stacco 0.1.36 → 0.1.37
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.git/COMMIT_EDITMSG +1 -1
- data/.git/FETCH_HEAD +3 -1
- data/.git/ORIG_HEAD +1 -1
- data/.git/config +4 -0
- data/.git/index +0 -0
- data/.git/logs/HEAD +53 -0
- data/.git/logs/refs/heads/master +2 -0
- data/.git/logs/refs/heads/use-ami +16 -0
- data/.git/logs/refs/remotes/origin/master +2 -0
- data/.git/logs/refs/remotes/origin/use-ami +4 -0
- data/.git/logs/refs/stash +0 -1
- data/.git/objects/02/c0ae35066960220bdfc7b7d328b229bf953a11 +0 -0
- data/.git/objects/04/ba3537d34f705ab9056d4c516fb14df6784be0 +0 -0
- data/.git/objects/05/2ac756b2a13ad8a3aa101b73938b9fac6b825b +0 -0
- data/.git/objects/05/f886db46171205b6825bab13d09d4a84eac924 +1 -0
- data/.git/objects/06/36fc4df5c143701f776224ac2c1919caa1015e +0 -0
- data/.git/objects/06/b74f85798d83fd9564df0e823bbc883066159d +0 -0
- data/.git/objects/06/df44c48723053a1d9aa7c4df34783767338c65 +0 -0
- data/.git/objects/0a/e804aae1d90b10a729c2068afb73ce574bb87b +0 -0
- data/.git/objects/0c/0429d424005185b0980358585b1d17db9fd744 +3 -0
- data/.git/objects/10/a8ba241a55add0ad0122ba391a7fbf760f44ff +0 -0
- data/.git/objects/12/2816e32e10d9a156a6db6a7a031c7599eb2f2d +0 -0
- data/.git/objects/1a/7dc91c02932654ebb5ad877504f6ef5ced337f +0 -0
- data/.git/objects/1b/e95a310e100d713811f9f2490a02dafef51a53 +0 -0
- data/.git/objects/1d/164cb759be800934f9933add81b4b8b674b4c4 +0 -0
- data/.git/objects/1e/267701dc736da31cc52b18f5320bc8af164e0b +0 -0
- data/.git/objects/20/7ae5019dd8e2774f29006a18ee7460d5fa4c8e +0 -0
- data/.git/objects/23/c024cf097ab7c21c7f3dfed33ca13ac86dca7d +0 -0
- data/.git/objects/2a/acba1b900b3f416efaa082d370a17110d48959 +0 -0
- data/.git/objects/2b/907bb5ddd3add20d9b3c47f3a4de8c28f26fc1 +0 -0
- data/.git/objects/30/0e5734f7686782ce1d59ca075ab8cda0c6b0f1 +0 -0
- data/.git/objects/33/47bb8c06785d895bd61178a1767f5fa007a815 +1 -0
- data/.git/objects/38/63ea8b71e08d07c3c73c475e1194bd62c061d3 +0 -0
- data/.git/objects/40/0d47b25c38ad7561049aaafd806b7409e452ce +0 -0
- data/.git/objects/41/ddc7cf35ba287bb797e05f87c10b2c9d95c32c +1 -0
- data/.git/objects/43/c66ae8d731b2fb22181dc26e2566b9913f6884 +1 -0
- data/.git/objects/45/70f9d388051f951f88c6fdc19f3f571447ec2e +0 -0
- data/.git/objects/46/6c0db9320b37dcd17546ab193a32ea650213eb +0 -0
- data/.git/objects/48/e861479df37de34b7048c9b6782dbe3859194d +2 -0
- data/.git/objects/4b/0d08fbf1154cd40bbb59d3a216169a2080f5d1 +0 -0
- data/.git/objects/4b/1e135e9977fb3912f4ac4ed37cc6cffcd36499 +2 -0
- data/.git/objects/4b/c0c4eccdfc87ba9d1e4ca2f33aa72fcac9abee +1 -0
- data/.git/objects/4d/d0ffb78ac5a5e9c4a5983db4567330a8716c53 +2 -0
- data/.git/objects/51/13f1339b8e19c5ae354a0ab1d76108de880e20 +1 -0
- data/.git/objects/51/307ca8e26fbc0e4739fd92d601ee23e7bef1bc +0 -0
- data/.git/objects/51/3245a8ed94a313de9c9be99d0436cafa5f4542 +0 -0
- data/.git/objects/54/b077a9d526950853ba636334c5990a8b2c8f61 +0 -0
- data/.git/objects/55/f2a4f9a642b2c9f19da6fcbfad18a22f4b11db +1 -0
- data/.git/objects/57/290bb57831f06c2bcbcd595e41b697cb9fdda0 +0 -0
- data/.git/objects/58/c15481406ff1e499d4bbb1c21307febcffddac +3 -0
- data/.git/objects/58/c8e3e72c7a3abafb592ea976d97d0b20ad0fc6 +0 -0
- data/.git/objects/5c/976353c0a2cfc62c4d34984c584cf417c159a9 +0 -0
- data/.git/objects/5f/24b3bc498af8cad5fc6e716000c075508dd943 +0 -0
- data/.git/objects/60/3641051ae4ab5a752d193d74392054061a48fa +0 -0
- data/.git/objects/60/dbcc289e60f8b3da1e991363c2cbb8a7c99c6d +0 -0
- data/.git/objects/61/c78a8eb5ffc9950557b7272e53081aa017573a +0 -0
- data/.git/objects/61/e03d8b4183e9f2cc7df513404c2418a082ed85 +0 -0
- data/.git/objects/63/1963958c536aefc53d6f7bd223437dfc8e38cd +1 -0
- data/.git/objects/63/41d2a2e4b4a4162508e71a083217a82c3aec03 +0 -0
- data/.git/objects/64/17a7d6015ca8f08b4546dcd7287e69fd582785 +0 -0
- data/.git/objects/64/7fc20f107fb01a9794eba14b09d1cf3121e7bc +0 -0
- data/.git/objects/65/a88502ec8a0954ff3e76f929b557cdf50f4722 +0 -0
- data/.git/objects/68/7dc39053fe33f329e8a7855398665f551527b8 +0 -0
- data/.git/objects/6c/0c6c6cbc9665d97ce2491ba6ac7a29a1155e4b +0 -0
- data/.git/objects/6e/7226031cde35145ea66c752bad85e0a11ea2f8 +0 -0
- data/.git/objects/6e/955eab29caadddfad72648b4e1703236386afe +0 -0
- data/.git/objects/70/26baacb1cd50ec6811585ec72039ef4a80d056 +0 -0
- data/.git/objects/73/e4dda845ab8a485baba1d66308ef259be257b4 +0 -0
- data/.git/objects/74/3a8939b2404dd251c92ea7952bc12274909895 +2 -0
- data/.git/objects/75/c06bfe5777b19b6f74c4dfa61696e1792c2cac +0 -0
- data/.git/objects/76/f78ed25dd72a38d89c789bce887315af9b1c69 +0 -0
- data/.git/objects/78/55dde954f648e6709233d468b18abfd2b09c84 +0 -0
- data/.git/objects/7a/3d0238f68331516604a5ad0af97cc08a8f2dba +0 -0
- data/.git/objects/7b/1dc1634d030aecc3da2e5c0071e068f2b44f51 +0 -0
- data/.git/objects/7e/440e15f76e27ce3ea2e94e819fc419bd5151ba +0 -0
- data/.git/objects/81/80eff002e186f8063fed7960d87755d0897d75 +0 -0
- data/.git/objects/82/0f726ca5bab149eb210a8ba146091fee24c738 +3 -0
- data/.git/objects/86/a06a4d1338d52898428e1c9319d9c5e8aa59fa +0 -0
- data/.git/objects/87/3e0922c1acb90101e87d326a0169ebaabdd33c +1 -0
- data/.git/objects/8a/3812be98a369fe0e8cccc55a62f07d17a91564 +0 -0
- data/.git/objects/8c/36ed19589e79aad56ca6830f64d70957404439 +0 -0
- data/.git/objects/8d/3596107a3370569a3158a840725e277b6b7158 +0 -0
- data/.git/objects/8f/1a1c899b95fb0ed7c64a9eb6409531b3306f0b +0 -0
- data/.git/objects/92/466bae88d3b67a2a7a40b5f0b839d599521799 +2 -0
- data/.git/objects/93/6345e959230a8f726fc93df655172fce52ae71 +0 -0
- data/.git/objects/98/885187160cc69c2351eac3e6b6a7fe4d5199e2 +0 -0
- data/.git/objects/98/d466e442ed75971bc787b5c5f7e21ed01196e2 +0 -0
- data/.git/objects/9f/11bc6b273cd01ab96e03f7fe9b6f8734ddf88e +0 -0
- data/.git/objects/a2/2431d00b3163b528af17ace0bc97d1512b5786 +3 -0
- data/.git/objects/a6/91c826ef7d39142e3c2c38caa57ac976b51ce6 +2 -0
- data/.git/objects/a7/4368a861be3c0712ad60379ca6cccd2647cbd6 +3 -0
- data/.git/objects/a9/4d09184397003b1250ab62b49a223581b50233 +0 -0
- data/.git/objects/af/b59e7fc6cd7476d414ed36aa11779fc0c11df1 +0 -0
- data/.git/objects/b0/fe19f390b13fe911e43a75ee2824056ab3a0e9 +0 -0
- data/.git/objects/b2/5ec852d2d32e554d177c9ea8d5ce97b2282e31 +0 -0
- data/.git/objects/b3/cd37f88978e5fcf67122a11cc7155937e29497 +0 -0
- data/.git/objects/b4/3fb1b0df411dc9894caaae8cb2273703182dcb +3 -0
- data/.git/objects/b4/7169f4ffcf8660870532dd3d4514071bc71906 +0 -0
- data/.git/objects/bc/69a77b34d39b908c534274b90e5cad82bdc754 +0 -0
- data/.git/objects/bc/7c4496513a817136074987a37df17a52bbe051 +0 -0
- data/.git/objects/c0/3882a1fcd3514f959d120a2ffba38bf57b38f2 +0 -0
- data/.git/objects/c8/461b03051df4f898803891ebafcd61783c86f9 +0 -0
- data/.git/objects/c8/a01e4143bd5b2be18f010b798b7dd3b8f9105f +2 -0
- data/.git/objects/c9/774d170ff4095d761b9ea9664c09bb2115acde +0 -0
- data/.git/objects/c9/d38570d3faf0a63a5fed4704e2a5c8f2dab339 +2 -0
- data/.git/objects/d1/554c16fd083b302a382a95189ac16e473c2eed +0 -0
- data/.git/objects/d7/2ba02f2e0eac4cba0e716094f49599855cae93 +0 -0
- data/.git/objects/d7/c473912974eae248eacbfec31b31f33e529f6f +0 -0
- data/.git/objects/d8/f00995fdf1f7b4427d5340cba61b1609a7ecf5 +0 -0
- data/.git/objects/da/4005e1b3b13f01e5b21ec9bfe590c365d8f1f8 +0 -0
- data/.git/objects/dd/11f4a70a4656ed4d662da5e6ef97f06979fef3 +0 -0
- data/.git/objects/df/102328122c4d77469f75c6cc283b00108bd1ed +1 -0
- data/.git/objects/e0/bb46327d0309abfc4270f1a08236ac553f6904 +0 -0
- data/.git/objects/e1/3f9d993e291a95855a572f8930725c35fec46b +2 -0
- data/.git/objects/e1/61e8bc95c33fe692ce06bb053977c8c16b99b5 +0 -0
- data/.git/objects/e4/295d94f0d49a61cb1f4d194583f8cd5b25b6d7 +0 -0
- data/.git/objects/e5/e048cfde3b8d1e7c809b03c9513115e99cb9a3 +0 -0
- data/.git/objects/e7/c9678755361390c9e821a6d45d8d24b3b28b08 +2 -0
- data/.git/objects/ea/d1592a9a1fe10a395b2be87b6cf987597c27eb +0 -0
- data/.git/objects/ec/db4c8cd1c16ecaaff88132e743f6565c262b51 +2 -0
- data/.git/objects/f5/3d1a5c95bed282fb1a3903cf22b998c3064994 +0 -0
- data/.git/objects/f6/949d684b3f9dd514bfd715c68db30a63bc923f +0 -0
- data/.git/objects/f9/1356d21b11fcb0856c9ff1241b35d24510df61 +0 -0
- data/.git/objects/f9/7d39f4963d8bceef8ca667a6a31ac619d131c6 +0 -0
- data/.git/objects/f9/cfdf290b3d42c9045a835224625f1f09dd53cd +0 -0
- data/.git/refs/heads/master +1 -1
- data/.git/refs/heads/use-ami +1 -0
- data/.git/refs/remotes/origin/master +1 -1
- data/.git/refs/remotes/origin/use-ami +1 -0
- data/.git/refs/stash +1 -1
- data/.git/refs/tags/0.1.32 +1 -0
- data/.git/refs/tags/0.1.37 +1 -0
- data/lib/stacco/stack.rb +4 -1
- data/priv/layers/admin-api.json +0 -13
- data/priv/layers/client-api.json +0 -13
- data/priv/layers/db.json +57 -30
- data/priv/layers/task-generate-base-image.json +7 -4
- data/priv/roles/Backend.sh +7 -15
- data/priv/roles/BaseImageGenerator.sh +23 -44
- data/priv/roles/Common.sh +9 -40
- data/priv/roles/NAT.sh +0 -4
- data/priv/stack.json.erb +2 -1
- metadata +122 -2
data/priv/layers/client-api.json
CHANGED
@@ -131,19 +131,6 @@
|
|
131
131
|
"KeyName": {"Ref": "IAMKeypairNameVar"},
|
132
132
|
"SecurityGroups": [{"Ref": "FrontendSecurityGroup"}],
|
133
133
|
|
134
|
-
"BlockDeviceMappings": [
|
135
|
-
{"DeviceName": "/dev/xvdc", "Ebs": {
|
136
|
-
"SnapshotId": {"Ref": "DockerLibrarySnapshotVar"},
|
137
|
-
"VolumeSize": "50",
|
138
|
-
"VolumeType" : "gp2"
|
139
|
-
}},
|
140
|
-
|
141
|
-
{"DeviceName": "/dev/xvdd", "Ebs": {
|
142
|
-
"VolumeSize": "300",
|
143
|
-
"VolumeType" : "gp2"
|
144
|
-
}}
|
145
|
-
],
|
146
|
-
|
147
134
|
"UserData": {"Fn::Base64": {"Fn::Join": ["", [
|
148
135
|
"#!/bin/bash\n",
|
149
136
|
"export AWS_REGION='", {"Ref": "AWS::Region"}, "'\n",
|
data/priv/layers/db.json
CHANGED
@@ -1,62 +1,89 @@
|
|
1
1
|
{
|
2
2
|
"Resources": {
|
3
3
|
|
4
|
-
"DBSubnet"
|
5
|
-
"Type"
|
6
|
-
"Properties"
|
7
|
-
"VpcId"
|
8
|
-
"CidrBlock"
|
9
|
-
"AvailabilityZone"
|
4
|
+
"DBSubnet": {
|
5
|
+
"Type": "AWS::EC2::Subnet",
|
6
|
+
"Properties": {
|
7
|
+
"VpcId": {"Ref": "VPC"},
|
8
|
+
"CidrBlock": {"Fn::FindInMap": [ "SubnetConfig", "DB", "CIDR" ]},
|
9
|
+
"AvailabilityZone": {"Fn::Join": ["", [{"Ref": "AWS::Region"}, {"Fn::FindInMap": [ "SubnetConfig", "DB", "AvailabilityZone" ]}]]}
|
10
10
|
}
|
11
11
|
},
|
12
12
|
|
13
|
-
"DBSubnetRouteTableAssociation"
|
14
|
-
"Type"
|
15
|
-
"Properties"
|
16
|
-
"SubnetId"
|
17
|
-
"RouteTableId"
|
13
|
+
"DBSubnetRouteTableAssociation": {
|
14
|
+
"Type": "AWS::EC2::SubnetRouteTableAssociation",
|
15
|
+
"Properties": {
|
16
|
+
"SubnetId": {"Ref": "DBSubnet"},
|
17
|
+
"RouteTableId": {"Ref": "PrivateRouteTable"}
|
18
18
|
}
|
19
19
|
},
|
20
20
|
|
21
|
-
"DBSubnetNetworkAclAssociation"
|
22
|
-
"Type"
|
23
|
-
"Properties"
|
24
|
-
"SubnetId"
|
25
|
-
"NetworkAclId"
|
21
|
+
"DBSubnetNetworkAclAssociation": {
|
22
|
+
"Type": "AWS::EC2::SubnetNetworkAclAssociation",
|
23
|
+
"Properties": {
|
24
|
+
"SubnetId": {"Ref": "DBSubnet"},
|
25
|
+
"NetworkAclId": {"Ref": "PrivateNetworkAcl"}
|
26
26
|
}
|
27
27
|
},
|
28
28
|
|
29
|
-
"
|
29
|
+
"DBConfig": {
|
30
|
+
"Type": "AWS::RDS::DBParameterGroup",
|
31
|
+
|
32
|
+
"Properties": {
|
33
|
+
"Description": "Stacco-controlled DB configuration",
|
34
|
+
"Family": "postgres9.3",
|
35
|
+
|
36
|
+
"Parameters": {
|
37
|
+
"client_min_messages": "warning",
|
38
|
+
"log_checkpoints": "0",
|
39
|
+
"log_duration": "0",
|
40
|
+
"log_filename": "postgresql.log.%Y-%m-%d",
|
41
|
+
"log_min_duration_statement": "500",
|
42
|
+
"log_min_messages": "info",
|
43
|
+
"log_rotation_age": "1440",
|
44
|
+
"log_rotation_size": "2097151",
|
45
|
+
"log_statement": "mod",
|
46
|
+
"log_statement_stats": "0",
|
47
|
+
"statement_timeout": "600000",
|
48
|
+
"track_activities": "1",
|
49
|
+
"track_counts": "1",
|
50
|
+
"track_io_timing": "1"
|
51
|
+
}
|
52
|
+
}
|
53
|
+
},
|
54
|
+
|
55
|
+
"DB": {
|
30
56
|
"Type": "AWS::RDS::DBInstance",
|
31
|
-
"DeletionPolicy"
|
57
|
+
"DeletionPolicy": "Snapshot",
|
32
58
|
"Properties": {
|
33
59
|
"DBInstanceClass": "db.m3.medium",
|
34
60
|
"MultiAZ": "true",
|
35
61
|
"DBSubnetGroupName": {"Ref": "DBSubnets"},
|
36
|
-
"VPCSecurityGroups": [{
|
62
|
+
"VPCSecurityGroups": [{"Ref": "DBSecurityGroup"}],
|
37
63
|
|
38
64
|
"AllocatedStorage": "80",
|
39
65
|
"Engine": "Postgres",
|
40
66
|
"EngineVersion": "9.3.3",
|
67
|
+
"DBParameterGroupName": {"Ref": "DBConfig"},
|
41
68
|
|
42
|
-
"MasterUsername": {
|
43
|
-
"MasterUserPassword": {
|
69
|
+
"MasterUsername": {"Ref": "DBAdminUsernameVar"},
|
70
|
+
"MasterUserPassword": {"Ref": "DBAdminPasswordVar"}
|
44
71
|
}
|
45
72
|
},
|
46
73
|
|
47
74
|
"DBSubnets": {
|
48
|
-
"Type"
|
49
|
-
"Properties"
|
50
|
-
"DBSubnetGroupDescription"
|
51
|
-
"SubnetIds"
|
75
|
+
"Type": "AWS::RDS::DBSubnetGroup",
|
76
|
+
"Properties": {
|
77
|
+
"DBSubnetGroupDescription": "Span Private and DB subnets for MultiAZ",
|
78
|
+
"SubnetIds": [ {"Ref": "PrivateSubnet"}, {"Ref": "DBSubnet"} ]
|
52
79
|
}
|
53
80
|
},
|
54
81
|
|
55
|
-
"DBSecurityGroup"
|
56
|
-
"Type"
|
57
|
-
"Properties"
|
58
|
-
"GroupDescription"
|
59
|
-
"VpcId"
|
82
|
+
"DBSecurityGroup": {
|
83
|
+
"Type": "AWS::EC2::SecurityGroup",
|
84
|
+
"Properties": {
|
85
|
+
"GroupDescription": "Database access",
|
86
|
+
"VpcId": {"Ref": "VPC"},
|
60
87
|
"SecurityGroupIngress": [],
|
61
88
|
"SecurityGroupEgress": [
|
62
89
|
{"IpProtocol": "-1", "CidrIp": "0.0.0.0/0"}
|
@@ -32,7 +32,7 @@
|
|
32
32
|
},
|
33
33
|
"Properties" : {
|
34
34
|
"InstanceType": "m3.large",
|
35
|
-
"ImageId": {"Ref": "
|
35
|
+
"ImageId": {"Ref": "BaseAMIVar"},
|
36
36
|
"KeyName": {"Ref": "IAMKeypairNameVar"},
|
37
37
|
|
38
38
|
"NetworkInterfaces": [{
|
@@ -45,7 +45,12 @@
|
|
45
45
|
|
46
46
|
"BlockDeviceMappings": [
|
47
47
|
{"DeviceName": "/dev/xvdc", "Ebs": {
|
48
|
-
"VolumeSize": "5"
|
48
|
+
"VolumeSize": "5",
|
49
|
+
"VolumeType" : "gp2"
|
50
|
+
}},
|
51
|
+
{"DeviceName": "/dev/xvdd", "Ebs": {
|
52
|
+
"VolumeSize": "50",
|
53
|
+
"VolumeType" : "gp2"
|
49
54
|
}}
|
50
55
|
],
|
51
56
|
|
@@ -56,8 +61,6 @@
|
|
56
61
|
"export AWS_INSTANCE_LOGICAL_NAME='BaseImageGenerator'\n",
|
57
62
|
"export AWS_INSTANCE_WAIT_HANDLE='", {"Ref": "BaseImageGeneratorReadyWaitHandle"}, "'\n",
|
58
63
|
{"Ref": "UserDataEnvironmentVar"}, "\n",
|
59
|
-
{"Ref": "CommonRoleScriptVar"}, "\n",
|
60
|
-
{"Ref": "DockerHostRoleScriptVar"}, "\n",
|
61
64
|
{"Ref": "BaseImageGeneratorRoleScriptVar"}, "\n"
|
62
65
|
]]}}
|
63
66
|
}
|
data/priv/roles/Backend.sh
CHANGED
@@ -41,9 +41,15 @@ EOF
|
|
41
41
|
chmod a+x /usr/local/sbin/bexng-before-start
|
42
42
|
|
43
43
|
|
44
|
-
|
44
|
+
echo "starting docker operations"
|
45
45
|
docker-utils bootstrap
|
46
46
|
|
47
|
+
if [ "${WALLET_NETWORK}" = "testnet3" ]; then
|
48
|
+
docker run --name='bitcoind-data' --volumes-from='tbtc-data' tianon/true:latest
|
49
|
+
else
|
50
|
+
docker run --name='bitcoind-data' --volumes-from='btc-data' tianon/true:latest
|
51
|
+
fi
|
52
|
+
|
47
53
|
docker-utils define-ambassador-service "postgresql" \
|
48
54
|
"${DB_HOST}" "${DB_PORT}"
|
49
55
|
|
@@ -62,20 +68,6 @@ docker-utils define-service "bexio/bexng-frontend" \
|
|
62
68
|
--dependency "bexng" \
|
63
69
|
--publish="80:8080"
|
64
70
|
|
65
|
-
|
66
|
-
echo "bootstrapping bitcoind service"
|
67
|
-
start bitcoind
|
68
|
-
stop bitcoind
|
69
|
-
bitcoind_data_volume=$(docker inspect -f '{{.Volumes}}' bitcoind-data | tr '[]' ' ' | cut -d' ' -f 2 | cut -d':' -f 2)
|
70
|
-
pushd "${bitcoind_data_volume}" >/dev/null
|
71
|
-
until aws --region="${AWS_REGION}" s3 sync --delete "s3://bex-blockchain-${WALLET_NETWORK}/" "./"; do
|
72
|
-
echo "error occurred in sync; retrying"
|
73
|
-
sleep 0.2
|
74
|
-
done
|
75
|
-
|
76
|
-
find . -name "*.gz" -exec gunzip -v \{\} \;
|
77
|
-
popd >/dev/null
|
78
|
-
|
79
71
|
echo "starting docker-container services..."
|
80
72
|
start bitcoind
|
81
73
|
start postgresql
|
@@ -25,63 +25,42 @@ set -e
|
|
25
25
|
export HOME=/root
|
26
26
|
cd "$HOME"
|
27
27
|
|
28
|
-
echo "ensuring internet connectivity..."
|
29
|
-
curl -sL -I -o /dev/null --fail --show-error --retry 100 'http://bex-status.s3.amazonaws.com/status.json'
|
30
|
-
echo "found an internet connection."
|
31
|
-
|
32
|
-
echo "configuring hostname from aws metadata service"
|
33
|
-
host_title="${AWS_STACK_NAME}-$(echo "${AWS_INSTANCE_LOGICAL_NAME}" | sed 's/LaunchConfiguration$//')"
|
34
|
-
private_hostname=$(curl -sL http://169.254.169.254/latest/meta-data/local-hostname)
|
35
|
-
short_private_hostname=$(echo "${private_hostname}" | cut -d'.' -f 1)
|
36
|
-
echo "${host_title}" > /etc/hostname
|
37
|
-
hostname -b -F /etc/hostname
|
38
|
-
sed -i '/127\.0\./d' /etc/hosts
|
39
|
-
cat >>/etc/hosts <<EOF
|
40
|
-
127.0.0.1 localhost
|
41
|
-
127.0.1.1 ${private_hostname} ${host_title} ${short_private_hostname}
|
42
|
-
EOF
|
43
|
-
|
44
28
|
echo "enabling mirroring for security apt sources"
|
45
29
|
sed -i "s/security\.ubuntu\.com/${AWS_REGION}.ec2.archive.ubuntu.com/g" /etc/apt/sources.list
|
46
30
|
|
47
|
-
echo "disablng kernel and initramfs updates"
|
48
|
-
echo $(dpkg -l "*$(uname -r)*" | grep image | awk '{print $2}') hold | dpkg --set-selections
|
49
|
-
sed -i 's/=yes/=no/g' /etc/initramfs-tools/update-initramfs.conf
|
50
|
-
|
51
31
|
echo "adding vendor apt sources"
|
52
32
|
apt-key adv --keyserver 'hkp://pgp.mit.edu:80' --recv-keys 'C43C79AD'
|
53
33
|
echo "deb http://rep.logentries.com/ trusty main" > /etc/apt/sources.list.d/logentries.list
|
54
34
|
|
55
35
|
echo "installing packages"
|
56
|
-
|
57
|
-
|
58
|
-
apt-get
|
59
|
-
|
36
|
+
afg() {
|
37
|
+
DEBIAN_FRONTEND=noninteractive \
|
38
|
+
apt-get -q -y --force-yes \
|
39
|
+
-o Dpkg::Options::="--force-confnew" \
|
40
|
+
$@
|
41
|
+
}
|
42
|
+
|
43
|
+
afg clean
|
44
|
+
afg update
|
45
|
+
afg dist-upgrade
|
46
|
+
afg install htop tree btrfs-tools xz-utils logentries kexec-tools debconf-utils
|
47
|
+
afg install python-setuptools python-pip python-setproctitle bundler ruby-nokogiri
|
48
|
+
afg clean
|
49
|
+
|
50
|
+
debconf-set-selections <<EOF
|
51
|
+
kexec-tools kexec-tools/load_kexec boolean true
|
52
|
+
kexec-tools kexec-tools/use_grub_config boolean true
|
53
|
+
EOF
|
54
|
+
|
55
|
+
|
60
56
|
pip install -q awscli
|
61
57
|
gem install -q --no-rdoc --no-ri aws-sdk docker-utils
|
62
58
|
|
63
|
-
|
64
|
-
|
65
|
-
host_key=$(docker-utils get-host-uuid "${AWS_INSTANCE_LOGICAL_NAME}.${AWS_STACK_NAME}")
|
66
|
-
le init --account-key="${LOGENTRIES_ACCOUNT_KEY}" --agent-key="${host_key}"
|
67
|
-
le register --force --name="${host_title}" --hostname="${private_hostname}"
|
68
|
-
apt-get install -qy logentries-daemon 2>/dev/null || :
|
69
|
-
|
70
|
-
logs_to_follow="syslog messages dmesg auth.log boot.log daemon.log dpkg.log kern.log cron secure faillog cloud-init-output.log"
|
71
|
-
for log_name in ${logs_to_follow}; do
|
72
|
-
log_path="/var/log/${log_name}"
|
73
|
-
if [ -f "${log_path}" ]; then
|
74
|
-
log_name=$(basename "${log_path}" '.log')
|
75
|
-
le follow --name="${log_name}" "${log_path}" 2>/dev/null 1>&2
|
76
|
-
fi
|
77
|
-
done
|
78
|
-
|
79
|
-
service logentries restart
|
80
|
-
fi
|
59
|
+
touch /etc/default/logentries_not_to_be_run
|
60
|
+
apt-get install -qy logentries-daemon 2>/dev/null || :
|
81
61
|
|
82
62
|
echo "installing aws cfn-tools"
|
83
|
-
easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz
|
84
|
-
cfn-init --region="${AWS_REGION}" --stack="${AWS_STACK_NAME}" --resource="${AWS_INSTANCE_LOGICAL_NAME}" || die 'Failed to run cfn-init'
|
63
|
+
easy_install "https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz"
|
85
64
|
|
86
65
|
docker-utils bootstrap
|
87
66
|
|
data/priv/roles/Common.sh
CHANGED
@@ -6,6 +6,7 @@ _exit_handler(){
|
|
6
6
|
echo "Stacco cloud-init handler finished"
|
7
7
|
cfn-signal -s true "${AWS_INSTANCE_WAIT_HANDLE}"
|
8
8
|
else
|
9
|
+
sleep 1000
|
9
10
|
echo "Stacco cloud-init handler aborted (${exit_code}: ${_exit_handler_reason})"
|
10
11
|
cfn-signal -e "${exit_code}" -r "${_exit_handler_reason}" "${AWS_INSTANCE_WAIT_HANDLE}"
|
11
12
|
fi
|
@@ -13,24 +14,11 @@ _exit_handler(){
|
|
13
14
|
exit "${exit_code}"
|
14
15
|
}
|
15
16
|
trap _exit_handler EXIT
|
16
|
-
|
17
|
-
die(){
|
18
|
-
_exit_handler_reason="$1"
|
19
|
-
echo "error: $1" >&2
|
20
|
-
exit 1
|
21
|
-
}
|
22
|
-
|
23
17
|
set -e
|
24
18
|
|
25
|
-
|
26
|
-
|
27
19
|
export HOME=/root
|
28
20
|
cd "$HOME"
|
29
21
|
|
30
|
-
echo "ensuring internet connectivity..."
|
31
|
-
curl -sL -I -o /dev/null --fail --show-error --retry 100 'http://bex-status.s3.amazonaws.com/status.json'
|
32
|
-
echo "found an internet connection."
|
33
|
-
|
34
22
|
echo "configuring hostname from aws metadata service"
|
35
23
|
host_title="${AWS_STACK_NAME}-$(echo "${AWS_INSTANCE_LOGICAL_NAME}" | sed 's/LaunchConfiguration$//')"
|
36
24
|
private_hostname=$(curl -sL http://169.254.169.254/latest/meta-data/local-hostname)
|
@@ -43,45 +31,26 @@ cat >>/etc/hosts <<EOF
|
|
43
31
|
127.0.1.1 ${private_hostname} ${host_title} ${short_private_hostname}
|
44
32
|
EOF
|
45
33
|
|
46
|
-
echo "enabling mirroring for security apt sources"
|
47
|
-
sed -i "s/security\.ubuntu\.com/${AWS_REGION}.ec2.archive.ubuntu.com/g" /etc/apt/sources.list
|
48
|
-
|
49
|
-
echo "disablng kernel and initramfs updates"
|
50
|
-
echo $(dpkg -l "*$(uname -r)*" | grep image | awk '{print $2}') hold | dpkg --set-selections
|
51
|
-
sed -i 's/=yes/=no/g' /etc/initramfs-tools/update-initramfs.conf
|
52
|
-
|
53
|
-
echo "adding vendor apt sources"
|
54
|
-
apt-key adv --keyserver 'hkp://pgp.mit.edu:80' --recv-keys 'C43C79AD'
|
55
|
-
echo "deb http://rep.logentries.com/ trusty main" > /etc/apt/sources.list.d/logentries.list
|
56
|
-
|
57
|
-
echo "installing packages"
|
58
|
-
apt-get clean
|
59
|
-
apt-get update
|
60
|
-
apt-get upgrade -qy
|
61
|
-
apt-get install -qy python-setuptools python-pip python-setproctitle htop tree btrfs-tools xz-utils logentries bundler ruby-nokogiri
|
62
|
-
pip install -q awscli
|
63
|
-
gem install -q --no-rdoc --no-ri aws-sdk docker-utils
|
64
34
|
|
65
35
|
if [ -n "$LOGENTRIES_ACCOUNT_KEY" ]; then
|
36
|
+
le clean
|
37
|
+
rm -f /etc/default/logentries_not_to_be_run
|
38
|
+
|
66
39
|
echo "starting remote logging"
|
67
40
|
host_key=$(docker-utils get-host-uuid "${AWS_INSTANCE_LOGICAL_NAME}.${AWS_STACK_NAME}")
|
41
|
+
|
68
42
|
le init --account-key="${LOGENTRIES_ACCOUNT_KEY}" --agent-key="${host_key}"
|
69
43
|
le register --force --name="${host_title}" --hostname="${private_hostname}"
|
70
|
-
|
44
|
+
service logentries start
|
71
45
|
|
72
|
-
logs_to_follow=
|
73
|
-
for log_name in ${logs_to_follow}; do
|
46
|
+
logs_to_follow=(syslog messages dmesg auth.log boot.log daemon.log dpkg.log kern.log cron secure faillog cloud-init-output.log)
|
47
|
+
for log_name in "${logs_to_follow[@]}"; do
|
74
48
|
log_path="/var/log/${log_name}"
|
75
49
|
if [ -f "${log_path}" ]; then
|
76
50
|
log_name=$(basename "${log_path}" '.log')
|
77
|
-
le follow --name="${log_name}" "${log_path}"
|
51
|
+
le follow --name="${log_name}" "${log_path}"
|
78
52
|
fi
|
79
53
|
done
|
80
54
|
|
81
55
|
service logentries restart
|
82
56
|
fi
|
83
|
-
|
84
|
-
echo "installing aws cfn-tools"
|
85
|
-
easy_install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz
|
86
|
-
cfn-init --region="${AWS_REGION}" --stack="${AWS_STACK_NAME}" --resource="${AWS_INSTANCE_LOGICAL_NAME}" || die 'Failed to run cfn-init'
|
87
|
-
|
data/priv/roles/NAT.sh
CHANGED
@@ -21,8 +21,4 @@ sysctl -q -w net.ipv4.ip_forward=1 net.ipv4.conf.eth0.send_redirects=0 && (
|
|
21
21
|
sysctl net.ipv4.ip_forward net.ipv4.conf.eth0.send_redirects
|
22
22
|
iptables -n -t nat -L POSTROUTING
|
23
23
|
|
24
|
-
# reset PrivateRouteThroughBastionBox to point to this instance
|
25
|
-
AWS_INSTANCE_ID=$(curl -sL http://169.254.169.254/latest/meta-data/instance-id)
|
26
|
-
aws --region="${AWS_REGION}" ec2 replace-route --route-table-id "${NAT_PRIVATE_ROUTE_TABLE}" --destination-cidr-block "0.0.0.0/0" --instance-id "${AWS_INSTANCE_ID}"
|
27
|
-
|
28
24
|
echo "Configuration of NAT complete."
|
data/priv/stack.json.erb
CHANGED
@@ -3,8 +3,9 @@
|
|
3
3
|
"Description": <%= j stack.description %>,
|
4
4
|
|
5
5
|
"Parameters" : {
|
6
|
+
"BaseAMIVar": {"Type": "String", "Default": "ami-ddaed3ed"},
|
6
7
|
"InstanceAMIVar": {"Type": "String", "Default": "ami-ddaed3ed"},
|
7
|
-
|
8
|
+
|
8
9
|
"IAMKeypairNameVar": {"Type": "String", "MinLength": "5"},
|
9
10
|
|
10
11
|
<% stack.roles.each do |role_name| %>
|