Skip to content

Commit 1a2014e

Browse files
committed
setup infra
1 parent 1bc78ae commit 1a2014e

10 files changed

Lines changed: 220 additions & 0 deletions

File tree

.github/workflows/infra.yml

Lines changed: 103 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,103 @@
1+
name: Infrastructure Provisioning
2+
3+
on:
4+
workflow_dispatch:
5+
6+
jobs:
7+
provision:
8+
runs-on: ubuntu-latest
9+
10+
steps:
11+
- uses: actions/checkout@v4
12+
13+
# ---------------------------
14+
# Configure AWS Credentials
15+
# ---------------------------
16+
- name: Configure AWS Credentials
17+
uses: aws-actions/configure-aws-credentials@v4
18+
with:
19+
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
20+
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
21+
aws-region: ${{ secrets.AWS_REGION }}
22+
23+
# ---------------------------
24+
# Setup Terraform
25+
# ---------------------------
26+
- name: Setup Terraform
27+
uses: hashicorp/setup-terraform@v3
28+
29+
- name: Terraform Init
30+
working-directory: next-ui/terraform
31+
run: terraform init
32+
33+
- name: Terraform Apply
34+
working-directory: next-ui/terraform
35+
run: |
36+
terraform apply -auto-approve \
37+
-var="region=${{ secrets.AWS_REGION }}" \
38+
-var="key_name=motion-fe-key" \
39+
-var="security_group_id=${{ secrets.SECURITY_GROUP_ID }}"
40+
41+
# ---------------------------
42+
# Get EC2 Public IP
43+
# ---------------------------
44+
- name: Get EC2 IP
45+
id: terraform_output
46+
working-directory: next-ui/terraform
47+
run: echo "EC2_IP=$(terraform output -raw ec2_public_ip)" >> $GITHUB_ENV
48+
49+
# ---------------------------
50+
# Install Ansible
51+
# ---------------------------
52+
- name: Install Ansible
53+
run: |
54+
sudo apt-get update
55+
sudo apt-get install -y python3-pip
56+
pip3 install ansible
57+
58+
# ---------------------------
59+
# Add SSH Key
60+
# ---------------------------
61+
- name: Add SSH Key
62+
run: |
63+
echo "${{ secrets.EC2_SSH_PRIVATE_KEY }}" > key.pem
64+
chmod 600 key.pem
65+
66+
# ---------------------------
67+
# Create Inventory (Ubuntu user!)
68+
# ---------------------------
69+
- name: Create Inventory
70+
run: |
71+
echo "[web]" > inventory.ini
72+
echo "$EC2_IP ansible_user=ubuntu ansible_python_interpreter=/usr/bin/python3 ansible_ssh_common_args='-o StrictHostKeyChecking=no'" >> inventory.ini
73+
74+
# ---------------------------
75+
# Wait for EC2 SSH
76+
# ---------------------------
77+
- name: Wait for EC2 to be ready
78+
run: |
79+
echo "Waiting for SSH to be available on $EC2_IP..."
80+
for i in {1..20}; do
81+
if ssh -o StrictHostKeyChecking=no -o ConnectTimeout=5 -i key.pem ubuntu@$EC2_IP echo "SSH ready"; then
82+
echo "EC2 is ready!"
83+
break
84+
fi
85+
echo "Attempt $i failed, retrying in 10s..."
86+
sleep 10
87+
done
88+
89+
# ---------------------------
90+
# Debug Remote Host
91+
# ---------------------------
92+
- name: Debug remote host
93+
run: |
94+
ssh -o StrictHostKeyChecking=no -i key.pem ubuntu@$EC2_IP "which python3 && python3 --version && uname -a"
95+
96+
- name: Debug inventory
97+
run: cat inventory.ini
98+
99+
# ---------------------------
100+
# Run Ansible
101+
# ---------------------------
102+
- name: Run Ansible
103+
run: ansible-playbook -i inventory.ini next-ui/ansible/playbook.yml --private-key key.pem

next-ui/ansible/inventory.ini

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
[web]
2+
EC2_HOST ansible_user=ubuntu ansible_python_interpreter=/usr/bin/python3 ansible_ssh_common_args='-o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null'

next-ui/ansible/playbook.yml

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
- hosts: web
2+
gather_facts: false
3+
become: yes
4+
5+
tasks:
6+
- name: Install prerequisites
7+
raw: |
8+
apt-get update
9+
apt-get install -y ca-certificates curl gnupg lsb-release
10+
11+
- name: Add Docker GPG key
12+
raw: |
13+
mkdir -p /etc/apt/keyrings
14+
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
15+
16+
- name: Add Docker repository
17+
raw: |
18+
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \
19+
| tee /etc/apt/sources.list.d/docker.list > /dev/null
20+
21+
- name: Install Docker Engine
22+
raw: |
23+
apt-get update
24+
apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
25+
26+
- name: Start Docker service
27+
raw: |
28+
systemctl enable docker
29+
systemctl start docker
30+
31+
- name: Add ubuntu-user to docker group
32+
raw: usermod -aG docker ubuntu
33+
34+
- name: Pull Docker image
35+
raw: docker pull kenneth4/buygun:latest
36+
37+
- name: Stop old container if it exists
38+
raw: docker rm -f alienui || true
39+
40+
- name: Run container
41+
raw: docker run -d -p 80:3000 --name alienui kenneth4/alienui:latest

next-ui/terraform/backend.tf

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
terraform {
2+
backend "s3" {
3+
bucket = "motion-tf-state"
4+
key = "alienui/terraform.tfstate"
5+
region = "eu-west-1"
6+
dynamodb_table = "motion-tf-locks"
7+
encrypt = true
8+
}
9+
}

next-ui/terraform/main.tf

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
provider "aws" {
2+
region = var.region
3+
}
4+
5+
module "ec2" {
6+
source = "./modules/ec2"
7+
instance_type = var.instance_type
8+
key_name = var.key_name
9+
security_group_id = var.security_group_id
10+
name = "alienui-server"
11+
}
Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
resource "aws_instance" "this" {
2+
ami = "ami-03446a3af42c5e74e"
3+
instance_type = var.instance_type
4+
key_name = var.key_name
5+
vpc_security_group_ids = [var.security_group_id]
6+
7+
tags = {
8+
Name = var.name
9+
}
10+
}
Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
output "public_ip" {
2+
value = aws_instance.this.public_ip
3+
}
4+
5+
output "public_dns" {
6+
value = aws_instance.this.public_dns
7+
}
Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
variable "instance_type" {
2+
type = string
3+
}
4+
5+
variable "key_name" {
6+
type = string
7+
}
8+
9+
variable "security_group_id" {
10+
type = string
11+
}
12+
13+
variable "name" {
14+
type = string
15+
}

next-ui/terraform/outputs.tf

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,7 @@
1+
output "ec2_public_ip" {
2+
value = module.ec2.public_ip
3+
}
4+
5+
output "ec2_public_dns" {
6+
value = module.ec2.public_dns
7+
}

next-ui/terraform/variables.tf

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,15 @@
1+
variable "region" {
2+
default = "eu-west-1"
3+
}
4+
5+
variable "instance_type" {
6+
default = "t3.micro"
7+
}
8+
9+
variable "key_name" {
10+
description = "Existing AWS key pair name"
11+
}
12+
13+
variable "security_group_id" {
14+
description = "Existing Security Group ID to reuse"
15+
}

0 commit comments

Comments
 (0)