-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcreate.sh
executable file
·146 lines (127 loc) · 4.31 KB
/
create.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
#!/bin/bash
# Environment variables that need to be set
# TF_VAR_ec2_ssh_key
# TF_VAR_aws_profile
# TF_VAR_region
# TF_VAR_subnet_id_1
# TF_VAR_subnet_id_2
# TF_VAR_aws_vpc_id
# SERVER_PASSWORD
# TF_VAR_certificate_arn (when setting up secure server)
usage()
{
echo "usage: create.sh [[-i image ] | [-s] | [-h]]"
}
code_server_img="codercom/code-server"
secure_domain=false
while [ "$1" != "" ]; do
case $1 in
-i | --image ) shift
code_server_img=$1
;;
-s | --secure ) secure_domain=true
;;
-h | --help ) usage
exit
;;
* ) usage
exit 1
esac
shift
done
# Display Docker image that will be used
printf "\n\nDocker image to use: $code_server_img \n\n"
# Determine if tfenv is installed
which tfenv
if [ $? == 0 ]
then
printf 'tfenv is installed, setting version of terraform \n'
tfenv use 0.12.21
else
printf 'tfenv is not installed, ensure you are using terraform version 0.12.21 \n'
fi
if [ -e ".env" ]
then
printf "Reading environment variables \n"
. ./.env
else
printf "Environment (.env) file not found \n"
fi
# Check if terraform init has already run
if [ ! -d ".terraform" ]; then
printf "Running terraform init \n"
terraform init
fi
printf "\nSecure domain value: %s \n" "$secure_domain"
if [ $secure_domain == false ] && [ ! -e "./server.crt" ] && [ ! -e "./server.key" ]
then
export TF_VAR_protocol=HTTP
export TF_VAR_certificate_arn=''
printf 'For non-secure domain, creating empty cert and key files. \n'
touch server.crt
touch server.key
elif [ $secure_domain == false ]
then
export TF_VAR_protocol=HTTP
export TF_VAR_certificate_arn=''
printf 'Non-secure domain \n'
elif [ $secure_domain == true ]
then
export TF_VAR_protocol=HTTPS
if [ TF_VAR_certificate_arn == "" ]
then
printf 'A certificate ARN from AWS Certificate Manager must be defined. Set TF_VAR_certificate_arn \n'
fi
fi
printf "Retrieving Amazon Linux 2 AMI ID for region %s \n" "$TF_VAR_REGION"
export TF_VAR_ami_id_amazon_linux=$(aws ec2 describe-images --filters "Name=owner-alias,Values=amazon" "Name=architecture,Values=x86_64" "Name=description,Values='Amazon Linux 2 AMI 2.0.20191024.3 x86_64 HVM gp2'" --profile $TF_VAR_aws_profile --region $TF_VAR_region | jq -r '.Images[].ImageId')
printf "\nAmazon Linux 2 AMI ID is: $TF_VAR_ami_id_amazon_linux \n\n"
printf "Running terraform apply \n\n"
terraform apply
if [ $? -ne 0 ]
then
printf "Terraform Failed \n"
exit 1
fi
printf "Obtaining public IP address... \n"
public_ip=$(terraform output -json | jq -r '.server_output.value')
printf "Obtaining DNS address of load balancer... \n"
public_dns=$(terraform output -json | jq -r '.load_balancer_output.value' )
printf "\nPull Docker Image... \n"
ssh -i ~/.ssh/$TF_VAR_ec2_ssh_key.pem ec2-user@$public_ip \
docker image pull $code_server_img
printf "\nChecking for existing service... \n"
count=$(ssh -i ~/.ssh/$TF_VAR_ec2_ssh_key.pem ec2-user@$public_ip docker container ls | wc -l)
if [ $count -eq 1 ]
then
printf "\nStarting service... \n\n"
if [ $secure_domain == true ]
then
printf "Running secure container... \n"
ssh -i ~/.ssh/$TF_VAR_ec2_ssh_key.pem ec2-user@$public_ip \
docker run -it -d -p 8080:8080 \
-v "/mnt/projects:/home/coder/project" \
-e PASSWORD=$SERVER_PASSWORD \
$code_server_img \
--cert server.crt --cert-key server.key
else
printf "Running non-secure container... \n"
ssh -i ~/.ssh/$TF_VAR_ec2_ssh_key.pem ec2-user@$public_ip \
docker run -it -d -p 8080:8080 \
-v "/mnt/projects:/home/coder/project" \
-e PASSWORD=$SERVER_PASSWORD \
$code_server_img
fi
else
printf "\nService already running \n\n"
fi
printf "\nPublic IP: $public_ip \n"
printf "Server password: $SERVER_PASSWORD \n"
if [ $secure_domain == false ]
then
printf "Full URL: http://$public_dns:8080 \n"
elif [ $secure_domain == true ]
then
printf "For access, make sure to add CNAME entry in your DNS zone to: $public_dns \n"
printf "The server will be available on port 8080 \n"
fi