You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

233 lines
6.5 KiB

  1. AWSTemplateFormatVersion: 2010-09-09
  2. Description: AWS CloudFormation Template for doccano.
  3. Resources:
  4. AppSG:
  5. Type: 'AWS::EC2::SecurityGroup'
  6. Properties:
  7. GroupDescription: 'for the app nodes that allow ssh, http and docker ports'
  8. SecurityGroupIngress:
  9. - IpProtocol: tcp
  10. FromPort: '80'
  11. ToPort: '80'
  12. CidrIp: 0.0.0.0/0
  13. - IpProtocol: tcp
  14. FromPort: '443'
  15. ToPort: '443'
  16. CidrIp: 0.0.0.0/0
  17. - IpProtocol: tcp
  18. FromPort: '22'
  19. ToPort: '22'
  20. CidrIp: 0.0.0.0/0
  21. Metadata:
  22. 'AWS::CloudFormation::Designer':
  23. id: 116a7f7b-14c5-489a-a3c8-faf276be7ab0
  24. App:
  25. Type: 'AWS::EC2::Instance'
  26. Properties:
  27. InstanceType: !Ref InstanceType
  28. ImageId: !Ref Ubuntu16Ami
  29. KeyName: !Ref KeyName
  30. SecurityGroups:
  31. - !Ref AppSG
  32. UserData: !Base64
  33. 'Fn::Join':
  34. - ''
  35. - - |
  36. #!/usr/bin/env bash
  37. - |
  38. sudo apt update
  39. - >
  40. sudo apt install -y apt-transport-https ca-certificates curl
  41. software-properties-common
  42. - >
  43. curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo
  44. apt-key add -
  45. - >
  46. sudo add-apt-repository "deb [arch=amd64]
  47. https://download.docker.com/linux/ubuntu bionic stable"
  48. - |
  49. sudo apt update
  50. - |
  51. apt-cache policy docker-ce
  52. - |
  53. sudo apt install -y docker-ce
  54. - |
  55. sudo usermod -aG docker ${USER}
  56. - |
  57. touch /env.list
  58. - sudo tee -a /env.list <<< ADMIN=
  59. - !Ref AdminUserName
  60. - |+
  61. - sudo tee -a /env.list <<< EMAIL=
  62. - !Ref AdminEmail
  63. - |+
  64. - sudo tee -a /env.list <<< PASSWORD=
  65. - !Ref AdminPassword
  66. - |+
  67. - sudo tee -a /env.list <<< DEBUG=
  68. - !Ref Debug
  69. - |+
  70. - sudo tee -a /env.list <<< SECRET_KEY=
  71. - !Ref SecretKey
  72. - |+
  73. - |
  74. set -a
  75. - |
  76. source /env.list
  77. - |
  78. set +a
  79. - |
  80. sudo docker pull doccano/doccano:latest
  81. - >
  82. sudo docker run -d --name doccano --env-file /env.list -p 80:8000
  83. doccano/doccano:latest
  84. - >
  85. sudo docker exec doccano tools/create-admin.sh ${ADMIN} ${EMAIL}
  86. ${PASSWORD}
  87. Metadata:
  88. 'AWS::CloudFormation::Designer':
  89. id: 3547c02e-5393-4b26-a9af-6f00dc2cbcdb
  90. DescribeImagesRole:
  91. Type: AWS::IAM::Role
  92. Properties:
  93. AssumeRolePolicyDocument:
  94. Version: '2012-10-17'
  95. Statement:
  96. - Action: sts:AssumeRole
  97. Effect: Allow
  98. Principal:
  99. Service: lambda.amazonaws.com
  100. ManagedPolicyArns:
  101. - arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
  102. Policies:
  103. - PolicyName: DescribeImages
  104. PolicyDocument:
  105. Version: '2012-10-17'
  106. Statement:
  107. - Action: ec2:DescribeImages
  108. Effect: Allow
  109. Resource: "*"
  110. GetLatestAMI:
  111. Type: AWS::Lambda::Function
  112. Properties:
  113. Runtime: python3.6
  114. Handler: index.handler
  115. Role: !Sub ${DescribeImagesRole.Arn}
  116. Timeout: 60
  117. Code:
  118. ZipFile: |
  119. import boto3
  120. import cfnresponse
  121. import json
  122. import traceback
  123. def handler(event, context):
  124. try:
  125. response = boto3.client('ec2').describe_images(
  126. Owners=[event['ResourceProperties']['Owner']],
  127. Filters=[
  128. {'Name': 'name', 'Values': [event['ResourceProperties']['Name']]},
  129. {'Name': 'architecture', 'Values': [event['ResourceProperties']['Architecture']]},
  130. {'Name': 'root-device-type', 'Values': ['ebs']},
  131. ],
  132. )
  133. amis = sorted(response['Images'],
  134. key=lambda x: x['CreationDate'],
  135. reverse=True)
  136. id = amis[0]['ImageId']
  137. cfnresponse.send(event, context, cfnresponse.SUCCESS, {}, id)
  138. except:
  139. traceback.print_last()
  140. cfnresponse.send(event, context, cfnresponse.FAIL, {}, "ok")
  141. Ubuntu16Ami:
  142. Type: Custom::FindAMI
  143. Properties:
  144. ServiceToken: !Sub ${GetLatestAMI.Arn}
  145. Owner: "099720109477"
  146. Name: "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20190913"
  147. Architecture: "x86_64"
  148. Metadata:
  149. 'AWS::CloudFormation::Designer':
  150. 116a7f7b-14c5-489a-a3c8-faf276be7ab0:
  151. size:
  152. width: 60
  153. height: 60
  154. position:
  155. x: 60
  156. 'y': 210
  157. z: 1
  158. embeds: []
  159. 3547c02e-5393-4b26-a9af-6f00dc2cbcdb:
  160. size:
  161. width: 60
  162. height: 60
  163. position:
  164. x: 180
  165. 'y': 210
  166. z: 1
  167. embeds: []
  168. isassociatedwith:
  169. - 116a7f7b-14c5-489a-a3c8-faf276be7ab0
  170. Parameters:
  171. InstanceType:
  172. Description: Server EC2 instance type
  173. Type: String
  174. Default: t2.micro
  175. AllowedValues:
  176. - t1.micro
  177. - t2.micro
  178. - t2.small
  179. - t2.medium
  180. - t3.micro
  181. - t3.small
  182. - t3.medium
  183. ConstraintDescription: must be a valid EC2 instance type.
  184. KeyName:
  185. Description: Name of an EC2 KeyPair to enable SSH access to the instance.
  186. Type: 'AWS::EC2::KeyPair::KeyName'
  187. ConstraintDescription: must be the name of an existing EC2 KeyPair.
  188. AdminUserName:
  189. Description: The admin account user name
  190. Type: String
  191. MinLength: 1
  192. MaxLength: 16
  193. AllowedPattern: '[a-zA-Z][a-zA-Z0-9]*'
  194. AdminEmail:
  195. Default: admin@gmail.com
  196. Description: The admin account user email
  197. Type: String
  198. AllowedPattern: '^[\x20-\x45]?[\w-\+]+(\.[\w]+)*@[\w-]+(\.[\w]+)*(\.[a-z]{2,})$'
  199. AdminPassword:
  200. Description: The admin account password
  201. Type: String
  202. NoEcho: true
  203. MinLength: 1
  204. MaxLength: 16
  205. AllowedPattern: '^[a-zA-Z0-9]*$'
  206. Debug:
  207. Default: 'False'
  208. AllowedValues:
  209. - 'False'
  210. - 'True'
  211. Description: Debug mode or not
  212. Type: String
  213. AllowedPattern: '^[a-zA-Z0-9]*$'
  214. SecretKey:
  215. Default: zICc59rlKXmlFRpG
  216. Description: Secret key for Django
  217. Type: String
  218. AllowedPattern: '^[a-zA-Z0-9]*$'
  219. Outputs:
  220. PublicDNS:
  221. Value: !GetAtt
  222. - App
  223. - PublicDnsName
  224. Description: Newly created server DNS address