From ecd16134d28202b2d1bea796403d768fc9fb66d7 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 15:30:42 +0700 Subject: [PATCH 01/28] first commit --- Terraform/.terraform.lock.hcl | 25 +++++++++++++++++++++++++ Terraform/main.tf | 12 ++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 Terraform/.terraform.lock.hcl create mode 100644 Terraform/main.tf diff --git a/Terraform/.terraform.lock.hcl b/Terraform/.terraform.lock.hcl new file mode 100644 index 0000000..e1d9d84 --- /dev/null +++ b/Terraform/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.58.0" + constraints = "~> 5.0" + hashes = [ + "h1:dMyVBj7KKMblfLn6+aIP37jK/9HwfMtX9TJvzMjmz2s=", + "zh:15e9be54a8febe8e560362b10967cb60b680ca3f78fe207d7209b76e076f59d3", + "zh:240f6899a2cec259aa2729ce031f6af2b453f90a8b59118bb2571c54acc65db8", + "zh:2b6e8e2ab1a3dce1001503dba6086a128bb2a71652b0d0b3b107db665b7d6881", + "zh:579b0ed95247a0bd8bfb3fac7fb767547dde76026c578f4f184b5743af5e32cc", + "zh:6adcd10fd12be0be9eb78a89e745a5b77ae0d8b3522cd782456a71178aad8ccb", + "zh:7f829cef82f0a02faa97d0fbe1417a40b73fc5142e883b12eebc5b71015efac9", + "zh:81977f001998c9096f7b59710996e159774a9313c1bc03db3beb81c3e016ebef", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:a5d98ac6fab6e6c85164ca7dd38f94a1e44bd70c0e8354c61f7fbabf698957cd", + "zh:c27fa4fed50f6f83ca911bef04f05d635a7b7a01a89dc8fc5d66a277588f08df", + "zh:d4042bdf86ca6dc10e0cca91c4fcc592b12572d26185b3d37bbbb9e2026ac68b", + "zh:d536482cf4ace0d49a2a86c931150921649beae59337d0c02a785879fe943cf3", + "zh:e205f8243274a621fb9ef2b5e2c71e84c1670be1d23697739439f5a831fa620f", + "zh:eb76ce0c77fd76c47f57122c91c4fcf0f72c01423538ed7833eaa7eeaae2edf6", + "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", + ] +} diff --git a/Terraform/main.tf b/Terraform/main.tf new file mode 100644 index 0000000..3e3bddb --- /dev/null +++ b/Terraform/main.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} + +provider "aws" { + region = "us-east-1" +} \ No newline at end of file From dc9d1bbb30bb5481c4d99b1204e37c0a95fb0058 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 20:35:26 +0700 Subject: [PATCH 02/28] adding module --- .gitignore | 2 ++ Terraform/main.tf | 16 ++++++++++++++++ 2 files changed, 18 insertions(+) diff --git a/.gitignore b/.gitignore index 9b8a46e..4180434 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,5 @@ override.tf.json # Ignore CLI configuration files .terraformrc terraform.rc + +notes.txt diff --git a/Terraform/main.tf b/Terraform/main.tf index 3e3bddb..1812b6a 100644 --- a/Terraform/main.tf +++ b/Terraform/main.tf @@ -9,4 +9,20 @@ terraform { provider "aws" { region = "us-east-1" +} + +module "vpc" { + source = "terraform-aws-modules/vpc/aws" + + name = "my-vpc" + cidr = "10.42.0.0/16" + + azs = ["us-east-1a"] + private_subnets = ["10.42.1.0/24"] + public_subnets = ["10.42.2.0/24"] + + tags = { + Terraform = "true" + DevopsMaster = "true" + } } \ No newline at end of file From ae9343901f080a9a50369b3f112dbbd401f82487 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 21:14:53 +0700 Subject: [PATCH 03/28] building out sg + vars --- Terraform/locals.tf | 3 +++ Terraform/main.tf | 15 ++++++++------- Terraform/sg.tf | 27 +++++++++++++++++++++++++++ Terraform/variables.tf | 30 ++++++++++++++++++++++++++++++ 4 files changed, 68 insertions(+), 7 deletions(-) create mode 100644 Terraform/locals.tf create mode 100644 Terraform/sg.tf create mode 100644 Terraform/variables.tf diff --git a/Terraform/locals.tf b/Terraform/locals.tf new file mode 100644 index 0000000..dacb807 --- /dev/null +++ b/Terraform/locals.tf @@ -0,0 +1,3 @@ +locals { + vpc_azs = ["${var.aws_region}a"] +} \ No newline at end of file diff --git a/Terraform/main.tf b/Terraform/main.tf index 1812b6a..0d051de 100644 --- a/Terraform/main.tf +++ b/Terraform/main.tf @@ -8,21 +8,22 @@ terraform { } provider "aws" { - region = "us-east-1" + region = var.aws_region } module "vpc" { source = "terraform-aws-modules/vpc/aws" - name = "my-vpc" - cidr = "10.42.0.0/16" + name = var.vpc_name + cidr = var.vpc_cidr - azs = ["us-east-1a"] - private_subnets = ["10.42.1.0/24"] - public_subnets = ["10.42.2.0/24"] + azs = local.vpc_azs + private_subnets = var.vpc_private_subnets + public_subnets = var.vpc_public_subnets tags = { Terraform = "true" DevopsMaster = "true" } -} \ No newline at end of file +} + diff --git a/Terraform/sg.tf b/Terraform/sg.tf new file mode 100644 index 0000000..b543ddf --- /dev/null +++ b/Terraform/sg.tf @@ -0,0 +1,27 @@ +resource "aws_security_group" "external_connection_sg" { + name = "external-connection-sg" + description = "Allow SSH and HTTP traffic" + vpc_id = module.vpc.vpc_id + tags = local.tags +} + +resource "aws_security_group_rule" "SSH" { + type = "ingress" + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = var.private_ip + description = "SSH" + security_group_id = aws_security_group.external_connection.id +} + +resource "aws_security_group_rule" "HTTPS" { + type = "ingress" + from_port = 443 + to_port = 443 + protocol = "tcp" + cidr_blocks = var.private_ip + description = "HTTPS" + + security_group_id = aws_security_group.external_connection.id +} \ No newline at end of file diff --git a/Terraform/variables.tf b/Terraform/variables.tf new file mode 100644 index 0000000..4705d89 --- /dev/null +++ b/Terraform/variables.tf @@ -0,0 +1,30 @@ +variable "vpc_name" { + description = "The Name of the VPC." + type = string +} + +variable "aws_region" { + description = "AWS Region to deploy the VPC in" + type = string + default = "us-east-1" +} + +variable "vpc_cidr" { + description = "CIDR block for VPC" + type = string +} + +variable "vpc_private_subnets" { + description = "List of private subnets to create in VPC" + type = list(string) +} + +variable "vpc_public_subnets" { + description = "List of public subnets to create in VPC" + type = list(string) +} + +variable private_ip { + description = "Personal IP to connect with" + type = string +} From 9d61bcd463de1ee531fe0abd99e982c92ac1ebcd Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 21:34:52 +0700 Subject: [PATCH 04/28] renaming so everything works --- Terraform/sg.tf | 5 ++--- Terraform/terraform.tf | 12 ++++++++++++ Terraform/variables.tf | 2 +- Terraform/{main.tf => vpc.tf} | 16 +--------------- 4 files changed, 16 insertions(+), 19 deletions(-) create mode 100644 Terraform/terraform.tf rename Terraform/{main.tf => vpc.tf} (63%) diff --git a/Terraform/sg.tf b/Terraform/sg.tf index b543ddf..74b24dd 100644 --- a/Terraform/sg.tf +++ b/Terraform/sg.tf @@ -2,7 +2,6 @@ resource "aws_security_group" "external_connection_sg" { name = "external-connection-sg" description = "Allow SSH and HTTP traffic" vpc_id = module.vpc.vpc_id - tags = local.tags } resource "aws_security_group_rule" "SSH" { @@ -12,7 +11,7 @@ resource "aws_security_group_rule" "SSH" { protocol = "tcp" cidr_blocks = var.private_ip description = "SSH" - security_group_id = aws_security_group.external_connection.id + security_group_id = aws_security_group.external_connection_sg.id } resource "aws_security_group_rule" "HTTPS" { @@ -23,5 +22,5 @@ resource "aws_security_group_rule" "HTTPS" { cidr_blocks = var.private_ip description = "HTTPS" - security_group_id = aws_security_group.external_connection.id + security_group_id = aws_security_group.external_connection_sg.id } \ No newline at end of file diff --git a/Terraform/terraform.tf b/Terraform/terraform.tf new file mode 100644 index 0000000..112fdf0 --- /dev/null +++ b/Terraform/terraform.tf @@ -0,0 +1,12 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} + +provider "aws" { + region = var.aws_region +} \ No newline at end of file diff --git a/Terraform/variables.tf b/Terraform/variables.tf index 4705d89..2f4d2cd 100644 --- a/Terraform/variables.tf +++ b/Terraform/variables.tf @@ -26,5 +26,5 @@ variable "vpc_public_subnets" { variable private_ip { description = "Personal IP to connect with" - type = string + type = list(string) } diff --git a/Terraform/main.tf b/Terraform/vpc.tf similarity index 63% rename from Terraform/main.tf rename to Terraform/vpc.tf index 0d051de..cb12bba 100644 --- a/Terraform/main.tf +++ b/Terraform/vpc.tf @@ -1,16 +1,3 @@ -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "~> 5.0" - } - } -} - -provider "aws" { - region = var.aws_region -} - module "vpc" { source = "terraform-aws-modules/vpc/aws" @@ -25,5 +12,4 @@ module "vpc" { Terraform = "true" DevopsMaster = "true" } -} - +} \ No newline at end of file From fa13419a19c80f8cedbe4182d08fb5491cc34bc0 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 21:42:34 +0700 Subject: [PATCH 05/28] added ping --- Terraform/sg.tf | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/Terraform/sg.tf b/Terraform/sg.tf index 74b24dd..0c4c3ff 100644 --- a/Terraform/sg.tf +++ b/Terraform/sg.tf @@ -22,5 +22,16 @@ resource "aws_security_group_rule" "HTTPS" { cidr_blocks = var.private_ip description = "HTTPS" + security_group_id = aws_security_group.external_connection_sg.id +} + +resource "aws_security_group_rule" "PING" { + type = "ingress" + from_port = 8 + to_port = 0 + protocol = "icmp" + cidr_blocks = var.private_ip + description = "ping" + security_group_id = aws_security_group.external_connection_sg.id } \ No newline at end of file From f49d88df8f3d14d3902f0c4ade5c3dbf31d498ad Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 22:01:33 +0700 Subject: [PATCH 06/28] added instance --- Terraform/data.tf | 15 +++++++++++++++ Terraform/instance.tf | 8 ++++++++ Terraform/variables.tf | 9 +++++++++ Terraform/vpc.tf | 5 +---- 4 files changed, 33 insertions(+), 4 deletions(-) create mode 100644 Terraform/data.tf create mode 100644 Terraform/instance.tf diff --git a/Terraform/data.tf b/Terraform/data.tf new file mode 100644 index 0000000..3983b9a --- /dev/null +++ b/Terraform/data.tf @@ -0,0 +1,15 @@ +data "aws_ami" "ubuntu" { + most_recent = true + + filter { + name = "name" + values = ["ubuntu/images/hvm-ssd/ubuntu-jammy-22.04-amd64-server-*"] + } + + filter { + name = "virtualization-type" + values = ["hvm"] + } + + owners = ["099720109477"] # Canonical +} \ No newline at end of file diff --git a/Terraform/instance.tf b/Terraform/instance.tf new file mode 100644 index 0000000..8f0ada0 --- /dev/null +++ b/Terraform/instance.tf @@ -0,0 +1,8 @@ +resource "aws_instance" "web" { + ami = data.aws_ami.ubuntu.id + instance_type = "t3.micro" + associate_public_ip_address = true + vpc_security_group_ids = ["${aws_security_group.external_connection_sg.id}"] + subnet_id = module.vpc.public_subnets[0] + tags = var.tags +} \ No newline at end of file diff --git a/Terraform/variables.tf b/Terraform/variables.tf index 2f4d2cd..874eb42 100644 --- a/Terraform/variables.tf +++ b/Terraform/variables.tf @@ -28,3 +28,12 @@ variable private_ip { description = "Personal IP to connect with" type = list(string) } + +variable tags { + description = "Tags to add to all resources" + type = map + default = { + Terraform = "true" + DevopsMaster = "true" + } +} diff --git a/Terraform/vpc.tf b/Terraform/vpc.tf index cb12bba..e0442de 100644 --- a/Terraform/vpc.tf +++ b/Terraform/vpc.tf @@ -8,8 +8,5 @@ module "vpc" { private_subnets = var.vpc_private_subnets public_subnets = var.vpc_public_subnets - tags = { - Terraform = "true" - DevopsMaster = "true" - } + tags = var.tags } \ No newline at end of file From 231b2f2649f4059d6091f492a6c4ebc49ffb4d30 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 22:12:23 +0700 Subject: [PATCH 07/28] added kp --- Terraform/.terraform.lock.hcl | 38 +++++++++++++++++++++++++++++++++++ Terraform/instance.tf | 3 +++ Terraform/keypair.tf | 14 +++++++++++++ Terraform/locals.tf | 1 + Terraform/variables.tf | 6 ++++++ 5 files changed, 62 insertions(+) create mode 100644 Terraform/keypair.tf diff --git a/Terraform/.terraform.lock.hcl b/Terraform/.terraform.lock.hcl index e1d9d84..33cf4f8 100644 --- a/Terraform/.terraform.lock.hcl +++ b/Terraform/.terraform.lock.hcl @@ -23,3 +23,41 @@ provider "registry.terraform.io/hashicorp/aws" { "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", ] } + +provider "registry.terraform.io/hashicorp/local" { + version = "2.5.1" + hashes = [ + "h1:tjcGlQAFA0kmQ4vKkIPPUC4it1UYxLbg4YvHOWRAJHA=", + "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", + "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", + "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", + "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", + "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", + "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", + "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", + "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", + "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", + "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", + ] +} + +provider "registry.terraform.io/hashicorp/tls" { + version = "4.0.5" + hashes = [ + "h1:yLqz+skP3+EbU3yyvw8JqzflQTKDQGsC9QyZAg+S4dg=", + "zh:01cfb11cb74654c003f6d4e32bbef8f5969ee2856394a96d127da4949c65153e", + "zh:0472ea1574026aa1e8ca82bb6df2c40cd0478e9336b7a8a64e652119a2fa4f32", + "zh:1a8ddba2b1550c5d02003ea5d6cdda2eef6870ece86c5619f33edd699c9dc14b", + "zh:1e3bb505c000adb12cdf60af5b08f0ed68bc3955b0d4d4a126db5ca4d429eb4a", + "zh:6636401b2463c25e03e68a6b786acf91a311c78444b1dc4f97c539f9f78de22a", + "zh:76858f9d8b460e7b2a338c477671d07286b0d287fd2d2e3214030ae8f61dd56e", + "zh:a13b69fb43cb8746793b3069c4d897bb18f454290b496f19d03c3387d1c9a2dc", + "zh:a90ca81bb9bb509063b736842250ecff0f886a91baae8de65c8430168001dad9", + "zh:c4de401395936e41234f1956ebadbd2ed9f414e6908f27d578614aaa529870d4", + "zh:c657e121af8fde19964482997f0de2d5173217274f6997e16389e7707ed8ece8", + "zh:d68b07a67fbd604c38ec9733069fbf23441436fecf554de6c75c032f82e1ef19", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/Terraform/instance.tf b/Terraform/instance.tf index 8f0ada0..e78fba1 100644 --- a/Terraform/instance.tf +++ b/Terraform/instance.tf @@ -1,8 +1,11 @@ resource "aws_instance" "web" { + key_name = aws_key_pair.generated_key.key_name ami = data.aws_ami.ubuntu.id instance_type = "t3.micro" associate_public_ip_address = true vpc_security_group_ids = ["${aws_security_group.external_connection_sg.id}"] subnet_id = module.vpc.public_subnets[0] + + tags = var.tags } \ No newline at end of file diff --git a/Terraform/keypair.tf b/Terraform/keypair.tf new file mode 100644 index 0000000..3711f47 --- /dev/null +++ b/Terraform/keypair.tf @@ -0,0 +1,14 @@ +resource "tls_private_key" "keypair_prv_key" { + algorithm = "RSA" + rsa_bits = 4096 +} + +resource "aws_key_pair" "generated_key" { + key_name = var.keypair_name + public_key = tls_private_key.keypair_prv_key.public_key_openssh +} + +resource "local_file" "pk_file" { + content = tls_private_key.keypair_prv_key.private_key_pem + filename = "${local.keypair_export_path}/${var.keypair_name}.pem" +} \ No newline at end of file diff --git a/Terraform/locals.tf b/Terraform/locals.tf index dacb807..8ed3cbe 100644 --- a/Terraform/locals.tf +++ b/Terraform/locals.tf @@ -1,3 +1,4 @@ locals { vpc_azs = ["${var.aws_region}a"] + keypair_export_path = "${path.root}/secret" } \ No newline at end of file diff --git a/Terraform/variables.tf b/Terraform/variables.tf index 874eb42..8b274ff 100644 --- a/Terraform/variables.tf +++ b/Terraform/variables.tf @@ -37,3 +37,9 @@ variable tags { DevopsMaster = "true" } } + +variable "keypair_name" { + description = "keypair_name" + type = string + default = "devops_kp" +} From fceb0dfd1624884061c45c20481d99cbe9b72410 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 22:19:52 +0700 Subject: [PATCH 08/28] gitignore for private key --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 4180434..fc67f14 100644 --- a/.gitignore +++ b/.gitignore @@ -34,3 +34,4 @@ override.tf.json terraform.rc notes.txt +secret/* From a7de9a58aed60312fc21707ecc0b209739a64170 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Fri, 19 Jul 2024 22:29:40 +0700 Subject: [PATCH 09/28] formating --- Terraform/instance.tf | 15 +++++++-------- Terraform/locals.tf | 2 +- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/Terraform/instance.tf b/Terraform/instance.tf index e78fba1..801af28 100644 --- a/Terraform/instance.tf +++ b/Terraform/instance.tf @@ -1,11 +1,10 @@ -resource "aws_instance" "web" { - key_name = aws_key_pair.generated_key.key_name - ami = data.aws_ami.ubuntu.id - instance_type = "t3.micro" +resource "aws_instance" "application" { + key_name = aws_key_pair.generated_key.key_name + ami = data.aws_ami.ubuntu.id + instance_type = "t3.micro" associate_public_ip_address = true - vpc_security_group_ids = ["${aws_security_group.external_connection_sg.id}"] - subnet_id = module.vpc.public_subnets[0] - + vpc_security_group_ids = ["${aws_security_group.external_connection_sg.id}"] + subnet_id = module.vpc.public_subnets[0] tags = var.tags -} \ No newline at end of file +} diff --git a/Terraform/locals.tf b/Terraform/locals.tf index 8ed3cbe..fdd51ad 100644 --- a/Terraform/locals.tf +++ b/Terraform/locals.tf @@ -1,4 +1,4 @@ locals { vpc_azs = ["${var.aws_region}a"] - keypair_export_path = "${path.root}/secret" + keypair_export_path = "${path.root}/secret" } \ No newline at end of file From 541ea51c3381b31fdb346e1e2f6a12d5854b4b0c Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 11:21:25 +0700 Subject: [PATCH 10/28] finishing touches + readme --- Terraform/README.md | 80 ++++++++++++++++++++++++++++++++++++++++++-- Terraform/keypair.tf | 7 ++-- Terraform/outputs.tf | 3 ++ Terraform/sg.tf | 24 ++++++++++--- 4 files changed, 105 insertions(+), 9 deletions(-) create mode 100644 Terraform/outputs.tf diff --git a/Terraform/README.md b/Terraform/README.md index c580875..9f2b2c5 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -1,3 +1,79 @@ -# DevOps-Exercise-Terraform -DevOps home Terraform task +# Terraform Infrastructure as Code (IaC) +This Terraform project sets up an Amazon Web Services (AWS) environment with the following components: + +1. **Virtual Private Cloud (VPC)**: A custom VPC with private and public subnets. +2. **Security Groups (SGs)**: + - `external_connection_sg`: Allows inbound traffic on port 443 (HTTPS), port 22 (SSH) and ICMP (ping) from a private IP. + - `internal_connection_sg`: Allows inbound traffic on port 22 (SSH) from the `external_connection_sg`. +3. **Key Pair**: + - Generate Key Pair to enable SSH connection with instance +4. **EC2 Instance**: + - Launches a t3.micro EC2 instance in the public subnet. + - Associates the `external_connection_sg` with the instance. + - Associates the generated Key Pair with the instance. + +## Prerequisites + +1. Install Terraform: [Terraform Installation Guide](https://learn.hashicorp.com/tutorials/terraform/install-cli) +2. Configure AWS credentials: Ensure your AWS access keys are set up. + +## Variables + +- `vpc_name`: The Name of the VPC. +- `aws_region`: AWS Region to deploy the VPC in (default: `us-east-1`). +- `vpc_cidr`: CIDR block for VPC. +- `vpc_private_subnets`: List of private subnets to create in VPC. +- `vpc_public_subnets`: List of public subnets to create in VPC. +- `private_ip`: Personal IP to connect with. +- `tags`: Tags to add to all resources (default: `{ "Terraform": "true", "DevopsMaster": "true" }`). +- `keypair_name`: Keypair name (default: `devops_kp`). + +## Security Groups + +### External Connection Security Group + +- Name: `external-connection-sg` +- Description: Allows SSH, HTTPS, and ping traffic externally. +- Ingress rules: + - SSH (port 22) from private IP. + - HTTPS (port 443) from private IP. + - ICMP (ping) from private IP. + +### Internal Connection Security Group + +- Name: `internal-connection-sg` +- Description: Allows SSH traffic internally. +- Ingress rule: + - SSH (port 22) from the `external-connection-sg`. + +## Usage + +1. Clone this repository. +2. Navigate to the project directory. +3. Initialize Terraform: + ```bash + terraform init + ``` +4. Create `terraform.tfvars` file with required variables. +5. Test the infrastructure: + ```bash + terraform plan + ``` +6. When previous step completes successfully, deploy the infrastructure: + ```bash + terraform apply + ``` +7. Destroy the infrastructure when done: + ```bash + terraform destroy + ``` + +## Outputs + +- `instance_ip`: public IP of EC2 instance + +## Notes + +- Replace the default values in `variables.tf` with your desired settings. +- Ensure AWS credentials configured (either via environment variables or AWS CLI). diff --git a/Terraform/keypair.tf b/Terraform/keypair.tf index 3711f47..9f809b1 100644 --- a/Terraform/keypair.tf +++ b/Terraform/keypair.tf @@ -9,6 +9,7 @@ resource "aws_key_pair" "generated_key" { } resource "local_file" "pk_file" { - content = tls_private_key.keypair_prv_key.private_key_pem - filename = "${local.keypair_export_path}/${var.keypair_name}.pem" -} \ No newline at end of file + content = tls_private_key.keypair_prv_key.private_key_pem + filename = "${local.keypair_export_path}/${var.keypair_name}.pem" + file_permission = "0400" +} diff --git a/Terraform/outputs.tf b/Terraform/outputs.tf new file mode 100644 index 0000000..37f1c47 --- /dev/null +++ b/Terraform/outputs.tf @@ -0,0 +1,3 @@ +output "instance_ip" { + value = aws_instance.application.public_ip +} \ No newline at end of file diff --git a/Terraform/sg.tf b/Terraform/sg.tf index 0c4c3ff..c48468c 100644 --- a/Terraform/sg.tf +++ b/Terraform/sg.tf @@ -1,10 +1,10 @@ resource "aws_security_group" "external_connection_sg" { name = "external-connection-sg" - description = "Allow SSH and HTTP traffic" + description = "Allow SSH, HTTPS and ping traffic externally" vpc_id = module.vpc.vpc_id } -resource "aws_security_group_rule" "SSH" { +resource "aws_security_group_rule" "External_SSH" { type = "ingress" from_port = 22 to_port = 22 @@ -25,7 +25,7 @@ resource "aws_security_group_rule" "HTTPS" { security_group_id = aws_security_group.external_connection_sg.id } -resource "aws_security_group_rule" "PING" { +resource "aws_security_group_rule" "ping" { type = "ingress" from_port = 8 to_port = 0 @@ -34,4 +34,20 @@ resource "aws_security_group_rule" "PING" { description = "ping" security_group_id = aws_security_group.external_connection_sg.id -} \ No newline at end of file +} + +resource "aws_security_group" "internal_connection_sg" { + name = "internal-connection-sg" + description = "Allow SSH traffic internally" + vpc_id = module.vpc.vpc_id +} + +resource "aws_security_group_rule" "Internal_SSH" { + type = "ingress" + from_port = 22 + to_port = 22 + protocol = "tcp" + source_security_group_id = aws_security_group.external_connection_sg.id + description = "SSH" + security_group_id = aws_security_group.internal_connection_sg.id +} From dc80e87a5a168b4e511256499a455ceb56b2c054 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 11:28:05 +0700 Subject: [PATCH 11/28] gitignore + readme --- .gitignore | 2 +- Terraform/README.md | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index fc67f14..d0f1344 100644 --- a/.gitignore +++ b/.gitignore @@ -34,4 +34,4 @@ override.tf.json terraform.rc notes.txt -secret/* +**/secret/* diff --git a/Terraform/README.md b/Terraform/README.md index 9f2b2c5..e9eb023 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -20,14 +20,14 @@ This Terraform project sets up an Amazon Web Services (AWS) environment with the ## Variables -- `vpc_name`: The Name of the VPC. - `aws_region`: AWS Region to deploy the VPC in (default: `us-east-1`). +- `keypair_name`: Keypair name (default: `devops_kp`). +- `private_ip`: Personal IP to connect with. +- `tags`: Tags to add to all resources (default: `{ "Terraform": "true", "DevopsMaster": "true" }`). +- `vpc_name`: The Name of the VPC. - `vpc_cidr`: CIDR block for VPC. - `vpc_private_subnets`: List of private subnets to create in VPC. - `vpc_public_subnets`: List of public subnets to create in VPC. -- `private_ip`: Personal IP to connect with. -- `tags`: Tags to add to all resources (default: `{ "Terraform": "true", "DevopsMaster": "true" }`). -- `keypair_name`: Keypair name (default: `devops_kp`). ## Security Groups From deb748060011f2ccef5dda9b442166bf455e1d95 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 11:32:18 +0700 Subject: [PATCH 12/28] README --- Terraform/README.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/Terraform/README.md b/Terraform/README.md index e9eb023..c813ded 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -55,7 +55,14 @@ This Terraform project sets up an Amazon Web Services (AWS) environment with the ```bash terraform init ``` -4. Create `terraform.tfvars` file with required variables. +4. Create `terraform.tfvars` file with required variables. For example: + ```yaml + private_ip = ["45.80.184.49/32"] + vpc_cidr = "10.42.0.0/16" + vpc_name = "Production" + vpc_private_subnets = ["10.42.1.0/24"] + vpc_public_subnets = ["10.42.2.0/24"] + ``` 5. Test the infrastructure: ```bash terraform plan From b4fa133f4942d20a2a5c4c9aa62e95501a0b0180 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 12:20:17 +0700 Subject: [PATCH 13/28] fixed internal ssh --- Terraform/instance.tf | 2 +- Terraform/sg.tf | 26 ++++++++++++++++++-------- Terraform/vpc.tf | 4 ++++ 3 files changed, 23 insertions(+), 9 deletions(-) diff --git a/Terraform/instance.tf b/Terraform/instance.tf index 801af28..d961a6b 100644 --- a/Terraform/instance.tf +++ b/Terraform/instance.tf @@ -3,7 +3,7 @@ resource "aws_instance" "application" { ami = data.aws_ami.ubuntu.id instance_type = "t3.micro" associate_public_ip_address = true - vpc_security_group_ids = ["${aws_security_group.external_connection_sg.id}"] + vpc_security_group_ids = ["${aws_security_group.external_connection_sg.id}", "${aws_security_group.internal_connection_sg.id}"] subnet_id = module.vpc.public_subnets[0] tags = var.tags diff --git a/Terraform/sg.tf b/Terraform/sg.tf index c48468c..a4bbea8 100644 --- a/Terraform/sg.tf +++ b/Terraform/sg.tf @@ -42,12 +42,22 @@ resource "aws_security_group" "internal_connection_sg" { vpc_id = module.vpc.vpc_id } -resource "aws_security_group_rule" "Internal_SSH" { - type = "ingress" - from_port = 22 - to_port = 22 - protocol = "tcp" - source_security_group_id = aws_security_group.external_connection_sg.id - description = "SSH" - security_group_id = aws_security_group.internal_connection_sg.id +resource "aws_security_group_rule" "Internal_ingress_SSH" { + type = "ingress" + from_port = 22 + to_port = 22 + protocol = "tcp" + self = true + description = "SSH" + security_group_id = aws_security_group.internal_connection_sg.id +} + +resource "aws_security_group_rule" "Internal_egress_SSH" { + type = "egress" + from_port = 22 + to_port = 22 + protocol = "tcp" + self = true + description = "SSH" + security_group_id = aws_security_group.internal_connection_sg.id } diff --git a/Terraform/vpc.tf b/Terraform/vpc.tf index e0442de..bc4b9a3 100644 --- a/Terraform/vpc.tf +++ b/Terraform/vpc.tf @@ -8,5 +8,9 @@ module "vpc" { private_subnets = var.vpc_private_subnets public_subnets = var.vpc_public_subnets + enable_nat_gateway = true + single_nat_gateway = true + one_nat_gateway_per_az = false + tags = var.tags } \ No newline at end of file From 1034cb983155bedcc18f91497aa5f8143484506d Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 12:27:27 +0700 Subject: [PATCH 14/28] readme --- Terraform/README.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/Terraform/README.md b/Terraform/README.md index c813ded..d35db26 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -5,7 +5,7 @@ This Terraform project sets up an Amazon Web Services (AWS) environment with the 1. **Virtual Private Cloud (VPC)**: A custom VPC with private and public subnets. 2. **Security Groups (SGs)**: - `external_connection_sg`: Allows inbound traffic on port 443 (HTTPS), port 22 (SSH) and ICMP (ping) from a private IP. - - `internal_connection_sg`: Allows inbound traffic on port 22 (SSH) from the `external_connection_sg`. + - `internal_connection_sg`: Allows inbound traffic on port 22 (SSH) from the `internal_connection_sg`. 3. **Key Pair**: - Generate Key Pair to enable SSH connection with instance 4. **EC2 Instance**: @@ -45,7 +45,9 @@ This Terraform project sets up an Amazon Web Services (AWS) environment with the - Name: `internal-connection-sg` - Description: Allows SSH traffic internally. - Ingress rule: - - SSH (port 22) from the `external-connection-sg`. + - SSH (port 22) from the `internal-connection-sg`. +- Egress rule: + - SSH (port 22) from the `internal-connection-sg`. ## Usage From 1e5e6c88b56fba9ee340c7a44fb54a45ba42a767 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:00:57 +0700 Subject: [PATCH 15/28] starting ansible playbook --- Ansible/devops.yaml | 6 ++++++ Ansible/hosts.yaml | 6 ++++++ 2 files changed, 12 insertions(+) create mode 100644 Ansible/devops.yaml create mode 100644 Ansible/hosts.yaml diff --git a/Ansible/devops.yaml b/Ansible/devops.yaml new file mode 100644 index 0000000..9bc8ebd --- /dev/null +++ b/Ansible/devops.yaml @@ -0,0 +1,6 @@ +- hosts: all + + vars: + + roles: + - geerlingguy.docker \ No newline at end of file diff --git a/Ansible/hosts.yaml b/Ansible/hosts.yaml new file mode 100644 index 0000000..6d10284 --- /dev/null +++ b/Ansible/hosts.yaml @@ -0,0 +1,6 @@ +ungrouped: + hosts: + 3.86.203.221: + vars: + ansible_user: "ubuntu" + ansible_ssh_private_key_file: "../Terraform/secret/devops_kp.pem" \ No newline at end of file From b3d7621a17b5353872e04d5b1963825aaa5ed0d6 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:16:10 +0700 Subject: [PATCH 16/28] added internet acces to instance to allow proper docker instilation --- Ansible/devops.yaml | 1 + Terraform/sg.tf | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/Ansible/devops.yaml b/Ansible/devops.yaml index 9bc8ebd..8911439 100644 --- a/Ansible/devops.yaml +++ b/Ansible/devops.yaml @@ -1,4 +1,5 @@ - hosts: all + become: true vars: diff --git a/Terraform/sg.tf b/Terraform/sg.tf index a4bbea8..8969d1c 100644 --- a/Terraform/sg.tf +++ b/Terraform/sg.tf @@ -36,6 +36,17 @@ resource "aws_security_group_rule" "ping" { security_group_id = aws_security_group.external_connection_sg.id } +resource "aws_security_group_rule" "internet" { + type = "egress" + from_port = 0 + to_port = 0 + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + description = "access out" + + security_group_id = aws_security_group.external_connection_sg.id +} + resource "aws_security_group" "internal_connection_sg" { name = "internal-connection-sg" description = "Allow SSH traffic internally" From b51071b20faf8f19937d1c5809aa91fdda80e33e Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:47:51 +0700 Subject: [PATCH 17/28] refactored requirements + renamed playbook --- Ansible/hosts.yaml | 2 +- Ansible/{devops.yaml => playbook.yaml} | 2 ++ Ansible/requirements.yaml | 1 + 3 files changed, 4 insertions(+), 1 deletion(-) rename Ansible/{devops.yaml => playbook.yaml} (66%) create mode 100644 Ansible/requirements.yaml diff --git a/Ansible/hosts.yaml b/Ansible/hosts.yaml index 6d10284..8ce003f 100644 --- a/Ansible/hosts.yaml +++ b/Ansible/hosts.yaml @@ -1,6 +1,6 @@ ungrouped: hosts: - 3.86.203.221: + : vars: ansible_user: "ubuntu" ansible_ssh_private_key_file: "../Terraform/secret/devops_kp.pem" \ No newline at end of file diff --git a/Ansible/devops.yaml b/Ansible/playbook.yaml similarity index 66% rename from Ansible/devops.yaml rename to Ansible/playbook.yaml index 8911439..ae2dec0 100644 --- a/Ansible/devops.yaml +++ b/Ansible/playbook.yaml @@ -2,6 +2,8 @@ become: true vars: + docker_users: + - "devops" roles: - geerlingguy.docker \ No newline at end of file diff --git a/Ansible/requirements.yaml b/Ansible/requirements.yaml new file mode 100644 index 0000000..6344df6 --- /dev/null +++ b/Ansible/requirements.yaml @@ -0,0 +1 @@ +- src: geerlingguy.docker \ No newline at end of file From ab877d61201224c6910931c8fb07d7dde1e2ae04 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:47:57 +0700 Subject: [PATCH 18/28] readme --- Ansible/README.md | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/Ansible/README.md b/Ansible/README.md index 967dfb1..fd510fb 100644 --- a/Ansible/README.md +++ b/Ansible/README.md @@ -1,3 +1,21 @@ -# DevOps-Exercise-Ansible -DevOps home Ansible task +# Ansible Configuration Manager +This Ansible project utilizes the `geerlingguy.docker` role to download Docker onto a selected host, create a new user and give it permissions to run Docker commands. + +## prerequisites + +1. Install Ansible + + +## Usage + +1. Navigate to project directory. +2. Edit `hosts.yaml`, replace `` with the IP of the instance that was outputed from the terraform. +3. Download required roles: + ```bash + aansible-galaxy install -r requirements.yml + ``` +4. Run the playbook with the following command: + ```bash + ansible-playbook -i hosts.yaml playbook.yaml + ``` \ No newline at end of file From d7cf7290a42093941c9f320a1f0bb22840ba1488 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:50:22 +0700 Subject: [PATCH 19/28] readme --- Ansible/README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Ansible/README.md b/Ansible/README.md index fd510fb..b8f311c 100644 --- a/Ansible/README.md +++ b/Ansible/README.md @@ -10,7 +10,9 @@ This Ansible project utilizes the `geerlingguy.docker` role to download Docker o ## Usage 1. Navigate to project directory. + 2. Edit `hosts.yaml`, replace `` with the IP of the instance that was outputed from the terraform. + 3. Download required roles: ```bash aansible-galaxy install -r requirements.yml From f4cab986efe24dc0e450e0bde9ee926f80d80cbb Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:53:42 +0700 Subject: [PATCH 20/28] readme --- Ansible/README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Ansible/README.md b/Ansible/README.md index b8f311c..3277514 100644 --- a/Ansible/README.md +++ b/Ansible/README.md @@ -1,8 +1,8 @@ # Ansible Configuration Manager -This Ansible project utilizes the `geerlingguy.docker` role to download Docker onto a selected host, create a new user and give it permissions to run Docker commands. +This Ansible project utilizes the `geerlingguy.docker` [role](https://galaxy.ansible.com/ui/standalone/roles/geerlingguy/docker/documentation/) to download Docker onto a selected host, create a new user and give it permissions to run Docker commands. -## prerequisites +## Prerequisites 1. Install Ansible From 3091661132fe074f6514983b0078c61fd6f3155f Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:57:25 +0700 Subject: [PATCH 21/28] readme --- Terraform/README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/Terraform/README.md b/Terraform/README.md index d35db26..df39937 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -3,19 +3,20 @@ This Terraform project sets up an Amazon Web Services (AWS) environment with the following components: 1. **Virtual Private Cloud (VPC)**: A custom VPC with private and public subnets. -2. **Security Groups (SGs)**: +2. **Internet Gateway**: Allows connection to the internet. +3. **Security Groups (SGs)**: - `external_connection_sg`: Allows inbound traffic on port 443 (HTTPS), port 22 (SSH) and ICMP (ping) from a private IP. - `internal_connection_sg`: Allows inbound traffic on port 22 (SSH) from the `internal_connection_sg`. -3. **Key Pair**: +4. **Key Pair**: - Generate Key Pair to enable SSH connection with instance -4. **EC2 Instance**: +5. **EC2 Instance**: - Launches a t3.micro EC2 instance in the public subnet. - Associates the `external_connection_sg` with the instance. - Associates the generated Key Pair with the instance. ## Prerequisites -1. Install Terraform: [Terraform Installation Guide](https://learn.hashicorp.com/tutorials/terraform/install-cli) +1. Install Terraform 2. Configure AWS credentials: Ensure your AWS access keys are set up. ## Variables From 6844171638ba538007b52314633a50dbbf9f89b8 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 13:59:23 +0700 Subject: [PATCH 22/28] readme --- Terraform/README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Terraform/README.md b/Terraform/README.md index df39937..0dac5f1 100644 --- a/Terraform/README.md +++ b/Terraform/README.md @@ -8,7 +8,8 @@ This Terraform project sets up an Amazon Web Services (AWS) environment with the - `external_connection_sg`: Allows inbound traffic on port 443 (HTTPS), port 22 (SSH) and ICMP (ping) from a private IP. - `internal_connection_sg`: Allows inbound traffic on port 22 (SSH) from the `internal_connection_sg`. 4. **Key Pair**: - - Generate Key Pair to enable SSH connection with instance + - Generate a Key Pair to enable SSH connection with instance + - Download private key file to use for SSH connection. 5. **EC2 Instance**: - Launches a t3.micro EC2 instance in the public subnet. - Associates the `external_connection_sg` with the instance. From 239d4ae99f215fe5e3a072bf4985f1aed92db73f Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 14:15:23 +0700 Subject: [PATCH 23/28] gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.gitignore b/.gitignore index d0f1344..f08a8de 100644 --- a/.gitignore +++ b/.gitignore @@ -5,6 +5,8 @@ *.tfstate *.tfstate.* +*.lock.* + # Crash log files crash.log crash.*.log From 9c47421de7c695df98224316b8ea1cf7523478c3 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 14:17:14 +0700 Subject: [PATCH 24/28] delete lock file from git --- Terraform/.terraform.lock.hcl | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/Terraform/.terraform.lock.hcl b/Terraform/.terraform.lock.hcl index 33cf4f8..ac7f51d 100644 --- a/Terraform/.terraform.lock.hcl +++ b/Terraform/.terraform.lock.hcl @@ -2,25 +2,25 @@ # Manual edits may be lost in future updates. provider "registry.terraform.io/hashicorp/aws" { - version = "5.58.0" - constraints = "~> 5.0" + version = "5.59.0" + constraints = "~> 5.0, >= 5.30.0" hashes = [ - "h1:dMyVBj7KKMblfLn6+aIP37jK/9HwfMtX9TJvzMjmz2s=", - "zh:15e9be54a8febe8e560362b10967cb60b680ca3f78fe207d7209b76e076f59d3", - "zh:240f6899a2cec259aa2729ce031f6af2b453f90a8b59118bb2571c54acc65db8", - "zh:2b6e8e2ab1a3dce1001503dba6086a128bb2a71652b0d0b3b107db665b7d6881", - "zh:579b0ed95247a0bd8bfb3fac7fb767547dde76026c578f4f184b5743af5e32cc", - "zh:6adcd10fd12be0be9eb78a89e745a5b77ae0d8b3522cd782456a71178aad8ccb", - "zh:7f829cef82f0a02faa97d0fbe1417a40b73fc5142e883b12eebc5b71015efac9", - "zh:81977f001998c9096f7b59710996e159774a9313c1bc03db3beb81c3e016ebef", + "h1:mfO15RYgLZVr1BJkGP1h6Y9e3nma35BwWOyN6ukM+SU=", + "zh:077f41a15057d01d833d7438322adf9b507d17ac0c8e1287430a305b6e609775", + "zh:130b112c85b67413bc65e95e5927188d8e41b45abd75350690b93d95771a587c", + "zh:16e97f1af67a5d4c6bf4f2df824a6a332b446be4516dd85a2e097317c959a174", + "zh:1cd7b0946eaf0fb11090710e9c774d22d90de0ca4516485253be96e332ebaf73", + "zh:2591d8a269014fb59111793cb8a175aafa12e370cd856fe2522577efbb72e5be", + "zh:3db5387ecc7da4e6a55a34877ea426ae87d10238bdbdf284a52e16b4be83302c", + "zh:78169400a85912d7f05fe99d4f3ba9a56871411442bdc133083dd657b18fae4e", "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:a5d98ac6fab6e6c85164ca7dd38f94a1e44bd70c0e8354c61f7fbabf698957cd", - "zh:c27fa4fed50f6f83ca911bef04f05d635a7b7a01a89dc8fc5d66a277588f08df", - "zh:d4042bdf86ca6dc10e0cca91c4fcc592b12572d26185b3d37bbbb9e2026ac68b", - "zh:d536482cf4ace0d49a2a86c931150921649beae59337d0c02a785879fe943cf3", - "zh:e205f8243274a621fb9ef2b5e2c71e84c1670be1d23697739439f5a831fa620f", - "zh:eb76ce0c77fd76c47f57122c91c4fcf0f72c01423538ed7833eaa7eeaae2edf6", - "zh:ffe04e494af6cc7348ceb8d85f4c1d5a847a44510827b4496513c810a4d9196d", + "zh:ad93fedbf1d2694faab6d793c6697ff5732449cdebacaa49acf6452c0c8e2ea0", + "zh:b8a2884858dde9d204dc6855903e3078a1c402485ae85b41c28e667f99a2a777", + "zh:bd3d4bd51172d08c0df277673a25fb3f0818ef47ef9f491b0c41e880b1dedce3", + "zh:d8e132bcafee2e69e21173fac409e4b99d8c81d60a7d25c58c379c67067dbf36", + "zh:eee5113ff29a42c5a75c83e9853e99a9b5c0ed066e36d6fe251083b19d38c7eb", + "zh:f0d8bcdb01d0fa0c9ed2ca8c198d4f11aabfd9d42fa239286b65ddcc6f606dfd", + "zh:f8ae46d14ec54c275e20f71d052f1b6af0cf948819b0667016045a6244edf292", ] } From 822a88ca7176a063af5f8b1b01f7a84b77d84e76 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 14:18:55 +0700 Subject: [PATCH 25/28] delete lock --- Terraform/.terraform.lock.hcl | 63 ----------------------------------- 1 file changed, 63 deletions(-) delete mode 100644 Terraform/.terraform.lock.hcl diff --git a/Terraform/.terraform.lock.hcl b/Terraform/.terraform.lock.hcl deleted file mode 100644 index ac7f51d..0000000 --- a/Terraform/.terraform.lock.hcl +++ /dev/null @@ -1,63 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.59.0" - constraints = "~> 5.0, >= 5.30.0" - hashes = [ - "h1:mfO15RYgLZVr1BJkGP1h6Y9e3nma35BwWOyN6ukM+SU=", - "zh:077f41a15057d01d833d7438322adf9b507d17ac0c8e1287430a305b6e609775", - "zh:130b112c85b67413bc65e95e5927188d8e41b45abd75350690b93d95771a587c", - "zh:16e97f1af67a5d4c6bf4f2df824a6a332b446be4516dd85a2e097317c959a174", - "zh:1cd7b0946eaf0fb11090710e9c774d22d90de0ca4516485253be96e332ebaf73", - "zh:2591d8a269014fb59111793cb8a175aafa12e370cd856fe2522577efbb72e5be", - "zh:3db5387ecc7da4e6a55a34877ea426ae87d10238bdbdf284a52e16b4be83302c", - "zh:78169400a85912d7f05fe99d4f3ba9a56871411442bdc133083dd657b18fae4e", - "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", - "zh:ad93fedbf1d2694faab6d793c6697ff5732449cdebacaa49acf6452c0c8e2ea0", - "zh:b8a2884858dde9d204dc6855903e3078a1c402485ae85b41c28e667f99a2a777", - "zh:bd3d4bd51172d08c0df277673a25fb3f0818ef47ef9f491b0c41e880b1dedce3", - "zh:d8e132bcafee2e69e21173fac409e4b99d8c81d60a7d25c58c379c67067dbf36", - "zh:eee5113ff29a42c5a75c83e9853e99a9b5c0ed066e36d6fe251083b19d38c7eb", - "zh:f0d8bcdb01d0fa0c9ed2ca8c198d4f11aabfd9d42fa239286b65ddcc6f606dfd", - "zh:f8ae46d14ec54c275e20f71d052f1b6af0cf948819b0667016045a6244edf292", - ] -} - -provider "registry.terraform.io/hashicorp/local" { - version = "2.5.1" - hashes = [ - "h1:tjcGlQAFA0kmQ4vKkIPPUC4it1UYxLbg4YvHOWRAJHA=", - "zh:0af29ce2b7b5712319bf6424cb58d13b852bf9a777011a545fac99c7fdcdf561", - "zh:126063ea0d79dad1f68fa4e4d556793c0108ce278034f101d1dbbb2463924561", - "zh:196bfb49086f22fd4db46033e01655b0e5e036a5582d250412cc690fa7995de5", - "zh:37c92ec084d059d37d6cffdb683ccf68e3a5f8d2eb69dd73c8e43ad003ef8d24", - "zh:4269f01a98513651ad66763c16b268f4c2da76cc892ccfd54b401fff6cc11667", - "zh:51904350b9c728f963eef0c28f1d43e73d010333133eb7f30999a8fb6a0cc3d8", - "zh:73a66611359b83d0c3fcba2984610273f7954002febb8a57242bbb86d967b635", - "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", - "zh:7ae387993a92bcc379063229b3cce8af7eaf082dd9306598fcd42352994d2de0", - "zh:9e0f365f807b088646db6e4a8d4b188129d9ebdbcf2568c8ab33bddd1b82c867", - "zh:b5263acbd8ae51c9cbffa79743fbcadcb7908057c87eb22fd9048268056efbc4", - "zh:dfcd88ac5f13c0d04e24be00b686d069b4879cc4add1b7b1a8ae545783d97520", - ] -} - -provider "registry.terraform.io/hashicorp/tls" { - version = "4.0.5" - hashes = [ - "h1:yLqz+skP3+EbU3yyvw8JqzflQTKDQGsC9QyZAg+S4dg=", - "zh:01cfb11cb74654c003f6d4e32bbef8f5969ee2856394a96d127da4949c65153e", - "zh:0472ea1574026aa1e8ca82bb6df2c40cd0478e9336b7a8a64e652119a2fa4f32", - "zh:1a8ddba2b1550c5d02003ea5d6cdda2eef6870ece86c5619f33edd699c9dc14b", - "zh:1e3bb505c000adb12cdf60af5b08f0ed68bc3955b0d4d4a126db5ca4d429eb4a", - "zh:6636401b2463c25e03e68a6b786acf91a311c78444b1dc4f97c539f9f78de22a", - "zh:76858f9d8b460e7b2a338c477671d07286b0d287fd2d2e3214030ae8f61dd56e", - "zh:a13b69fb43cb8746793b3069c4d897bb18f454290b496f19d03c3387d1c9a2dc", - "zh:a90ca81bb9bb509063b736842250ecff0f886a91baae8de65c8430168001dad9", - "zh:c4de401395936e41234f1956ebadbd2ed9f414e6908f27d578614aaa529870d4", - "zh:c657e121af8fde19964482997f0de2d5173217274f6997e16389e7707ed8ece8", - "zh:d68b07a67fbd604c38ec9733069fbf23441436fecf554de6c75c032f82e1ef19", - "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", - ] -} From 2f891bb6a29983acc00acc540408824bcc16a364 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 14:20:07 +0700 Subject: [PATCH 26/28] fixed gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index f08a8de..a685588 100644 --- a/.gitignore +++ b/.gitignore @@ -6,6 +6,7 @@ *.tfstate.* *.lock.* +.terraform.lock.* # Crash log files crash.log From 30dd63aad064eccedf0e41ddb1ab05d49e5deef1 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 19:35:14 +0700 Subject: [PATCH 27/28] readme --- Ansible/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Ansible/README.md b/Ansible/README.md index 3277514..a176cf8 100644 --- a/Ansible/README.md +++ b/Ansible/README.md @@ -15,7 +15,7 @@ This Ansible project utilizes the `geerlingguy.docker` [role](https://galaxy.ans 3. Download required roles: ```bash - aansible-galaxy install -r requirements.yml + ansible-galaxy install -r requirements.yml ``` 4. Run the playbook with the following command: ```bash From 22f51bf1d9ed03b395f49136d9a39b0e85234797 Mon Sep 17 00:00:00 2001 From: eitan-spitz Date: Sat, 20 Jul 2024 19:37:27 +0700 Subject: [PATCH 28/28] resdme --- Ansible/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Ansible/README.md b/Ansible/README.md index a176cf8..3d22501 100644 --- a/Ansible/README.md +++ b/Ansible/README.md @@ -19,5 +19,5 @@ This Ansible project utilizes the `geerlingguy.docker` [role](https://galaxy.ans ``` 4. Run the playbook with the following command: ```bash - ansible-playbook -i hosts.yaml playbook.yaml + ansible-playbook -i hosts.yaml playbook.yaml ``` \ No newline at end of file