Create self contained ec2

2023-09-11 19:51:26 +10:00 · 2023-09-11 19:51:26 +10:00 · e96b52b85f
commit e96b52b85f
parent ebac4004c9
8 changed files with 108 additions and 0 deletions
--- a/ec2ml/config.tf
+++ b/ec2ml/config.tf
@ -0,0 +1,6 @@
 provider "aws" {
    profile = "superuser"
    region = "ap-southeast-2"
 }
--- a/ec2ml/ec2.tf
+++ b/ec2ml/ec2.tf
@ -0,0 +1,40 @@
 resource "tls_private_key" "mlkey" {
  algorithm = "RSA"
  rsa_bits  = 4096
 }
 resource "aws_key_pair" "mlkey" {
  key_name   = "mlboxkey"
  public_key = tls_private_key.mlkey.public_key_openssh
  provisioner "local-exec" { 
    command = "echo '${tls_private_key.mlkey.private_key_pem}' > ./${var.output_ssh_key} & chmod 400 ${var.output_ssh_key}"
  }
 }
 data "aws_ami" "aws_linux_ami" {
  most_recent = true
  owners      = ["amazon"]
  filter {
    name   = "name"
    values = ["debian-12-amd64-*"]
  }
 }
 resource "aws_instance" "ml-box" {
    ami           = data.aws_ami.aws_linux_ami.id
    instance_type = var.instance_type
    key_name      = aws_key_pair.mlkey.key_name
    vpc_security_group_ids = [ aws_security_group.allow_tls.id ]
    tags = {
        Name = "terragenerated-simple-ec2"
    }
 }
 # resource "ansible_host" "ml-box" {
 #   name = aws_instance.ml-box.public-ip
 #   groups = [ ]
 # }
--- a/ec2ml/network.tf
+++ b/ec2ml/network.tf
@ -0,0 +1,43 @@
 resource "aws_security_group" "allow_tls" {
  name        = "allow_tls"
  description = "Allow TLS inbound traffic plys ssh"
  ingress {
    description      = "TLS from VPC"
    from_port        = 80
    to_port          = 80
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  ingress {
    description      = "TLS from VPC"
    from_port        = 8000
    to_port          = 8999
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  ingress {
    from_port        = 22
    to_port          = 22
    protocol         = "tcp"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  egress {
    from_port        = 0
    to_port          = 0
    protocol         = "-1"
    cidr_blocks      = ["0.0.0.0/0"]
    ipv6_cidr_blocks = ["::/0"]
  }
  tags = {
    Name = "allow_tls"
  }
 }
--- a/ec2ml/outputs.tf
+++ b/ec2ml/outputs.tf
@ -0,0 +1,9 @@
 output "ml-instance-url" {
  value = aws_instance.ml-box.public_dns
 }
 output "key" {
  value = tls_private_key.mlkey.public_key_openssh
  sensitive = true
 }
--- a/ec2ml/variables.tf
+++ b/ec2ml/variables.tf
@ -0,0 +1,7 @@
 variable "instance_type" {
  default = "t2.micro"
 }
 variable "output_ssh_key" {
    default = "my_ssh.pem"
 }
--- a/ec2ml/variables/prod.tfvars
+++ b/ec2ml/variables/prod.tfvars
@ -0,0 +1 @@
 instance_type = "g3.4xlarge"
--- a/ec2ml/variables/sample.tfvars
+++ b/ec2ml/variables/sample.tfvars
@ -0,0 +1 @@
 instance_type = 
--- a/ec2ml/variables/test.tfvars
+++ b/ec2ml/variables/test.tfvars
@ -0,0 +1 @@
 instance_type = "t2.micro"