added terraform files

.gitignore

@@ -145,3 +145,14 @@ dist-ssr
 *.sw?
 
 **/venv
+
+# Terraform
+# local .terraform dir
+**/.terraform/*
+
+# tf state files
+**/*.tfstate
+**/*.tfstate.*
+
+# tf variable files, may include sensitive data
+**/*.tfvars

devops/terraform/entry-template.tpl

@@ -0,0 +1,29 @@
+#!/bin/bash
+
+sudo yum update -y && sudo yum install -y docker
+sudo systemctl start docker
+sudo usermod -aG docker ec2-user
+public_ip=$(curl -s https://api.ipify.org)
+mqtt_endpoint="tcp://$public_ip:1883"
+export MQTT_ENDPOINT="$mqtt_endpoint"
+echo "MQTT_ENDPOINT=$mqtt_endpoint" | sudo tee -a /etc/environment
+docker run -d --name mqtt \
+    -p 1883:1883 \
+    -p 9001:9001 \
+    -e MQTT_USERNAME=${mqtt_username} \
+    -e MQTT_PASSWORD=${mqtt_password} \
+    -e MQTT_LISTENER=${mqtt_listener} \
+    rafalnowak444/dm-mosquitto:latest
+docker run -d --name react \
+    -p 80:5173 \
+    rafalnowak444/device-management-react:latest
+docker run -d --name device-management \
+    -p 8080:8080 \
+    -e MQTT_USERNAME=${mqtt_username} \
+    -e MQTT_PASSWORD=${mqtt_password} \
+    -e MQTT_ENDPOINT="$mqtt_endpoint" \
+    -e DYNAMO_ENDPOINT=${dynamo_endpoint} \
+    -e AWS_REGION=${aws_region} \
+    -e AWS_ACCESS_KEY_ID=${aws_access_key_id} \
+    -e AWS_SECRET_ACCESS_KEY=${aws_secret_access_key} \
+    rafalnowak444/device-management:latest

devops/terraform/main.tf

@@ -0,0 +1,156 @@
+provider "aws" {
+    region = "eu-north-1"
+}
+
+variable "vpc_cidr_block" {}
+variable "subnet_cidr_block" {}
+variable "avail_zone" {}
+variable "env_prefix" {}
+variable "instance_type" {}
+variable "public_key_location" {}
+variable "mqtt_username" {}
+variable "mqtt_password" {}
+variable "mqtt_listener" {}
+variable "dynamo_endpoint" {}
+variable "aws_region" {}
+variable "aws_access_key_id" {}
+variable "aws_secret_access_key" {}
+
+resource "aws_vpc" "myapp-vpc" {
+    cidr_block = var.vpc_cidr_block
+    tags = {
+      Name: "${var.env_prefix}-vpc"
+    }
+}
+
+resource "aws_subnet" "myapp-subnet-1" {
+    vpc_id = aws_vpc.myapp-vpc.id
+    cidr_block = var.subnet_cidr_block
+    availability_zone = var.avail_zone
+    tags = {
+      Name: "${var.env_prefix}-subnet-1"
+    }
+}
+
+resource "aws_route_table" "myapp-route-table" {
+  vpc_id = aws_vpc.myapp-vpc.id
+
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.myapp-igw.id
+  }
+  tags = {
+    Name: "${var.env_prefix}-rtb"
+  }
+}
+
+resource "aws_internet_gateway" "myapp-igw" {
+  vpc_id = aws_vpc.myapp-vpc.id
+  tags = {
+    Name: "${var.env_prefix}-igw"
+  }
+}
+
+resource "aws_route_table_association" "a-rtb-subnet" {
+  subnet_id = aws_subnet.myapp-subnet-1.id
+  route_table_id = aws_route_table.myapp-route-table.id
+}
+
+resource "aws_security_group" "myapp-sg" {
+  name = "myapp-sg"
+  vpc_id = aws_vpc.myapp-vpc.id
+
+  ingress {
+    from_port = 22
+    to_port = 22
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port = 8080
+    to_port = 8080
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port = 1883
+    to_port = 1883
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port = 80
+    to_port = 80
+    protocol = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port = 0
+    to_port = 0
+    protocol = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+    prefix_list_ids = []
+  }
+
+  tags = {
+    Name: "${var.env_prefix}-sg"
+  }
+}
+
+data "aws_ami" "latest-amazon-linux-image" {
+  most_recent = true
+  owners = ["amazon"]
+  filter {
+    name = "name"
+    values = ["al2023-ami-ecs-hvm-*-arm64"]
+  }
+  filter {
+    name = "virtualization-type"
+    values = ["hvm"]
+  }
+}
+
+output "aws_ami_id" {
+  value = data.aws_ami.latest-amazon-linux-image.id
+}
+
+output "ec2_public_ip" {
+  value = aws_instance.myapp-server.public_ip
+}
+
+resource "aws_key_pair" "ssh-key" {
+  key_name = "server-key"
+  public_key = file(var.public_key_location)
+}
+
+resource "aws_instance" "myapp-server" {
+  ami = data.aws_ami.latest-amazon-linux-image.id
+  instance_type = var.instance_type
+
+  subnet_id = aws_subnet.myapp-subnet-1.id
+  vpc_security_group_ids = [aws_security_group.myapp-sg.id]
+  availability_zone = var.avail_zone
+
+  associate_public_ip_address = true
+  key_name = aws_key_pair.ssh-key.key_name
+
+  # user_data = file("entry-script.sh")
+
+  user_data = templatefile("entry-template.tpl", {
+    mqtt_username = var.mqtt_username
+    mqtt_password = var.mqtt_password
+    mqtt_listener = var.mqtt_listener
+    dynamo_endpoint = var.dynamo_endpoint
+    aws_region = var.aws_region
+    aws_access_key_id = var.aws_access_key_id
+    aws_secret_access_key = var.aws_secret_access_key
+  })
+
+  tags = {
+    Name: "${var.env_prefix}-server"
+  }
+}

devops/terraform/providers.tf

@@ -0,0 +1,8 @@
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      version = "4.65.0"
+    }
+  }
+}