Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit1ac0031

Browse files
Merge pull requestStubbornJava#62 from StubbornJava/f/terraform
add jenkins + terraform
2 parentsf178eb4 +7e14097 commit1ac0031

File tree

10 files changed

+336
-1
lines changed

10 files changed

+336
-1
lines changed

‎.gitignore‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,3 +21,6 @@ gradlew.bat
2121

2222
.vault_pw.txt
2323
**.retry
24+
25+
terraform.tfstate*
26+
.terraform/

‎ansible/ci.yml‎

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,17 @@
1+
# Run with ANSIBLE_ROLES_PATH=$ANSIBLE_ROLES_PATH:ansible/galaxy_roles ansible-playbook -i ansible/hosts ansible/ci.yml
2+
---
3+
-hosts:tag_Role_ci
4+
become:true
5+
vars:
6+
java_home:"/usr/lib/jvm/jre-1.8.0-openjdk.x86_64"
7+
java_packages:
8+
-java-1.8.0-openjdk
9+
nginx_sites:
10+
default:
11+
-listen 80
12+
-server_name _
13+
-return 301 https://jenkins.stubbornjava.com$request_uri
14+
roles:
15+
-galaxy_roles/geerlingguy.java
16+
-galaxy_roles/geerlingguy.jenkins
17+
-galaxy_roles/jdauphant.nginx

‎ansible/group_vars/all‎

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
---
2+
ansible_user: ec2-user

‎ansible/install_roles.yml‎

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,10 @@
1-
# ansible-galaxy install -r install_roles.yml
1+
# ansible-galaxy install --roles-path=galaxy_roles/ -r install_roles.yml
22

33
-src:geerlingguy.java
44
version:1.7.4
5+
6+
-src:geerlingguy.jenkins
7+
version:3.2.1
8+
9+
-src:jdauphant.nginx
10+
version:v2.12.3

‎terraform/global.tfvars‎

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
amis={
2+
amazon-linux-2017-09="ami-8c1be5f6"
3+
}

‎terraform/lb.tf‎

Lines changed: 181 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,181 @@
1+
data"aws_acm_certificate""stubbornjava" {
2+
domain="stubbornjava.com"
3+
statuses=["ISSUED"]
4+
}
5+
6+
data"aws_acm_certificate""wildcard_stubbornjava" {
7+
domain="*.stubbornjava.com"
8+
statuses=["ISSUED"]
9+
}
10+
11+
resource"aws_alb""StubbornJavaLB" {
12+
name="StubbornJavaLB"
13+
internal=false
14+
load_balancer_type="application"
15+
security_groups=["sg-d10c37ac"]
16+
subnets=["${data.aws_subnet_ids.public.ids}"]
17+
ip_address_type="ipv4"
18+
19+
enable_deletion_protection=true
20+
}
21+
22+
resource"aws_lb_target_group""StubbornJavaWeb" {
23+
name="StubbornJavaWeb"
24+
port=8080
25+
protocol="HTTP"
26+
vpc_id="${data.aws_vpc.selected.id}"
27+
28+
health_check {
29+
interval=30
30+
path="/"
31+
port="traffic-port"
32+
protocol="HTTP"
33+
timeout=5
34+
healthy_threshold=5
35+
unhealthy_threshold=2
36+
matcher=200
37+
}
38+
}
39+
40+
resource"aws_lb_listener""sj_https" {
41+
load_balancer_arn="${aws_alb.StubbornJavaLB.arn}"
42+
port="443"
43+
protocol="HTTPS"
44+
ssl_policy="ELBSecurityPolicy-2015-05"
45+
certificate_arn="${data.aws_acm_certificate.stubbornjava.arn}"
46+
47+
default_action {
48+
target_group_arn="${aws_lb_target_group.StubbornJavaWeb.arn}"
49+
type="forward"
50+
}
51+
}
52+
53+
resource"aws_lb_listener""sj_http" {
54+
load_balancer_arn="${aws_alb.StubbornJavaLB.arn}"
55+
port="80"
56+
protocol="HTTP"
57+
58+
default_action {
59+
target_group_arn="${aws_lb_target_group.StubbornJavaWeb.arn}"
60+
type="forward"
61+
}
62+
}
63+
64+
resource"aws_lb_target_group_attachment""StubbornJavaWeb" {
65+
target_group_arn="${aws_lb_target_group.StubbornJavaWeb.arn}"
66+
target_id="i-0839a0bbe4cd3cf40"
67+
port=8080
68+
}
69+
70+
resource"aws_alb""InternalAppsLB" {
71+
name="InternalAppsLB"
72+
internal=false
73+
load_balancer_type="application"
74+
security_groups=["sg-3d320448"]
75+
subnets=["${data.aws_subnet_ids.public.ids}"]
76+
ip_address_type="ipv4"
77+
78+
enable_deletion_protection=true
79+
}
80+
81+
resource"aws_lb_target_group""InternalApps80" {
82+
name="InternalApps80"
83+
port=80
84+
protocol="HTTP"
85+
vpc_id="vpc-e130ee84"
86+
87+
health_check {
88+
interval=30
89+
path="/"
90+
port="traffic-port"
91+
protocol="HTTP"
92+
timeout=5
93+
healthy_threshold=5
94+
unhealthy_threshold=2
95+
matcher=301
96+
}
97+
}
98+
99+
resource"aws_lb_target_group""Jenkins8080" {
100+
name="Jenkins8080"
101+
port=8080
102+
protocol="HTTP"
103+
vpc_id="vpc-e130ee84"
104+
105+
health_check {
106+
interval=30
107+
path="/"
108+
port="traffic-port"
109+
protocol="HTTP"
110+
timeout=5
111+
healthy_threshold=5
112+
unhealthy_threshold=2
113+
matcher=403
114+
}
115+
}
116+
117+
resource"aws_lb_listener""internal_https" {
118+
load_balancer_arn="${aws_alb.InternalAppsLB.arn}"
119+
port="443"
120+
protocol="HTTPS"
121+
ssl_policy="ELBSecurityPolicy-2015-05"
122+
certificate_arn="${data.aws_acm_certificate.wildcard_stubbornjava.arn}"
123+
124+
default_action {
125+
target_group_arn="${aws_lb_target_group.Jenkins8080.arn}"
126+
type="forward"
127+
}
128+
}
129+
130+
resource"aws_lb_listener""internal_http" {
131+
load_balancer_arn="${aws_alb.InternalAppsLB.arn}"
132+
port="80"
133+
protocol="HTTP"
134+
135+
default_action {
136+
target_group_arn="${aws_lb_target_group.InternalApps80.arn}"
137+
type="forward"
138+
}
139+
}
140+
141+
resource"aws_lb_target_group_attachment""InternalApps80" {
142+
target_group_arn="${aws_lb_target_group.InternalApps80.arn}"
143+
target_id="${aws_instance.ci.id}"
144+
port=80
145+
}
146+
147+
resource"aws_lb_target_group_attachment""Jenkins8080" {
148+
target_group_arn="${aws_lb_target_group.Jenkins8080.arn}"
149+
target_id="${aws_instance.ci.id}"
150+
port=8080
151+
}
152+
153+
resource"aws_lb_listener_rule""jenkins_http" {
154+
listener_arn="${aws_lb_listener.internal_http.arn}"
155+
priority=99
156+
157+
action {
158+
type="forward"
159+
target_group_arn="${aws_lb_target_group.InternalApps80.arn}"
160+
}
161+
162+
condition {
163+
field="host-header"
164+
values=["jenkins.stubbornjava.com"]
165+
}
166+
}
167+
168+
resource"aws_lb_listener_rule""jenkins_https" {
169+
listener_arn="${aws_lb_listener.internal_https.arn}"
170+
priority=99
171+
172+
action {
173+
type="forward"
174+
target_group_arn="${aws_lb_target_group.Jenkins8080.arn}"
175+
}
176+
177+
condition {
178+
field="host-header"
179+
values=["jenkins.stubbornjava.com"]
180+
}
181+
}

‎terraform/r53.tf‎

Lines changed: 73 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,73 @@
1+
resource"aws_route53_zone""stubbornjava" {
2+
name="stubbornjava.com."
3+
comment="HostedZone created by Route53 Registrar"
4+
force_destroy=false
5+
}
6+
7+
resource"aws_route53_record""acm_wildcard_validation" {
8+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
9+
name="_0aae0c14fdb61a1eace4820316e1b289.${aws_route53_zone.stubbornjava.name}"
10+
type="CNAME"
11+
ttl="300"
12+
records=["_0285fe9cd2fa8d2e5b3307a3d627e407.acm-validations.aws"]
13+
}
14+
15+
resource"aws_route53_record""elb" {
16+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
17+
name="${aws_route53_zone.stubbornjava.name}"
18+
type="A"
19+
20+
alias {
21+
name="${lower(aws_alb.StubbornJavaLB.dns_name)}"
22+
zone_id="${aws_alb.StubbornJavaLB.zone_id}"
23+
evaluate_target_health=false
24+
}
25+
}
26+
27+
resource"aws_route53_record""www" {
28+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
29+
name="www.${aws_route53_zone.stubbornjava.name}"
30+
type="A"
31+
32+
alias {
33+
name="${aws_route53_zone.stubbornjava.name}"
34+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
35+
evaluate_target_health=false
36+
}
37+
}
38+
39+
resource"aws_route53_record""www_local" {
40+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
41+
name="www.local.${aws_route53_zone.stubbornjava.name}"
42+
type="A"
43+
ttl=300
44+
records=["127.0.0.1"]
45+
}
46+
47+
resource"aws_route53_record""local" {
48+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
49+
name="local.${aws_route53_zone.stubbornjava.name}"
50+
type="A"
51+
ttl=300
52+
records=["127.0.0.1"]
53+
}
54+
55+
resource"aws_route53_record""jenkins" {
56+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
57+
name="jenkins.${aws_route53_zone.stubbornjava.name}"
58+
type="A"
59+
60+
alias {
61+
name="${lower(aws_alb.InternalAppsLB.dns_name)}"
62+
zone_id="${aws_alb.InternalAppsLB.zone_id}"
63+
evaluate_target_health=false
64+
}
65+
}
66+
67+
resource"aws_route53_record""git" {
68+
zone_id="${aws_route53_zone.stubbornjava.zone_id}"
69+
name="git.${aws_route53_zone.stubbornjava.name}"
70+
type="TXT"
71+
ttl=300
72+
records=["https://github.com/StubbornJava"]
73+
}

‎terraform/s3.tf‎

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
terraform {
2+
backend"s3" {
3+
bucket="stubbornjava-terraform"
4+
key="prod/terraform.tfstate"
5+
region="us-east-1"
6+
}
7+
}

‎terraform/stubbornjava.tf‎

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,33 @@
1+
provider"aws" {
2+
region="us-east-1"
3+
}
4+
5+
variable"amis" {
6+
type="map"
7+
default={}
8+
}
9+
10+
# TODO: import stubbornjava-webapp
11+
12+
resource"aws_instance""ci" {
13+
count=1
14+
ami="${var.amis["amazon-linux-2017-09"]}"
15+
disable_api_termination=true
16+
instance_type="t2.micro"
17+
monitoring=false
18+
subnet_id="${element(data.aws_subnet_ids.public.ids, count.index)}"
19+
key_name="stubbornjava"
20+
vpc_security_group_ids=["sg-e10c3a94","sg-1a39ad66"]
21+
associate_public_ip_address=true
22+
23+
tags {
24+
Name="Jenkins"
25+
Role="ci"
26+
}
27+
28+
root_block_device {
29+
volume_type="gp2"
30+
volume_size=20
31+
delete_on_termination=true
32+
}
33+
}

‎terraform/vpc.tf‎

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
data"aws_vpc""selected" {
2+
state="available"
3+
}
4+
5+
data"aws_subnet_ids""public" {
6+
vpc_id="${data.aws_vpc.selected.id}"
7+
tags {
8+
Public="Yes"
9+
}
10+
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp