-
Notifications
You must be signed in to change notification settings - Fork 0
/
build.sh
executable file
·115 lines (90 loc) · 3.08 KB
/
build.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/usr/bin/env bash
KEY_NAME=$(jq -r .KEY_NAME config.json)
SUBNET_ID=$(jq -r .SUBNET_ID config.json)
echo "Creating EC2 Key Pair..."
aws ec2 create-key-pair \
--key-name $KEY_NAME \
> key-output.json
KEY_ID=$(jq -r .KeyPairId key-output.json)
jq -r .KeyMaterial key-output.json > key.pem
VPC_ID=$(aws ec2 describe-subnets | jq -r ".Subnets[] | select(.SubnetId==\"$SUBNET_ID\") | .VpcId")
echo "Found VPC ID for $SUBNET_ID: $VPC_ID"
echo "Creating EC2 Security Group..."
aws ec2 create-security-group \
--group-name reverse-proxy \
--description reverse-proxy \
--vpc-id $VPC_ID \
> sg-output.json
SG_ID=$(jq -r .GroupId sg-output.json)
CIDR=$(curl -s https://checkip.amazonaws.com)/32
echo "Configuring EC2 Security Group..."
aws ec2 authorize-security-group-ingress \
--group-id $SG_ID \
--protocol tcp \
--port 22 \
--cidr $CIDR \
--no-cli-pager
aws ec2 authorize-security-group-ingress \
--group-id $SG_ID \
--protocol tcp \
--port 80 \
--cidr 0.0.0.0/0 \
--no-cli-pager
jq -c '.PORTS[]' config.json | while read item; do
in_port=$(jq --raw-output '.in' <<< "$item")
aws ec2 authorize-security-group-ingress \
--group-id $SG_ID \
--protocol tcp \
--port $in_port \
--cidr 0.0.0.0/0 \
--no-cli-pager
done
echo "Starting EC2 Instance..."
aws ec2 run-instances \
--image-id resolve:ssm:/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2 \
--count 1 \
--instance-type t2.micro \
--key-name $KEY_NAME \
--security-group-ids $SG_ID \
--subnet-id $SUBNET_ID \
> ec2-output.json
EC2_ID=$(jq -r '.Instances[0].InstanceId' ec2-output.json)
echo "Waiting for Instance to Start..."
aws ec2 wait instance-status-ok --instance-ids $EC2_ID
EC2_PUBLIC=$(aws ec2 describe-instances --instance-ids $EC2_ID | jq -r ".Reservations[].Instances[].PublicDnsName")
echo "Instance is running; public DNS is: $EC2_PUBLIC"
cat << EOF > resources.json
{
"EC2_PUBLIC": "$EC2_PUBLIC",
"EC2_ID": "$EC2_ID",
"KEY_ID": "$KEY_ID",
"SG_ID": "$SG_ID"
}
EOF
echo "Configuring HAProxy..."
chmod 600 key.pem
ssh -o 'StrictHostKeyChecking=no' -i key.pem ec2-user@$EC2_PUBLIC 'sudo yum install haproxy -y'
rm -rf haproxy.cfg
cp haproxy.base.cfg haproxy.cfg
jq -c '.PORTS[]' config.json | while read item; do
echo -en '\n' >> haproxy.cfg
read -a strarr <<< "$arg"
inport=${strarr[0]}
outport=${strarr[1]}
localport=${strarr[2]}
name=${strarr[3]}
cat << EOF >> haproxy.cfg
frontend frontend_$name
bind :$inport
default_backend backend_$name
backend backend_$name
server server_$name localhost:$outport
EOF
done
scp -i key.pem haproxy.cfg ec2-user@$EC2_PUBLIC:/home/ec2-user
ssh -i key.pem ec2-user@$EC2_PUBLIC 'sudo cp /etc/haproxy/haproxy.cfg /etc/haproxy/haproxy.cfg.old && sudo rm -rf /etc/haproxy/haproxy.cfg'
ssh -i key.pem ec2-user@$EC2_PUBLIC 'sudo cp /home/ec2-user/haproxy.cfg /etc/haproxy/haproxy.cfg'
echo "Starting HAProxy..."
ssh -i key.pem ec2-user@$EC2_PUBLIC 'sudo service haproxy start'
ssh -i key.pem ec2-user@$EC2_PUBLIC 'sudo service haproxy status'
echo "Proxy is ready!"