From eb8c365d4778cde580769a35dab125a378ddd97e Mon Sep 17 00:00:00 2001 From: Andy Miles Date: Sun, 17 Nov 2024 12:25:27 -0800 Subject: [PATCH] changed flask run command --- terraform/main.tf | 105 +++++++++++++++++++++++++++++++++++++--------- 1 file changed, 85 insertions(+), 20 deletions(-) diff --git a/terraform/main.tf b/terraform/main.tf index 4971f98..4ba8bba 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -6,35 +6,88 @@ resource "aws_instance" "py_server" { ami = "ami-0709112b97e5accb1" instance_type = "t2.micro" vpc_security_group_ids = [aws_security_group.allow_app.id] + + # Add IAM role if needed + # iam_instance_profile = aws_iam_instance_profile.ec2_profile.name + user_data = <<-EOF - #!/bin/bash - exec > /var/log/user-data.log 2>&1 - set -x - - yum update -y - yum install -y python3 python3-pip git curl - export PATH="\$HOME/.local/bin:\$PATH" - pip3 install --user poetry - mkdir -p /app - cd /app - - git clone https://github.com/proquickly/tfgha.git - - # chmod +x /app/tfgha/bin/deploy - cd tfgha - poetry install - poetry lock - #poetry run python3 /app/tfgha/src/tfgha/app.py - poetry run FLASK_APP=/app/tfgha/src/tfgha/app.py flask run --host=0.0.0.0 --port=5000 - EOF + #!/bin/bash + exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1 + + # Update system + yum update -y + yum install -y python3 python3-pip git curl + + # Install system dependencies + yum install -y python3-devel gcc + + # Create app user + useradd -m -s /bin/bash appuser + + # Set up application directory + mkdir -p /app + chown appuser:appuser /app + + # Switch to app user + su - appuser << 'EOSU' + # Set up Python environment + python3 -m pip install --user poetry + export PATH="$HOME/.local/bin:$PATH" + + # Clone and set up application + cd /app + git clone https://github.com/proquickly/tfgha.git + cd tfgha + + # Install dependencies + $HOME/.local/bin/poetry install + $HOME/.local/bin/poetry lock + + # Create systemd service file + sudo tee /etc/systemd/system/flask-app.service << 'EOF2' + [Unit] + Description=Flask Application + After=network.target + + [Service] + User=appuser + WorkingDirectory=/app/tfgha + Environment="PATH=/home/appuser/.local/bin:/usr/local/bin:/usr/bin:/bin" + ExecStart=/home/appuser/.local/bin/poetry run flask run --host=0.0.0.0 --port=5000 + Restart=always + + [Install] + WantedBy=multi-user.target + EOF2 + EOSU + + # Set proper permissions + chmod 644 /etc/systemd/system/flask-app.service + + # Start and enable the service + systemctl daemon-reload + systemctl start flask-app + systemctl enable flask-app + + # Add logging + echo "Setup completed at $(date)" >> /var/log/user-data.log + EOF + tags = { Name = "GitHubActionsEC2" } + + # Add root volume configuration if needed + root_block_device { + volume_size = 20 + volume_type = "gp2" + } } resource "aws_security_group" "allow_app" { name = "allow_app" description = "Allow inbound traffic for Python app" + ingress { description = "App Port" from_port = 5000 @@ -42,6 +95,7 @@ resource "aws_security_group" "allow_app" { protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } + ingress { description = "SSH" from_port = 22 @@ -49,12 +103,23 @@ resource "aws_security_group" "allow_app" { protocol = "tcp" cidr_blocks = ["0.0.0.0/0"] } + egress { from_port = 0 to_port = 0 protocol = "-1" cidr_blocks = ["0.0.0.0/0"] } + + tags = { + Name = "allow_app" + } +} + +# Add CloudWatch logging if needed +resource "aws_cloudwatch_log_group" "app_logs" { + name = "/ec2/flask-app" + retention_in_days = 14 } output "public_ip" {