dev/null +++ b/terraform/terraform.tfstate @@ -0,0 +1,16 @@ +{ + "version": 3, + "terraform_version": "0.11.7", + "serial": 42, + "lineage": "d59e7e92-bf26-2f82-51c5-3c96521dfe21", + "modules": [ + { + "path": [ + "root" + ], + "outputs": {}, + "resources": {}, + "depends_on": [] + } + ] +}