3029fbb3f6
Moving fargate things to their own folder
2023-10-04 01:15:32 -07:00
caf09a63cb
More variable clean up for security groups
...
Removing traces from previous networking cleanout
2023-10-03 19:38:27 -07:00
e51ebc7251
Moving security groups out to their own folder as they are basically global to everything
2023-10-03 19:36:59 -07:00
609f9b3e7b
Moving networking code out into its own module
2023-10-03 19:07:06 -07:00
10ed1f1a98
Adding note regarding master record with special record
2023-09-30 16:26:17 -07:00
295f933d8a
Terraform code cleanup and final reduction of containers from 2 -> 1
...
Now able to serve multiple websites with 1 nginx container under an LB
Cost savings not massive but still noticable at this point considering
How low the cost is with this kind of setup
2023-09-10 16:25:21 -07:00
9ca3969a53
Ensuring public read access to all required public buckets
...
* Required to allow task containers to read from here without crazy auth on
nginx's part
2023-09-10 15:10:22 -07:00
d9e0e8c70b
Making public files for websites buckets public readable
2023-08-09 21:51:21 -07:00
87a549bc1f
* Load balancer components are now built dynamically for each domain
...
+ Increased health_check intervals
+ HTTPS default action is now a blank 400 page
+ Generating listener rules for beta proxy based on bucket names/domains
Using domain filters for this basically
* Dynamically attaching listener certificates
2023-03-10 21:37:35 -08:00
42e55f7313
Task definition now uses the correct image and env vars
...
Services are now mapped to their respective task definitions
2023-03-10 21:34:06 -08:00
28f8436768
Using new s3 access & secret key for s3 reader role
2023-03-10 21:33:24 -08:00
dfdc62f80c
Consolidating locals into one place
...
Also adding -input=false to Makefile
2023-03-10 21:32:56 -08:00
17d3f66073
Simplifying nginx vars
2023-03-06 18:35:07 -08:00
550cb2eb70
Removing unused infra structure, lowering cost with this commit
2023-03-06 15:51:43 -08:00
8f375def3b
Updating bucket names to include blog and resume
2023-02-28 21:04:26 -08:00
321734a453
Adding redirect for 80 which was causing issues on folder path calls to nginx
2023-02-14 18:52:23 -08:00
11ffc23871
Cleaning up DNS Records and updating certs to account for root domains
...
For now we're just going to worry about the main blog and resume.shockrah.xyz
In the reverse-proxy image
* Resume pipelines will not work in this state and will need way of updating
their part of the image for ECS to pull updates*
2023-02-11 20:56:52 -08:00
904b730362
blog.shockrah.xyz working at an infrastructure level now
...
Also updated the image so that it has the right baseURL
which gets configured during the service build ( Hugo )
2023-02-10 22:07:26 -08:00
53267daf99
Avoiding hard coded values and improving cluster name
2023-02-10 21:30:20 -08:00
1170e879f0
Consolidating roles for ecr and logging
2023-02-10 21:28:49 -08:00
5e978b5766
Creating s3 bucket for static content
2023-01-21 16:58:11 -08:00
57965a2a5a
Replacing target group with proper shockrah.xyz group
2023-01-10 00:28:27 -08:00
01e6d7f990
Attaching project-athen.xyz cert onto alpha LB SSL listener
2023-01-09 21:13:19 -08:00
8481a5f123
Creating base certificates for shockrah and project-athens.xyz
2023-01-09 21:12:19 -08:00
99bc6be5c9
Removing sample infra
2023-01-09 18:21:26 -08:00
f48eb9610b
Wildcard for sample project
2023-01-09 17:03:40 -08:00
bc096af870
Routing & TLS issues fixed with ACM
2023-01-02 19:10:08 -08:00
bdeb59e46d
Health problems finally solved with LB and fargate
2023-01-02 19:08:25 -08:00
edbb647c18
Adding DNS entry for alpha load balancer cert
2023-01-02 18:37:16 -08:00
f96f6569cf
Cert with load balancer listener
2023-01-02 18:36:48 -08:00
97205a216c
Cleaning up route53 entries
2022-12-27 22:03:46 -08:00
e2c4db294a
Renaming project-athens.xyz route53 config
2022-12-27 21:08:19 -08:00
dcd3da5e47
Removing custom health check for now
2022-12-27 21:06:20 -08:00
00edcc64af
Formatting and comments
2022-12-27 21:02:56 -08:00
52a9a94b32
Importing shockrah.xyz A records into terraform
2022-12-27 21:01:46 -08:00
f58fa4ae69
Adding shockrah.xyz public dns records
2022-12-27 20:45:32 -08:00
4e46f34440
Imported route53 zone + records
2022-12-27 17:33:23 -08:00
ae61177661
Alpha configuration which still wont register
2022-12-16 22:51:05 -08:00
c4e169efee
Tagging subnets
2022-12-16 22:50:45 -08:00
f47ce5e4ff
Adding fallback for port 80 on base ecs
2022-12-16 22:50:15 -08:00
6b0f985cd9
Adding generic health check for sample service
2022-12-16 22:49:55 -08:00
fafaae4ba7
Logging and role configuration speerated
2022-12-16 22:05:21 -08:00
791d950821
Moving prefix to vars file
2022-12-09 22:23:13 -08:00
4d15923af9
ALB requires two subnets to sit across
2022-12-09 22:23:04 -08:00
d4dae7618b
Hooking service to a load balancer
2022-12-09 22:22:47 -08:00
6212a7d8cc
Removing atlas host
2022-12-09 21:49:17 -08:00
9d426917f7
Working sample service with ECS
...
for now this is just a hello world service with a public IP
2022-12-09 20:55:30 -08:00
e830889432
Creating definition for alpha and lewdlad service
2022-12-06 19:53:48 -08:00
3ef52017c1
New version of alpha named atlas ready for provisioning
2022-10-29 15:50:40 -07:00
ae8816bbc6
* Better build scripts which are now source aware
2022-10-21 20:56:07 -07:00
92733f6613
* Moving to a remote backend in s3
2022-06-13 23:08:02 -07:00
acfd39be9b
+ Creating new volume for the photo/video gallery service
...
Service ware still needs to be defined but this is the only resource we need
to build out in order to have things be kosher
2022-06-12 21:34:39 -07:00
b9759b38f6
* Makefile now builds with new env vars
2022-04-22 22:41:00 -07:00
87f7daed2b
* Moving all vars to an input-vars.tf module
...
The idea with this is to centralize the variables so that they are
easier to find and configure. The old way was scattered and lead to
being unclear. There is also much more documentation added with this
patch for clarity-sake
2022-04-22 22:31:28 -07:00
shockrah
92a450927d
- Removing tons of complexity and removing cost overall
...
! Down to just 2 public servers for now because why tf now servers
2021-12-03 21:25:51 -08:00
shockrah
93db017030
!* Fixing target cidr_blocks: internal_ssh_recv & gamma_sec
...
With this gamma can now talk to all servers correctly
2021-11-28 15:25:35 -08:00
shockrah
3dd15a4bb8
+ Olympus subnet definition
2021-11-28 15:24:44 -08:00
shockrah
17c1e3467b
* Fixing NAT gateway for proper usage from crete members
...
With this patch members of Crete can now get system patches
2021-11-28 15:24:26 -08:00
shockrah
157e2db453
* Private ip's now adhere to new subnets
2021-11-28 15:23:44 -08:00
shockrah
86a0122042
+ Demeter EIP, and NAT Gateway for private instances
...
* Updating naming scheme in gateway.tf & route-table.tf
Should be more clear what each block is meant for
2021-11-26 22:03:36 -08:00
shockrah
f6cc1605ca
* Fixing private IP's to range 151-154
...
From Alpha -> Sigma
2021-11-25 21:29:13 -08:00
shockrah
82d039369c
!+ Sigma Instance
...
This will be the web host reverse proxy (for alpha & beta)
!+ More sec groups for port 80 for apt's request fallback
Only because Apt blows
* Renaming sec-group::basic_web_sec -> sec-group::general_web_req
Should be clearer w/ this rename
2021-11-25 20:44:00 -08:00
shockrah
38a8e79744
+ Gamma definition
...
+ Playbook for docker host
Infra host definitions are all in place however a proper gateway setup
is required since we're going to try and share a single elastic ip for the two
web servers
2021-11-25 01:09:29 -08:00
shockrah
44bb460afc
+ vpc id to sec groups
2021-11-25 00:11:51 -08:00
shockrah
fbf6016d14
? yea idk either
2021-11-25 00:10:07 -08:00
shockrah
314e86704f
+ Names to our two main hosts
2021-11-25 00:09:40 -08:00
shockrah
8b1d576bfb
!+ Creating infra points for internet access on Crete subnet
...
With this patch members of the Crete subnet will be able to
properly access the outside world which is required for these
services to function as intended.
2021-11-24 21:14:23 -08:00
shockrah
86df303630
+ Makefile for infra
...
Terraform commands give me eye cancer so
I'm putting this here for ease of use
2021-11-24 20:58:26 -08:00
shockrah
8f5ff2aff3
! Baseline Terraform configuration(no EIP yet)
...
Major components are scripted out here however a
gateway + EIP still need to be configured for full
base level infra "doneness"
2021-11-24 20:44:32 -08:00
