Compare commits

...

16 Commits

Author SHA1 Message Date
Maidul Islam
bf7801f8c1 update service type 2023-03-14 14:35:53 -07:00
Maidul Islam
753e9250d1 rename both servces to have same name 2023-03-14 14:34:19 -07:00
Maidul Islam
6b6b15f3ea add back health check 2023-03-14 13:10:04 -07:00
Maidul Islam
040d93080f update docker file 2023-03-14 12:58:55 -07:00
Maidul Islam
3d32882cef remove root path 2023-03-14 12:43:40 -07:00
Maidul Islam
620c453b12 bring back render.yaml to root 2023-03-14 12:40:17 -07:00
Maidul Islam
4d8d1f721c delete render.yaml from root 2023-03-14 12:38:16 -07:00
Maidul Islam
9e4267a5d8 add to self host folder render 2023-03-14 12:37:19 -07:00
Maidul Islam
40f95e0cc5 disable auto deploy 2023-03-14 12:34:43 -07:00
Maidul Islam
43cc398ef0 remove health check from render 2023-03-14 12:33:10 -07:00
Maidul Islam
e99ea1f573 render: add backend health check 2023-03-14 12:23:07 -07:00
Maidul Islam
034f473e58 add render one click 2023-03-14 12:22:16 -07:00
Maidul Islam
759220263f Rename cf template to .template 2023-03-14 09:02:30 -07:00
Maidul Islam
14e3f62b95 updated userData script for ec2 deploy 2023-03-13 23:52:13 -07:00
Maidul Islam
4d1462624b update template Description 2023-03-11 14:15:42 -08:00
Maidul Islam
51657449af add aws cloudformation 2023-03-11 14:10:31 -08:00
4 changed files with 209 additions and 0 deletions

31
render.yaml Normal file
View File

@@ -0,0 +1,31 @@
services:
# A Docker web service
- type: web
name: infisical
env: docker
dockerfilePath: ./self-host/render/Dockerfile.frontend
autoDeploy: false
healthCheckPath: /
- type: web
name: infisical
env: docker
dockerfilePath: ./self-host/render/Dockerfile.backend
autoDeploy: false
healthCheckPath: /api/status
envVars:
- fromGroup: backend-environment-variables
- key: MONGO_URL
sync: false
envVarGroups:
- name: backend-environment-variables
envVars:
- key: ENCRYPTION_KEY
generateValue: true
- key: JWT_SIGNUP_SECRET
generateValue: true
- key: JWT_REFRESH_SECRET
generateValue: true
- key: JWT_SERVICE_SECRET
generateValue: true

View File

@@ -0,0 +1,176 @@
AWSTemplateFormatVersion: 2010-09-09
Description: >-
CloudFormation template to deploy Infisical on a EC2 instance with a
DocumentDB instance
Parameters:
KeyPairName:
Description: The name of the EC2 Key Pair to enable SSH access to the instance
Type: "AWS::EC2::KeyPair::KeyName"
VpcId:
Description: The ID of the VPC in which to launch the instance
Type: "AWS::EC2::VPC::Id"
DocumentDBUsername:
Description: The username for the DocumentDB instance
Type: String
MinLength: 5
DocumentDBPassword:
Description: The password for the DocumentDB instance (minimum 8 characters)
Type: String
MinLength: 8
NoEcho: true
Resources:
DocumentDBCluster:
Type: "AWS::DocDB::DBCluster"
Properties:
EngineVersion: 4.0.0
StorageEncrypted: true
MasterUsername: !Ref DocumentDBUsername
MasterUserPassword: !Ref DocumentDBPassword
VpcSecurityGroupIds:
- !Ref DocumentDBClusterSecurityGroup
DBClusterParameterGroupName: !Ref DBClusterParameterGroup
Metadata:
"AWS::CloudFormation::Designer":
id: 73b974cf-eed3-4f7d-8657-6a6746bac169
DependsOn:
- DBClusterParameterGroup
DBClusterParameterGroup:
Type: "AWS::DocDB::DBClusterParameterGroup"
Properties:
Description: "description"
Family: "docdb4.0"
Parameters:
tls: "disabled"
ttl_monitor: "disabled"
Tags:
- Key: "String"
Value: "String"
DocumentDBInstance:
Type: "AWS::DocDB::DBInstance"
Properties:
DBInstanceClass: db.t4g.medium
DBClusterIdentifier: !Ref DocumentDBCluster
Metadata:
"AWS::CloudFormation::Designer":
id: f04cee38-175e-4432-9ad7-62ca28bbf935
DocumentDBClusterSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: Allow inbound traffic for DocumentDB cluster
VpcId: !Ref VpcId
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 27017
ToPort: 27017
SourceSecurityGroupId: !Ref InstanceSecurityGroup
EC2Instance:
Type: "AWS::EC2::Instance"
Properties:
ImageId: ami-0557a15b87f6559cf
InstanceType: t2.medium
KeyName: !Ref KeyPairName
UserData:
Fn::Base64: !Sub |
#!/bin/bash
cd /home/ubuntu
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
git clone https://github.com/Infisical/infisical.git
cd infisical
DOCUMENT_DB_CONNECTION_URL="mongodb://${DocumentDBUsername}:${DocumentDBPassword}@${DocumentDBCluster.Endpoint}:${DocumentDBCluster.Port}/infisical?replicaSet=rs0&readPreference=secondaryPreferred&retryWrites=false"
ENCRYPTION_KEY=$(openssl rand -hex 16)
JWT_SIGNUP_SECRET=$(openssl rand -hex 16)
JWT_REFRESH_SECRET=$(openssl rand -hex 16)
JWT_AUTH_SECRET=$(openssl rand -hex 16)
JWT_SERVICE_SECRET=$(openssl rand -hex 16)
touch .env
echo "ENCRYPTION_KEY=${!ENCRYPTION_KEY}" >> .env
echo "JWT_SIGNUP_SECRET=${!JWT_SIGNUP_SECRET}" >> .env
echo "JWT_REFRESH_SECRET=${!JWT_REFRESH_SECRET}" >> .env
echo "JWT_AUTH_SECRET=${!JWT_AUTH_SECRET}" >> .env
echo "JWT_SERVICE_SECRET=${!JWT_SERVICE_SECRET}" >> .env
echo "MONGO_URL=${!DOCUMENT_DB_CONNECTION_URL}" >> .env
docker-compose up -d
SecurityGroupIds:
- !Ref InstanceSecurityGroup
Tags:
- Key: Name
Value: infisical
Metadata:
"AWS::CloudFormation::Designer":
id: 2c0a771c-5002-4785-9848-0377e33cd0e9
DependsOn:
- DocumentDBInstance
InstanceSecurityGroup:
Type: "AWS::EC2::SecurityGroup"
Properties:
GroupDescription: Allow SSH and HTTP traffic
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
VpcId: !Ref VpcId
Metadata:
"AWS::CloudFormation::Designer":
id: 1fd6856a-11e5-4369-84fa-d18d4011b3de
Outputs:
InstanceIP:
Value: !GetAtt EC2Instance.PublicIp
Metadata:
"AWS::CloudFormation::Designer":
1fd6856a-11e5-4369-84fa-d18d4011b3de:
size:
width: 60
height: 60
position:
x: 60
"y": 90
z: 1
embeds: []
2c0a771c-5002-4785-9848-0377e33cd0e9:
size:
width: 60
height: 60
position:
x: 180
"y": 90
z: 1
embeds: []
isassociatedwith:
- 1fd6856a-11e5-4369-84fa-d18d4011b3de
dependson:
- 2cabaada-fbdb-4945-bf95-a0406704dd5a
- f04cee38-175e-4432-9ad7-62ca28bbf935
73b974cf-eed3-4f7d-8657-6a6746bac169:
size:
width: 60
height: 60
position:
x: 390
"y": 210
z: 1
embeds: []
f04cee38-175e-4432-9ad7-62ca28bbf935:
size:
width: 60
height: 60
position:
x: 270
"y": 90
z: 1
embeds: []

View File

@@ -0,0 +1 @@
FROM infisical/backend:latest

View File

@@ -0,0 +1 @@
FROM infisical/frontend:latest