avnertzur · shahares · Jul 20, 2024
diff --git a/Ansible/README.md b/Ansible/README.md
@@ -1,3 +1,27 @@
-# DevOps-Exercise-Ansible
-DevOps home Ansible task
+# Ansible Playbook for Setting Up Docker with devops user permission on Ubuntu 22.04
 
+This Ansible playbook automates the setup of Docker and a user named `devops` on an Ubuntu 22.04 server. The playbook performs the following tasks:
+
+1. Updates the APT package index.
+2. Installs Docker.
+3. Creates a new user named `devops`.
+4. Adds the `devops` user to the `docker` group.
+
+## Requirements
+
+- Ansible 2.9 or higher.
+- SSH access to the target Ubuntu 22.04 server.
+- Private key for SSH authentication (default: `~/.ssh/id_rsa`).
+
+## Usage
+
+1. **Save the Playbook**
+
+   Save the provided playbook to a file named `playbook.yml`.
+
+2. **Run the Playbook**
+
+   Execute the following command to run the playbook:
+
+   ```bash
+   ansible-playbook -i <ec2_publicIP>, -u ubuntu --private-key <local_private_key_path> playbook.yml
diff --git a/Ansible/playbook.yml b/Ansible/playbook.yml
@@ -0,0 +1,26 @@
+---
+- name: Setup Docker and user on Ubuntu 22.04
+  hosts: all
+  become: yes
+
+  tasks:
+    - name: Update apt package index
+      apt:
+        update_cache: yes
+
+    - name: Install Docker
+      apt:
+        name: docker.io
+        state: present
+
+    - name: Create a new user called 'devops'
+      user:
+        name: devops
+        state: present
+        create_home: yes
+
+    - name: Add 'devops' user to the 'docker' group
+      user:
+        name: devops
+        groups: docker
+        append: yes
diff --git a/Terraform/README.md b/Terraform/README.md
@@ -1,3 +1,104 @@
-# DevOps-Exercise-Terraform
-DevOps home Terraform task
+# DevOps-Exercise Task 1 - Terraform:
 
+This Terraform project sets up a VPC in AWS with an Internet Gateway, two subnets (internal and external), security groups, and an EC2 instance. The EC2 instance is configured to use an SSH key pair and allows specific inbound traffic.
+
+## Table of Contents
+
+1. [Files Overview](#files-overview)
+2. [Prerequisites](#prerequisites)
+3. [Usage](#usage)
+4. [Outputs](#outputs)
+5. [Variables](#variables)
+
+## Files Overview
+
+### network.tf
+
+This file contains the configuration for:
+
+- **VPC**: Creates a VPC with CIDR block `10.42.0.0/16`.
+- **Internet Gateway**: Attaches an Internet Gateway to the VPC.
+- **Subnets**: Creates two subnets (internal and external) within the VPC.
+- **Route Tables**: Associates route tables with the internal and external subnets.
+
+### instance.tf
+
+This file contains the configuration for:
+
+- **EC2 Instance**: Launches an EC2 instance in the external subnet, associates it with a security group, and sets up SSH access using a provided public key.
+
+### sg.tf
+
+This file contains the configuration for:
+
+- **Security Groups**: Creates security groups for the internal and external subnets, allowing specific inbound and outbound traffic.
+
+### variables.tf
+
+This file defines variables used throughout the project:
+
+- **public_key_path**: Path to the SSH public key.
+- **user_public_ip**: Public IP address of the user.
+
+## Prerequisites
+
+- [Terraform](https://www.terraform.io/downloads.html) installed.
+- AWS account with appropriate permissions to create VPCs, subnets, security groups, and EC2 instances.
+- SSH public key available locally.
+
+## Usage
+
+1. **Clone the repository:**
+
+    ```sh
+    git clone <repository_url>
+    cd <repository_directory>
+    ```
+
+2. **Initialize Terraform:**
+
+    ```sh
+    terraform init
+    ```
+
+3. **Configure Variables:**
+
+   You will be prompted to enter the path to your SSH public key and your public IP address. Alternatively, you can create a `terraform.tfvars` file with the following content:
+
+    ```hcl
+    public_key_path = "/path/to/your/public/key"
+    user_public_ip = "your_public_ip"
+    ```
+
+4. **Apply the configuration:**
+
+    ```sh
+    terraform apply
+    ```
+
+   Confirm the apply step with `yes` when prompted.
+
+5. **Destroy the resources:**
+
+   If you want to destroy the resources created by Terraform:
+
+    ```sh
+    terraform destroy
+    ```
+
+   Confirm the destroy step with `yes` when prompted.
+
+## Outputs
+
+- **instance_public_ip**: The public IP address of the EC2 instance.
+
+## Variables
+
+- **public_key_path**: Enter full path to your public key. Defaults to `~/.ssh/id_rsa.pub` if left empty.
+- **user_public_ip**: Enter your home public IP address. Must not be empty.
+
+### Example `terraform.tfvars` File
+
+```hcl
+public_key_path = "~/.ssh/id_rsa.pub"
+user_public_ip = "89.138.152.84"
diff --git a/Terraform/instance.tf b/Terraform/instance.tf
@@ -0,0 +1,26 @@
+# EC2 Instance
+resource "aws_instance" "my_instance" {
+  ami                          = "ami-0a0e5d9c7acc336f1"
+  instance_type                = "t2.micro"
+  subnet_id                    = aws_subnet.external.id
+  vpc_security_group_ids       = [aws_security_group.external_sg.id]
+  associate_public_ip_address  = true
+
+  user_data = <<-EOF
+              #!/bin/bash
+              mkdir -p /home/ubuntu/.ssh
+              echo "${file("${local.effective_public_key_path}")}" >> /home/ubuntu/.ssh/authorized_keys
+              chown -R ubuntu:ubuntu /home/ubuntu/.ssh
+              chmod 700 /home/ubuntu/.ssh
+              chmod 600 /home/ubuntu/.ssh/authorized_keys
+              EOF
+
+  tags = {
+    Name = "my_instance"
+  }
+}
+
+# Output the public IP
+output "instance_public_ip" {
+  value = aws_instance.my_instance.public_ip
+}
diff --git a/Terraform/network.tf b/Terraform/network.tf
@@ -0,0 +1,58 @@
+# VPC
+resource "aws_vpc" "my_vpc" {
+  cidr_block = "10.42.0.0/16"
+  tags = {
+    Name = "my_vpc"
+  }
+}
+
+# Internet Gateway
+resource "aws_internet_gateway" "my_igw" {
+  vpc_id = aws_vpc.my_vpc.id
+  tags = {
+    Name = "my_igw"
+  }
+}
+
+# Internal Subnet
+resource "aws_subnet" "internal" {
+  vpc_id            = aws_vpc.my_vpc.id
+  cidr_block        = "10.42.1.0/24"
+  availability_zone = "us-east-1a"
+  tags = {
+    Name = "internal_subnet"
+  }
+}
+
+# External Subnet
+resource "aws_subnet" "external" {
+  vpc_id            = aws_vpc.my_vpc.id
+  cidr_block        = "10.42.2.0/24"
+  availability_zone = "us-east-1a"
+  tags = {
+    Name = "external_subnet"
+  }
+}
+
+resource "aws_route_table" "internal" {
+  vpc_id = aws_vpc.my_vpc.id
+}
+
+resource "aws_route_table_association" "internal" {
+  subnet_id      = aws_subnet.internal.id
+  route_table_id = aws_route_table.internal.id
+}
+
+resource "aws_route_table" "external" {
+  vpc_id = aws_vpc.my_vpc.id
+
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.my_igw.id
+  }
+}
+
+resource "aws_route_table_association" "external" {
+  subnet_id      = aws_subnet.external.id
+  route_table_id = aws_route_table.external.id
+}
diff --git a/Terraform/provider.tf b/Terraform/provider.tf
@@ -0,0 +1,3 @@
+provider "aws" {
+  region = "us-east-1"
+}
diff --git a/Terraform/sg.tf b/Terraform/sg.tf
@@ -0,0 +1,66 @@
+# Security Group for External Subnet
+resource "aws_security_group" "external_sg" {
+  vpc_id = aws_vpc.my_vpc.id
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["${var.user_public_ip}/32"]
+  }
+
+  ingress {
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["${var.user_public_ip}/32"]
+  }
+
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["${var.user_public_ip}/32"]
+  }
+
+  ingress {
+    from_port   = -1
+    to_port     = -1
+    protocol    = "icmp"
+    cidr_blocks = ["${var.user_public_ip}/32"]
+  }
+
+  tags = {
+    Name = "external_sg"
+  }
+}
+
+# Security Group for Internal Subnet
+resource "aws_security_group" "internal_sg" {
+  vpc_id = aws_vpc.my_vpc.id
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port        = 22
+    to_port          = 22
+    protocol         = "tcp"
+    security_groups  = [aws_security_group.external_sg.id]
+  }
+
+  tags = {
+    Name = "internal_sg"
+  }
+}
diff --git a/Terraform/variables.tf b/Terraform/variables.tf
@@ -0,0 +1,21 @@
+# Define variable for public key path
+variable "public_key_path" {
+  description = "Enter full path to your public key , press Enter to use default common path ( ~/.ssh/id_rsa.pub)"
+  type        = string
+}
+
+# Define a local value to determine the effective public key path
+locals {
+  effective_public_key_path = var.public_key_path != "" ? var.public_key_path : "~/.ssh/id_rsa.pub"
+}
+
+# Define variable for public IP address
+variable "user_public_ip" {
+  description = "Enter your public IP address"
+  type        = string
+
+  validation {
+    condition = length(trimspace(var.user_public_ip)) > 0
+    error_message = "Public IP address must not be empty."
+  }
+}