1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
terraform {
backend "http" {}
}
variable "slug" {
type = "string"
}
variable "aws_region" {
type = "string"
}
variable "ssh_public_key" {
type = "string"
}
provider "aws" {
region = "${var.aws_region}"
}
resource "aws_key_pair" "deployer" {
public_key = "${var.ssh_public_key}"
}
data "aws_security_group" "guix-client" {
id = "sg-d8003ba3"
}
data "aws_instance" "guix-daemon" {
instance_id = "i-010e25f85dfa73e72"
}
data "aws_route53_zone" "main" {
zone_id = "ZD004G8DN6AQZ"
}
data "aws_efs_file_system" "main" {
file_system_id = "fs-81e05e48"
}
data "template_file" "govuk_service" {
template = "${file("${path.module}/mini_environment/govuk.service.tpl")}"
vars {
guix_daemon_socket = "guix://${data.aws_instance.guix-daemon.private_dns}",
app_domain = "${var.slug}.aws.cbaines.net",
web_domain = "www.${var.slug}.aws.cbaines.net"
}
}
resource "aws_spot_instance_request" "example" {
ami = "ami-8fd760f6"
instance_type = "t2.large"
key_name = "${aws_key_pair.deployer.key_name}"
security_groups = [
"${data.aws_security_group.guix-client.name}",
"default",
"public-webserver"
]
wait_for_fulfillment = true
spot_price = "0.05"
provisioner "file" {
content = "${data.template_file.govuk_service.rendered}"
destination = "/home/ubuntu/govuk.service"
connection {
type = "ssh"
user = "ubuntu"
}
}
provisioner "remote-exec" {
inline = [
"sudo apt-get update",
"sudo apt-get update",
"sudo apt-get -y install nfs-common cachefilesd",
"sudo tune2fs -o user_xattr /dev/xvda1",
"sudo sed 's/#RUN/RUN/' -i /etc/default/cachefilesd",
"sudo mkdir -p /gnu/store",
"sudo mount -t nfs4 -o ro,nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,actimeo=600,fsc,nocto,retrans=2 ${data.aws_efs_file_system.main.dns_name}:gnu/store /gnu/store",
"sudo mkdir -p /var/guix",
"sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 ${data.aws_efs_file_system.main.dns_name}:var/guix /var/guix",
"echo \"export GUIX_DAEMON_SOCKET=guix://${data.aws_instance.guix-daemon.private_dns}\" | sudo tee /etc/profile.d/guix-daemon-socket.sh",
#"sudo systemctl restart cachefilesd",
"sudo mv /home/ubuntu/govuk.service /etc/systemd/system/govuk.service",
"sudo systemctl daemon-reload",
"sudo systemctl enable govuk.service",
"sudo systemctl start govuk.service"
]
connection {
type = "ssh"
user = "ubuntu"
}
}
}
resource "aws_route53_record" "example" {
zone_id = "${data.aws_route53_zone.main.zone_id}"
name = "${var.slug}"
type = "A"
ttl = "60"
records = ["${aws_spot_instance_request.example.public_ip}"]
}
resource "aws_route53_record" "example_wildcard" {
zone_id = "${data.aws_route53_zone.main.zone_id}"
name = "*.${var.slug}"
type = "A"
ttl = "60"
records = ["${aws_spot_instance_request.example.public_ip}"]
}
# Outputs
output "spot_bid_status" {
value = "${aws_spot_instance_request.example.spot_bid_status}"
}
output "spot_request_status" {
value = "${aws_spot_instance_request.example.spot_request_state}"
}
|