AWS related tweaks

10 files changed, 94 insertions, 25 deletions

diff --git a/.envrc b/.envrc
index 604f1d7..36b4396 100644
--- a/.envrc
+++ b/.envrc
@@ -11,3 +11,5 @@ export GUILE_LOAD_COMPILED_PATH="$GNU_GUIX_PATH"
 export GUIX_PACKAGE_PATH="$GUILE_LOAD_PATH"
 
 use guix --fallback -l guix.scm
+
+source .secrets.envrc
diff --git a/.gitignore b/.gitignore
index 4c26e9e..e8dc360 100644
--- a/.gitignore
+++ b/.gitignore
@@ -19,3 +19,5 @@
 .byebug_history
 
 .terraform
+
+.secrets.envrc
diff --git a/app/controllers/mini_environments_controller.rb b/app/controllers/mini_environments_controller.rb
index 7e5134a..c45ed4a 100644
--- a/app/controllers/mini_environments_controller.rb
+++ b/app/controllers/mini_environments_controller.rb
@@ -13,7 +13,7 @@ class MiniEnvironmentsController < ApplicationController
         params.require(:mini_environment).permit(:name)
       )
 
-      # SetupJob.enqueue(@mini_environment.id)
+      SetupJob.enqueue(@mini_environment.id)
     end
 
     redirect_to @mini_environment
diff --git a/app/jobs/destroy_job.rb b/app/jobs/destroy_job.rb
new file mode 100644
index 0000000..7f13fdd
--- /dev/null
+++ b/app/jobs/destroy_job.rb
@@ -0,0 +1,26 @@
+require 'ruby_terraform'
+
+class DestroyJob < TerraformJob
+  @retry_interval = 30
+
+  def run_terraform
+    puts "Destroying #{@mini_environment.name}"
+
+    Dir.chdir('terraform/aws') do
+      RubyTerraform.destroy(
+        vars: {
+          aws_region: 'eu-west-1',
+          slug: @mini_environment.name.parameterize,
+          ssh_public_key: ssh_public_key,
+        },
+        force: true
+      )
+    end
+  end
+
+  def ssh_public_key
+    File.open("#{ENV['HOME']}/.ssh/id_rsa.pub") do |file|
+      file.readline()
+    end
+  end
+end
diff --git a/app/jobs/setup_job.rb b/app/jobs/setup_job.rb
index 6b4f9fe..6791dd6 100644
--- a/app/jobs/setup_job.rb
+++ b/app/jobs/setup_job.rb
@@ -1,24 +1,34 @@
 require 'ruby_terraform'
 
 class SetupJob < TerraformJob
+  @retry_interval = 30
+
   def run_terraform
     puts "Setting up #{@mini_environment.name}"
 
-    RubyTerraform.init(
-      source: 'terraform/aws',
-      path: 'terraform/aws',
-      backend: true,
-      backend_config: {
-        address: 'http://localhost:3000' + Rails.application.routes.url_helpers.terraform_http_backend_path
-      }
-    )
+    Dir.chdir('terraform/aws') do
+      RubyTerraform.init(
+        backend: true,
+        backend_config: {
+          address: 'http://localhost:3000' + Rails.application.routes.url_helpers.terraform_http_backend_path
+        }
+      )
+
+      RubyTerraform.apply(
+        directory: 'mini_environment', 
+        vars: {
+          aws_region: 'eu-west-1',
+          slug: @mini_environment.name.parameterize,
+          ssh_public_key: ssh_public_key,
+        },
+        auto_approve: true
+      )
+    end
+  end
 
-    RubyTerraform.apply(
-      directory: 'terraform/aws', 
-      vars: {
-        slug: @mini_environment.name.parameterize
-      },
-      auto_approve: true
-    )
+  def ssh_public_key
+    File.open("#{ENV['HOME']}/.ssh/id_rsa.pub") do |file|
+      file.readline()
+    end
   end
 end
diff --git a/app/views/mini_environments/show.html.erb b/app/views/mini_environments/show.html.erb
index 5b2199e..0cc6bc6 100644
--- a/app/views/mini_environments/show.html.erb
+++ b/app/views/mini_environments/show.html.erb
@@ -1,5 +1,7 @@
 <h1>Name: <%= @mini_environment.name %></h1>
 
+<a href="https://signon.<%= @mini_environment.name.parameterize %>.aws.cbaines.net">View</a>
+
 <h2>Finished jobs</h2>
 
 <% @mini_environment.finished_terraform_jobs.each do |job| %>
diff --git a/db/migrate/20180206203924_add_info_to_mini_environment.rb b/db/migrate/20180206203924_add_info_to_mini_environment.rb
new file mode 100644
index 0000000..a9e6db8
--- /dev/null
+++ b/db/migrate/20180206203924_add_info_to_mini_environment.rb
@@ -0,0 +1,5 @@
+class AddInfoToMiniEnvironment < ActiveRecord::Migration[5.1]
+  def change
+    add_column :mini_environments, :info, :jsonb
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index a20083e..39cc82c 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20180128125638) do
+ActiveRecord::Schema.define(version: 20180206203924) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -26,6 +26,7 @@ ActiveRecord::Schema.define(version: 20180128125638) do
     t.string "name"
     t.datetime "created_at", null: false
     t.datetime "updated_at", null: false
+    t.jsonb "info"
   end
 
   create_table "minienvironments", force: :cascade do |t|
diff --git a/terraform/aws/mini_environment.tf b/terraform/aws/mini_environment.tf
index 56c8a3c..ddaefd0 100644
--- a/terraform/aws/mini_environment.tf
+++ b/terraform/aws/mini_environment.tf
@@ -6,14 +6,21 @@ variable "slug" {
   type = "string"
 }
 
+variable "aws_region" {
+  type = "string"
+}
+
+variable "ssh_public_key" {
+  type = "string"
+}
+
 
 provider "aws" {
-  region     = "eu-west-1"
+  region  = "${var.aws_region}"
 }
 
 resource "aws_key_pair" "deployer" {
-  key_name   = "deployer"
-  public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwICJ0eU/M+373AwzuvFtr+xCQdIQfK8CgbroCVMR2nezt/M+I8TIHtY9eb7M7J9Wnpgo+ObVbEmLXZeyzjme4BVBEBCUfKnkxmysqQFCb3NM96rLz509HFsKx/evo8Y+oazuW2L3vnLEKkqXq8jhL2YhlRWZwdNoEBa5N6Lsk/C4zwElAJKRkUDURLZcaNQOiTBtXh4lviX6Fj8rXjRgw/rZZ/fkWkLhP0RuS9V6Pw+f58sgFPkw19ZXj0LZNGHxeeCnyU7Ll0WlZa3WkDwbhNDvHJy6ZcIYZYHJicRKfbeCgBS7KRJvAlnW88au2wbU9t02H9INJyI5Mwua23X9v7tPvFLIFUOHIL5oCJEFYO4iM3lHTwrAov3UQ4/hsV/EVL1rQ1htDMt0QoXxQnJH0u7ThssGi1shJb34/F828lj1qPE4vjvoEyOLZs/pUwXbKHnKevQyiU159J/41shp7HNYh0d6eAeyFSnyvdfhvzx2TdKII0LaXdIgA3BYhN+j4ljNuN1BLEllJNb3u2L8FyyV/PA53k9XE8RdVU3JpE2m1u/49sgYiboruQzzQqelyuvBnajf/4q5wMQrJ8lf4PXp/oTwcvolJ/qiQ5qkfCx7sZojgLZlz1ReqsGAubEpZydme1Ujm5SGVkSSHC/Kx4sDADetJ3k6b1s4Y6w6cfw== chris@giedi"
+  public_key = "${var.ssh_public_key}"
 }
 
 data "aws_security_group" "guix-client" {
@@ -28,8 +35,12 @@ data "aws_route53_zone" "main" {
   zone_id = "ZD004G8DN6AQZ"
 }
 
+data "aws_efs_file_system" "main" {
+  file_system_id = "fs-81e05e48"
+}
+
 data "template_file" "govuk_service" {
-  template = "file(example/govuk.service.tpl)"
+  template = "${file("${path.module}/mini_environment/govuk.service.tpl")}"
 
   vars {
     guix_daemon_socket = "guix://${data.aws_instance.guix-daemon.private_dns}",
@@ -69,9 +80,9 @@ resource "aws_spot_instance_request" "example" {
       "sudo tune2fs -o user_xattr /dev/xvda1",
       "sudo sed 's/#RUN/RUN/' -i /etc/default/cachefilesd",
       "sudo mkdir -p /gnu/store",
-      "sudo mount -t nfs4 -o ro,nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,actimeo=600,fsc,nocto,retrans=2 fs-81e05e48.efs.eu-west-1.amazonaws.com:gnu/store /gnu/store",
+      "sudo mount -t nfs4 -o ro,nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,actimeo=600,fsc,nocto,retrans=2 ${data.aws_efs_file_system.main.dns_name}:gnu/store /gnu/store",
       "sudo mkdir -p /var/guix",
-      "sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 fs-81e05e48.efs.eu-west-1.amazonaws.com:var/guix /var/guix",
+      "sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 ${data.aws_efs_file_system.main.dns_name}:var/guix /var/guix",
       "echo \"export GUIX_DAEMON_SOCKET=guix://${data.aws_instance.guix-daemon.private_dns}\" | sudo tee /etc/profile.d/guix-daemon-socket.sh",
       #"sudo systemctl restart cachefilesd",
       "sudo mv /home/ubuntu/govuk.service /etc/systemd/system/govuk.service",
@@ -102,3 +113,13 @@ resource "aws_route53_record" "example_wildcard" {
   ttl     = "60"
   records = ["${aws_spot_instance_request.example.public_ip}"]
 }
+
+# Outputs
+
+output "spot_bid_status" {
+  value = "${aws_spot_instance_request.example.spot_bid_status}"
+}
+
+output "spot_request_status" {
+  value = "${aws_spot_instance_request.example.spot_request_state}"
+}
diff --git a/terraform/aws/mini_environment/govuk.service.tpl b/terraform/aws/mini_environment/govuk.service.tpl
index 52b4b56..750ddaf 100644
--- a/terraform/aws/mini_environment/govuk.service.tpl
+++ b/terraform/aws/mini_environment/govuk.service.tpl
@@ -4,9 +4,9 @@ After=network.target
 
 [Service]
 Type=simple
-User=ubuntu
+User=root
 WorkingDirectory=/home/ubuntu
-Environment="GUIX_DAEMON_SOCKET=guix://${guix_daemon_socket}"
+Environment="GUIX_DAEMON_SOCKET=${guix_daemon_socket}"
 ExecStart=/var/guix/profiles/per-user/ubuntu/guix-profile/bin/govuk system start --rails-environment=production --app-domain=${app_domain} --web-domain=${web_domain} --use-high-ports=false --use-https=certbot --fallback
 
 [Install]