Otus-DevOps-2020-02 · korobeynikovnv · Sep 6, 2020 · Sep 6, 2020 · Sep 6, 2020 · Sep 6, 2020
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1,7 @@
+variables.json
+*.swp
+*.tfstate
+*.tfstate.*.backup
+*.tfstate.backup
+*.tfvars
+.terraform/
diff --git a/README.md b/README.md
@@ -4,5 +4,15 @@ korobeynikovnv Infra repository
 для chain подключения через bastion использовать:
 ssh -J [email protected] [email protected]
 
+#Домашнее задание №5 VPN через pritunl
 bastion_IP=84.201.177.74
 someinternalhost_IP=10.130.0.12
+
+#Домашнее задание №6 тестовое приложение на руби
+testapp_IP = 178.154.227.39
+testapp_port = 9292
+
+#homework #7 packer-base
+packer/create-reddit-vm.sh - init yandex cloud instance
+packer/ubuntu16.json - packer settings for base reddit vm (mongo+ruby)
+packer/immutable.json - packer settings for full reddit vm (mongo+ruby+reddit)
diff --git a/cloud-bastion.ovpn → VPN/cloud-bastion.ovpn b/cloud-bastion.ovpn → VPN/cloud-bastion.ovpn
diff --git a/setupvpn.sh → VPN/setupvpn.sh b/setupvpn.sh → VPN/setupvpn.sh
diff --git a/packer/config/puma.service b/packer/config/puma.service
@@ -0,0 +1,16 @@
+[Unit]
+Description=Puma HTTP Server
+After=network.target
+
+[Service]
+Type=simple
+User=ubuntu
+WorkingDirectory=/etc/reddit-application
+Environment=RAILS_ENV=production
+
+ExecStart=/usr/local/bin/puma -d
+Restart=always
+KillMode=process
+
+[Install]
+WantedBy=multi-user.target
diff --git a/packer/create-reddit-vm.sh b/packer/create-reddit-vm.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+timestamp=$(date +%s)
+echo "reddit-app-$timestamp"
+yc compute instance create \
+  --name "reddit-app-$timestamp" \
+  --hostname "reddit-app-$timestamp" \
+  --memory=4 \
+  --create-boot-disk image-folder-id=b1g0ibhbccvgtn9tuln9,image-family=reddit-full,size=10GB \
+  --network-interface subnet-name=default-ru-central1-a,nat-ip-version=ipv4 \
+  --metadata serial-port-enable=1 \
+  --ssh-key ~/.ssh/yandex_cloud.pub
diff --git a/packer/dummy-key.json b/packer/dummy-key.json
@@ -0,0 +1,8 @@
+{
+   "id": "ajealt6kge6imldb99tb",
+   "service_account_id": "ajermm2ksnf6spkmneq0",
+   "created_at": "2020-09-17T15:12:37Z",
+   "key_algorithm": "RSA_2048",
+   "public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3y6JobN7rU5+Rz3d6UxC\nyWRQtWb//NjWKgxtde9auvZEI9tr6Uin3OrZ9prTzV2v4c7fRggjvhN/+2Hm+EGg\nukm5/z188jwNq4tUpujxFa07MSk9gsHPiJn1TMH+tUpu5GmUfWhYw9cIC7x5vrh+\nlUrMvIf0qKM6ZVLxrQXATfxHpxUoeDzjamIcAk1c1c8Ap7JZRP6ha2xTtNxggveL\nLcF0q9+lluYE0UVQfONeEes7Nw2fQaZvBs8UBK7+yBiDOPfrKReH4YRmtH83jgZp\nciZg43MumkmyWsZKB9qUzkOz2NVDTGDPGQVN0fJu1wHn2E/5xEANVdUpLg9Cx9Yv\nkwIDAQAB\n-----END PUBLIC KEY-----\n",
+   "private_key": ""
+}
diff --git a/packer/immutable.json b/packer/immutable.json
@@ -0,0 +1,48 @@
+{
+    "builders": [
+        {
+            "type": "yandex",
+            "service_account_key_file": "{{user `service_account_key_file`}}",
+            "folder_id": "{{user `folder_id`}}",
+            "source_image_family": "ubuntu-1604-lts",
+            "image_name": "reddit-full-{{timestamp}}",
+            "image_family": "reddit-full",
+            "ssh_username": "ubuntu",
+            "platform_id": "standard-v1",
+	    "use_ipv4_nat" : "true",
+	    "zone": "{{user `zone`}}",
+	    "subnet_id": "{{user `subnet_id`}}"
+        }
+    ],
+    "provisioners": [
+        {
+	    "type"    :"file",
+	    "source" : "./config/puma.service",
+	    "destination": "/tmp/puma.service"
+	},
+	{
+	    "type":"shell",
+	    "inline":"/usr/bin/cloud-init status --wait"
+	},
+	{
+	    "type":"shell",
+	    "script":"./scripts/await_updates.sh",
+	    "execute_command":"sudo {{.Path}}"
+	},
+        {
+            "type": "shell",
+            "script": "./scripts/install_ruby.sh",
+            "execute_command": "sudo {{.Path}}"
+        },
+        {
+            "type": "shell",
+            "script": "./scripts/install_mongodb.sh",
+            "execute_command": "sudo {{.Path}}"
+        },
+	{
+            "type":"shell",
+	    "script":"./scripts/deploy.sh",
+	    "execute_command":"{{.Path}}"
+	}
+    ]
+}
diff --git a/packer/scripts/await_updates.sh b/packer/scripts/await_updates.sh
@@ -0,0 +1,9 @@
+apt-get check >/dev/null 2>&1
+while [ "$?" -ne 0 ]
+do
+  echo ++++++awaiting auto updates
+  sleep 2
+  apt-get check >/dev/null 2>&1
+done
+echo ++++++updates available
+apt-get update
diff --git a/packer/scripts/deploy.sh b/packer/scripts/deploy.sh
@@ -0,0 +1,13 @@
+#!/bin/bash
+sudo apt-get update
+sudo apt-get install -y git
+echo ========reddit-instal==============
+sudo git clone -b monolith https://github.com/express42/reddit.git /etc/reddit-application
+cd /etc/reddit-application
+bundle install
+sudo cp /tmp/puma.service /etc/systemd/system/puma.service
+sudo systemctl daemon-reload
+sudo systemctl enable puma
+sudo systemctl start puma
+ps aux | grep puma
+echo ========reddit-install-end========
diff --git a/packer/scripts/install_mongodb.sh b/packer/scripts/install_mongodb.sh
@@ -0,0 +1,8 @@
+#!/bin/bash
+wget -qO - https://www.mongodb.org/static/pgp/server-4.2.asc | sudo apt-key add -
+echo "deb [ arch=amd64,arm64 ] https://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/4.2 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-4.2.list
+sleep 30
+apt-get update
+apt-get install -y mongodb-org
+systemctl start mongod
+systemctl enable mongod
diff --git a/packer/scripts/install_ruby.sh b/packer/scripts/install_ruby.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+apt install -y ruby-full ruby-bundler build-essential
diff --git a/packer/ubuntu16.json b/packer/ubuntu16.json
@@ -0,0 +1,33 @@
+{
+    "builders": [
+        {
+            "type": "yandex",
+            "service_account_key_file": "{{user `service_account_key_file`}}",
+            "folder_id": "{{user `folder_id`}}",
+            "source_image_family": "ubuntu-1604-lts",
+            "image_name": "reddit-base-{{timestamp}}",
+            "image_family": "reddit-base",
+            "ssh_username": "ubuntu",
+            "platform_id": "standard-v1",
+	    "use_ipv4_nat" : "true",
+	    "zone": "{{user `zone`}}",
+	    "subnet_id": "{{user `subnet_id`}}"
+        }
+    ],
+    "provisioners": [
+	{
+	    "type":"shell",
+	    "inline":"/usr/bin/cloud-init status --wait"
+	},
+	{
+            "type": "shell",
+            "script": "./scripts/install_mongodb.sh",
+            "execute_command": "sudo {{.Path}}"
+        },
+        {
+            "type": "shell",
+            "script": "./scripts/install_ruby.sh",
+            "execute_command": "sudo {{.Path}}"	    
+	}           
+    ]
+}
diff --git a/packer/variables.json.example b/packer/variables.json.example
@@ -0,0 +1,6 @@
+{
+	"folder_id":"b1g0ibhbccvgtn9tuln9",
+	"service_account_key_file":"./dummy-key.json",
+	"zone":"ru-central1-a",
+	"subnet_id":"e9bqe8iilld5fs77mak8"
+}
diff --git a/reddit b/reddit