From b0fb84589492da2167d301fe2c7dda15f88001dc Mon Sep 17 00:00:00 2001 From: Isaac Hunter Date: Sat, 2 Mar 2024 16:38:18 -0500 Subject: [PATCH] change ec2 security group, fix proxy tpl file name --- deploy/ec2.tf | 12 ++++++++++-- deploy/templates/ec2/server-setup.sh.tpl | 2 +- deploy/variables.tf | 15 ++++++++++++--- proxy/Dockerfile | 2 +- proxy/entrypoint.sh | 2 +- 5 files changed, 25 insertions(+), 8 deletions(-) diff --git a/deploy/ec2.tf b/deploy/ec2.tf index c856711..458440c 100644 --- a/deploy/ec2.tf +++ b/deploy/ec2.tf @@ -51,14 +51,16 @@ resource "aws_instance" "jukebox_server" { HOST = var.SERVER__HOST JWT_SECRET_KEY = var.SERVER__JWT_SECRET_KEY TOKEN_HEADER_KEY = var.SERVER__TOKEN_HEADER_KEY - MONGO_URI = var.SERVER__MONGO_URI + MONGO_URI = "mongodb://${var.DB__MONGO_USER}:${var.DB__MONGO_PASSWORD}@mongodb:27017" SP_ID = var.SERVER__SP_ID SP_SECRET = var.SERVER__SP_SECRET + MONGO_USER = var.DB__MONGO_USER + MONGO_PASSWORD = var.DB__MONGO_PASSWORD } }) key_name = var.ssh_key_name user_data_replace_on_change = true - subnet_id = aws_subnet.public_a.id + subnet_id = aws_subnet.public_a.id vpc_security_group_ids = [ aws_security_group.jukebox_server.id ] @@ -82,6 +84,12 @@ resource "aws_security_group" "jukebox_server" { to_port = 22 cidr_blocks = ["0.0.0.0/0"] } + ingress { + protocol = "tcp" + from_port = 80 + to_port = 80 + cidr_blocks = ["0.0.0.0/0"] + } egress { protocol = "tcp" diff --git a/deploy/templates/ec2/server-setup.sh.tpl b/deploy/templates/ec2/server-setup.sh.tpl index c009d43..51a0e54 100644 --- a/deploy/templates/ec2/server-setup.sh.tpl +++ b/deploy/templates/ec2/server-setup.sh.tpl @@ -15,7 +15,7 @@ sudo chmod +x /usr/local/bin/docker-compose sudo usermod -aG docker ec2-user # Add user to "docker" group for permissions -cd ~ +# cd ~ sudo yum install -y git git clone https://github.com/ufosc/Jukebox-Server.git /home/ec2-user/Jukebox-Server diff --git a/deploy/variables.tf b/deploy/variables.tf index 02f9e19..7728de5 100644 --- a/deploy/variables.tf +++ b/deploy/variables.tf @@ -47,9 +47,7 @@ variable "SERVER__JWT_SECRET_KEY" { variable "SERVER__TOKEN_HEADER_KEY" { default = "Authorization" } -variable "SERVER__MONGO_URI" { - default = "mongodb://root:changeme@mongo-jukebox:27017" -} +# variable "SERVER__SP_ID" { description = "Spotify App ID" } @@ -57,3 +55,14 @@ variable "SERVER__SP_SECRET" { description = "Spotify App Secret" } +variable "DB__MONGO_USER" { + description = "MongoDB Username" +} +variable "DB__MONGO_PASSWORD" { + description = "MongoDB Password" +} + +# variable "SERVER__MONGO_URI" { +# default = "mongodb://${var.DB__MONGO_USER}:${var.DB__MONGO_PASSWORD}@mongodb:27017" +# } + diff --git a/proxy/Dockerfile b/proxy/Dockerfile index 4802bea..004f23a 100644 --- a/proxy/Dockerfile +++ b/proxy/Dockerfile @@ -1,7 +1,7 @@ FROM nginxinc/nginx-unprivileged:1-alpine LABEL maintainer="web@ikehunter.dev" -COPY ./default.conf /etc/nginx/default.conf +COPY ./default.conf.tpl /etc/nginx/default.conf.tpl COPY ./entrypoint.sh /entrypoint.sh USER root diff --git a/proxy/entrypoint.sh b/proxy/entrypoint.sh index f3f1254..6bfff53 100644 --- a/proxy/entrypoint.sh +++ b/proxy/entrypoint.sh @@ -2,5 +2,5 @@ set -e -envsubst < /etc/nginx/default.conf > /etc/nginx/conf.d/default.conf +envsubst < /etc/nginx/default.conf.tpl > /etc/nginx/conf.d/default.conf nginx -g 'daemon off;'