diff --git a/src/deployment/cloudformation-template.json b/src/deployment/cloudformation-template.json new file mode 100644 index 00000000..302cd57b --- /dev/null +++ b/src/deployment/cloudformation-template.json @@ -0,0 +1,189 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "A CloudFormation template for deploying the Airseeker v2 on AWS", + "Resources": { + "CloudWatchLogsGroup": { + "Type": "AWS::Logs::LogGroup", + "Properties": { + "LogGroupName": "AirseekerLogGroup", + "RetentionInDays": 7 + } + }, + "AppDefinition": { + "Type": "AWS::ECS::TaskDefinition", + "Properties": { + "NetworkMode": "awsvpc", + "Cpu": 256, + "Memory": 512, + "ExecutionRoleArn": { + "Ref": "ECSTaskRole" + }, + "RequiresCompatibilities": ["FARGATE"], + "ContainerDefinitions": [ + { + "Name": "AirseekerContainer", + "Image": "", + "Environment": [ + { + "Name": "SECRETS_ENV", + "Value": { + "Fn::Join": ["", ["WALLET_MNEMONIC", "=", ""]] + } + }, + { + "Name": "LOG_LEVEL", + "Value": "debug" + } + ], + "EntryPoint": [ + "/bin/sh", + "-c", + "echo -e $SECRETS_ENV >> ./config/secrets.env && wget -O - >> ./config/airseeker.json && node dist/index.js" + ], + "LogConfiguration": { + "LogDriver": "awslogs", + "Options": { + "awslogs-group": { + "Ref": "CloudWatchLogsGroup" + }, + "awslogs-region": { + "Ref": "AWS::Region" + }, + "awslogs-stream-prefix": "airseeker-" + } + } + } + ] + } + }, + "AppCluster": { + "Type": "AWS::ECS::Cluster", + "Properties": { + "ClusterName": "AirseekerCluster-" + } + }, + "AppService": { + "Type": "AWS::ECS::Service", + "Properties": { + "Cluster": { + "Ref": "AppCluster" + }, + "ServiceName": "AirseekerService", + "DesiredCount": 1, + "LaunchType": "FARGATE", + "TaskDefinition": { + "Ref": "AppDefinition" + }, + "NetworkConfiguration": { + "AwsvpcConfiguration": { + "AssignPublicIp": "ENABLED", + "Subnets": [ + { + "Ref": "InstanceSubnet" + } + ] + } + }, + "DeploymentConfiguration": { + "MinimumHealthyPercent": 100, + "MaximumPercent": 200 + } + } + }, + "InstanceVPC": { + "Type": "AWS::EC2::VPC", + "Properties": { + "CidrBlock": "10.0.0.0/16", + "EnableDnsSupport": true, + "EnableDnsHostnames": true + } + }, + "InstanceInternetGateway": { + "Type": "AWS::EC2::InternetGateway" + }, + "InstanceVPCGatewayAttachment": { + "Type": "AWS::EC2::VPCGatewayAttachment", + "Properties": { + "VpcId": { + "Ref": "InstanceVPC" + }, + "InternetGatewayId": { + "Ref": "InstanceInternetGateway" + } + } + }, + "InstancePublicRouteTable": { + "Type": "AWS::EC2::RouteTable", + "Properties": { + "VpcId": { + "Ref": "InstanceVPC" + } + } + }, + "InstancePublicRoute": { + "Type": "AWS::EC2::Route", + "DependsOn": "InstanceVPCGatewayAttachment", + "Properties": { + "RouteTableId": { + "Ref": "InstancePublicRouteTable" + }, + "DestinationCidrBlock": "0.0.0.0/0", + "GatewayId": { + "Ref": "InstanceInternetGateway" + } + } + }, + "InstanceSubnet": { + "Type": "AWS::EC2::Subnet", + "Properties": { + "CidrBlock": "10.0.0.0/24", + "VpcId": { + "Ref": "InstanceVPC" + }, + "MapPublicIpOnLaunch": true + } + }, + "InstancePublicSubnet1RouteTableAssociation": { + "Type": "AWS::EC2::SubnetRouteTableAssociation", + "Properties": { + "RouteTableId": { + "Ref": "InstancePublicRouteTable" + }, + "SubnetId": { + "Ref": "InstanceSubnet" + } + } + }, + "ECSTaskRole": { + "Type": "AWS::IAM::Role", + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": { + "Effect": "Allow", + "Principal": { + "Service": ["ecs-tasks.amazonaws.com"] + }, + "Action": ["sts:AssumeRole"] + } + }, + "Policies": [ + { + "PolicyName": "ECSTaskExecutionRolePolicy", + "PolicyDocument": { + "Statement": { + "Effect": "Allow", + "Action": [ + "logs:CreateLogGroup", + "logs:CreateLogStream", + "logs:DescribeLogStreams", + "logs:PutLogEvents" + ], + "Resource": "*" + } + } + } + ] + } + } + } +}