wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-06-07 15:43:54 +02:00
Code Issues Projects Releases Wiki Activity

proper cloudformation template (#815)

Browse source
This commit is contained in:
Jack Ivanov 2018-03-03 00:13:49 +03:00 committed by Dan Guido
parent 02427910de
commit 7e07c35474
2 changed files with 24 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
roles/cloud-ec2/templates/stack.yml.j2 → roles/cloud-ec2/files/stack.yml
View file

@ -1,13 +1,19 @@
--- ---
AWSTemplateFormatVersion: '2010-09-09' AWSTemplateFormatVersion: '2010-09-09'
Description: 'Algo VPN stack' Description: 'Algo VPN stack'
Parameters:
InstanceTypeParameter:
Type: String
Default: t2.micro
PublicSSHKeyParameter:
Type: String
ImageIdParameter:
Type: String
Resources: Resources:
VPC: VPC:
Type: AWS::EC2::VPC Type: AWS::EC2::VPC
Properties: Properties:
CidrBlock: {{ ec2_vpc_nets.cidr_block }} CidrBlock: 172.16.0.0/16
EnableDnsSupport: true EnableDnsSupport: true
EnableDnsHostnames: true EnableDnsHostnames: true
InstanceTenancy: default InstanceTenancy: default
@ -35,7 +41,7 @@ Resources:
Subnet: Subnet:
Type: AWS::EC2::Subnet Type: AWS::EC2::Subnet
Properties: Properties:
CidrBlock: {{ ec2_vpc_nets.subnet_cidr }} CidrBlock: 172.16.254.0/23
MapPublicIpOnLaunch: false MapPublicIpOnLaunch: false
Tags: Tags:
- Key: Environment - Key: Environment
@ -148,16 +154,19 @@ Resources:
homeDir: "/home/ubuntu/" homeDir: "/home/ubuntu/"
files: files:
/home/ubuntu/.ssh/authorized_keys: /home/ubuntu/.ssh/authorized_keys:
content: {{ lookup('file', SSH_keys.public) }} content:
Ref: PublicSSHKeyParameter
mode: "000644" mode: "000644"
owner: "ubuntu" owner: "ubuntu"
group: "ubuntu" group: "ubuntu"
Properties: Properties:
InstanceType: {{ cloud_providers.ec2.size }} InstanceType:
Ref: InstanceTypeParameter
InstanceInitiatedShutdownBehavior: terminate InstanceInitiatedShutdownBehavior: terminate
SecurityGroupIds: SecurityGroupIds:
- Ref: InstanceSecurityGroup - Ref: InstanceSecurityGroup
ImageId: {{ ami_image }} ImageId:
Ref: ImageIdParameter
SubnetId: !Ref Subnet SubnetId: !Ref Subnet
Ipv6AddressCount: 1 Ipv6AddressCount: 1
UserData: UserData:
@ -176,8 +185,8 @@ Resources:
apt-get update apt-get update
apt-get -y install python-setuptools apt-get -y install python-setuptools
easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz
cfn-init -v --stack {{ stack_name }} --resource EC2Instance --region {{ region }} cfn-init -v --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region}
cfn-signal -e $? --stack {{ stack_name }} --resource EC2Instance --region {{ region }} cfn-signal -e $? --stack ${AWS::StackName} --resource EC2Instance --region ${AWS::Region}
Tags: Tags:
- Key: Name - Key: Name
Value: Algo Value: Algo

12
roles/cloud-ec2/tasks/cloudformation.yml
View file

@ -1,10 +1,4 @@
--- ---
- name: Make a cloudformation template
template:
src: stack.yml.j2
dest: "configs/{{ aws_server_name }}.yml"
- name: Deploy the template - name: Deploy the template
cloudformation: cloudformation:
aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'), true)}}" aws_access_key: "{{ aws_access_key | default(lookup('env','AWS_ACCESS_KEY_ID'), true)}}"
@ -12,7 +6,11 @@
stack_name: "{{ stack_name }}" stack_name: "{{ stack_name }}"
state: "present" state: "present"
region: "{{ region }}" region: "{{ region }}"
template: "configs/{{ aws_server_name }}.yml" template: roles/cloud-ec2/files/stack.yml
template_parameters:
InstanceTypeParameter: "{{ cloud_providers.ec2.size }}"
PublicSSHKeyParameter: "{{ lookup('file', SSH_keys.public) }}"
ImageIdParameter: "{{ ami_image }}"
tags: tags:
Environment: Algo Environment: Algo
register: stack register: stack