From bc1ffc5214ab3f563b60523d9c349fab7974e634 Mon Sep 17 00:00:00 2001 From: Christopher Baines Date: Sun, 18 Feb 2018 11:23:41 +0000 Subject: Add some govuk-guix related jobs And various other views and routes. --- terraform/aws/mini_environment.tf | 9 ++++++--- terraform/aws/mini_environment/govuk.service.tpl | 3 +-- 2 files changed, 7 insertions(+), 5 deletions(-) (limited to 'terraform') diff --git a/terraform/aws/mini_environment.tf b/terraform/aws/mini_environment.tf index ddaefd0..bf3a356 100644 --- a/terraform/aws/mini_environment.tf +++ b/terraform/aws/mini_environment.tf @@ -14,6 +14,9 @@ variable "ssh_public_key" { type = "string" } +variable "start_command" { + type = "string" +} provider "aws" { region = "${var.aws_region}" @@ -43,9 +46,7 @@ data "template_file" "govuk_service" { template = "${file("${path.module}/mini_environment/govuk.service.tpl")}" vars { - guix_daemon_socket = "guix://${data.aws_instance.guix-daemon.private_dns}", - app_domain = "${var.slug}.aws.cbaines.net", - web_domain = "www.${var.slug}.aws.cbaines.net" + start_command = "${var.start_command}" } } @@ -85,6 +86,8 @@ resource "aws_spot_instance_request" "example" { "sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 ${data.aws_efs_file_system.main.dns_name}:var/guix /var/guix", "echo \"export GUIX_DAEMON_SOCKET=guix://${data.aws_instance.guix-daemon.private_dns}\" | sudo tee /etc/profile.d/guix-daemon-socket.sh", #"sudo systemctl restart cachefilesd", + "sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080", + "sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443", "sudo mv /home/ubuntu/govuk.service /etc/systemd/system/govuk.service", "sudo systemctl daemon-reload", "sudo systemctl enable govuk.service", diff --git a/terraform/aws/mini_environment/govuk.service.tpl b/terraform/aws/mini_environment/govuk.service.tpl index 750ddaf..5c65267 100644 --- a/terraform/aws/mini_environment/govuk.service.tpl +++ b/terraform/aws/mini_environment/govuk.service.tpl @@ -6,8 +6,7 @@ After=network.target Type=simple User=root WorkingDirectory=/home/ubuntu -Environment="GUIX_DAEMON_SOCKET=${guix_daemon_socket}" -ExecStart=/var/guix/profiles/per-user/ubuntu/guix-profile/bin/govuk system start --rails-environment=production --app-domain=${app_domain} --web-domain=${web_domain} --use-high-ports=false --use-https=certbot --fallback +ExecStart=${start_command} [Install] WantedBy=multi-user.target -- cgit v1.2.3