-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCloudFormationStack.yml
137 lines (127 loc) · 3.78 KB
/
CloudFormationStack.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
AWSTemplateFormatVersion: '2010-09-09'
Description: Template for 444noresponse.com Platform
Parameters:
AvailabilityZone:
Type: String
Default: eu-central-1a
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: 10.0.0.0/16
EnableDnsSupport: true
EnableDnsHostnames: true
InstanceTenancy: default
Tags:
- Key: Name
Value: 444noresponse.com
SubnetAPublic:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: 10.0.1.0/24
AvailabilityZone: !Ref AvailabilityZone
MapPublicIpOnLaunch: true
Tags:
- Key: Name
Value: 444noresponse.com
InternetGateway:
Type: AWS::EC2::InternetGateway
DependsOn: VPC
Properties:
Tags:
- Key: Name
Value: 444noresponse.com
AttachGateway:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Name
Value: 444noresponse.com
PublicRoute1:
Type: AWS::EC2::Route
DependsOn: AttachGateway
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
SubnetAPublicRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref SubnetAPublic
RouteTableId: !Ref PublicRouteTable
SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Enable SSH, HTTP n HTTPS access for application
VpcId: !Ref VPC
Tags:
- Key: Name
Value: 444noresponse.com
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 443
ToPort: 443
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
# 8080 port for phpmyadmin,securyty reason
# - IpProtocol: tcp
# FromPort: 8080
# ToPort: 8080
# CidrIp: 0.0.0.0/0
# Allow to ping server
# - IpProtocol: icmp
# FromPort: -1
# ToPort: -1
# CidrIp: 0.0.0.0/0
ec2:
Type: AWS::EC2::Instance
Properties:
AvailabilityZone: !Ref AvailabilityZone
SubnetId: !Ref SubnetAPublic
# ImageId: ami-0d527b8c289b4af7f #Ubuntu 20.04 eu-central-1
ImageId: ami-0caef02b518350c8b #Ubuntu 22.04 eu-central-1
InstanceType: t2.micro
KeyName: awsdjole
BlockDeviceMappings:
- DeviceName: '/dev/sda1'
Ebs:
VolumeSize: 20 # in GB
VolumeType: gp2
SecurityGroupIds:
- !Ref SecurityGroup
UserData:
Fn::Base64:
!Sub |
#!/bin/bash
# Install Docker
apt-get update
apt-get install -y apt-transport-https ca-certificates curl software-properties-common
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/ubuntu \
$(lsb_release -cs) \
stable"
apt-get update
apt-get install -y docker-ce
usermod -aG docker ubuntu
# Install docker-compose
# prev-version docker-compose 1.21.0
curl -L https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
Tags:
- Key: Name
Value: 444noresponse.com