1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
provider "aws" {
region = "eu-west-1"
}
resource "aws_key_pair" "deployer" {
key_name = "deployer"
public_key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCwICJ0eU/M+373AwzuvFtr+xCQdIQfK8CgbroCVMR2nezt/M+I8TIHtY9eb7M7J9Wnpgo+ObVbEmLXZeyzjme4BVBEBCUfKnkxmysqQFCb3NM96rLz509HFsKx/evo8Y+oazuW2L3vnLEKkqXq8jhL2YhlRWZwdNoEBa5N6Lsk/C4zwElAJKRkUDURLZcaNQOiTBtXh4lviX6Fj8rXjRgw/rZZ/fkWkLhP0RuS9V6Pw+f58sgFPkw19ZXj0LZNGHxeeCnyU7Ll0WlZa3WkDwbhNDvHJy6ZcIYZYHJicRKfbeCgBS7KRJvAlnW88au2wbU9t02H9INJyI5Mwua23X9v7tPvFLIFUOHIL5oCJEFYO4iM3lHTwrAov3UQ4/hsV/EVL1rQ1htDMt0QoXxQnJH0u7ThssGi1shJb34/F828lj1qPE4vjvoEyOLZs/pUwXbKHnKevQyiU159J/41shp7HNYh0d6eAeyFSnyvdfhvzx2TdKII0LaXdIgA3BYhN+j4ljNuN1BLEllJNb3u2L8FyyV/PA53k9XE8RdVU3JpE2m1u/49sgYiboruQzzQqelyuvBnajf/4q5wMQrJ8lf4PXp/oTwcvolJ/qiQ5qkfCx7sZojgLZlz1ReqsGAubEpZydme1Ujm5SGVkSSHC/Kx4sDADetJ3k6b1s4Y6w6cfw== chris@giedi"
}
data "aws_security_group" "guix-client" {
id = "sg-d8003ba3"
}
data "aws_instance" "guix-daemon" {
instance_id = "i-010e25f85dfa73e72"
}
data "aws_route53_zone" "main" {
zone_id = "ZD004G8DN6AQZ"
}
data "template_file" "govuk_service" {
template = "file(example/govuk.service.tpl)"
vars {
guix_daemon_socket = "guix://${data.aws_instance.guix-daemon.private_dns}",
app_domain = "banana.aws.cbaines.net",
web_domain = "www.banana.aws.cbaines.net"
}
}
resource "aws_spot_instance_request" "example" {
ami = "ami-8fd760f6"
instance_type = "t2.large"
key_name = "${aws_key_pair.deployer.key_name}"
security_groups = [
"${data.aws_security_group.guix-client.name}",
"default",
"public-webserver"
]
wait_for_fulfillment = true
spot_price = "0.05"
provisioner "file" {
content = "${data.template_file.govuk_service.rendered}"
destination = "/home/ubuntu/govuk.service"
connection {
type = "ssh"
user = "ubuntu"
}
}
provisioner "remote-exec" {
inline = [
"sudo apt-get update",
"sudo apt-get update",
"sudo apt-get -y install nfs-common cachefilesd",
"sudo tune2fs -o user_xattr /dev/xvda1",
"sudo sed 's/#RUN/RUN/' -i /etc/default/cachefilesd",
"sudo mkdir -p /gnu/store",
"sudo mount -t nfs4 -o ro,nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,actimeo=600,fsc,nocto,retrans=2 fs-81e05e48.efs.eu-west-1.amazonaws.com:gnu/store /gnu/store",
"sudo mkdir -p /var/guix",
"sudo mount -t nfs4 -o nfsvers=4.1,rsize=1048576,wsize=1048576,hard,timeo=600,retrans=2 fs-81e05e48.efs.eu-west-1.amazonaws.com:var/guix /var/guix",
"echo \"export GUIX_DAEMON_SOCKET=guix://${data.aws_instance.guix-daemon.private_dns}\" | sudo tee /etc/profile.d/guix-daemon-socket.sh",
#"sudo systemctl restart cachefilesd",
"sudo mv /home/ubuntu/govuk.service /etc/systemd/system/govuk.service",
"sudo systemctl daemon-reload",
"sudo systemctl enable govuk.service",
"sudo systemctl start govuk.service"
]
connection {
type = "ssh"
user = "ubuntu"
}
}
}
resource "aws_route53_record" "example" {
zone_id = "${data.aws_route53_zone.main.zone_id}"
name = "banana"
type = "A"
ttl = "60"
records = ["${aws_spot_instance_request.example.public_ip}"]
}
resource "aws_route53_record" "example_wildcard" {
zone_id = "${data.aws_route53_zone.main.zone_id}"
name = "*.banana"
type = "A"
ttl = "60"
records = ["${aws_spot_instance_request.example.public_ip}"]
}
|