-
Notifications
You must be signed in to change notification settings - Fork 0
/
vault-consul-ami.json
119 lines (118 loc) · 3.97 KB
/
vault-consul-ami.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
{
"min_packer_version": "0.12.0",
"variables": {
"aws_region": "us-east-1",
"vault_version": "0.11.5",
"consul_module_version": "v0.4.2",
"consul_version": "1.3.1",
"consul_download_url": "{{env `CONSUL_DOWNLOAD_URL`}}",
"vault_download_url": "{{env `VAULT_DOWNLOAD_URL`}}",
"ca_public_key_path": "tls/",
"tls_public_key_path": "tls/",
"tls_private_key_path": "tls/"
},
"builders": [{
"ami_name": "vault-consul-ubuntu-{{isotime | clean_ami_name}}-{{uuid}}",
"ami_description": "An Ubuntu 16.04 AMI that has Vault and Consul installed.",
"instance_type": "t2.micro",
"name": "ubuntu16-ami",
"region": "{{user `aws_region`}}",
"type": "amazon-ebs",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"architecture": "x86_64",
"name": "*ubuntu-xenial-16.04-amd64-server-*",
"block-device-mapping.volume-type": "gp2",
"root-device-type": "ebs"
},
"owners": ["099720109477"],
"most_recent": true
},
"ssh_username": "ubuntu"
},{
"ami_name": "vault-consul-amazon-linux-{{isotime | clean_ami_name}}-{{uuid}}",
"ami_description": "An Amazon Linux AMI that has Vault and Consul installed.",
"instance_type": "t2.micro",
"name": "amazon-linux-ami",
"region": "{{user `aws_region`}}",
"type": "amazon-ebs",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"architecture": "x86_64",
"name": "*amzn-ami-hvm-*",
"block-device-mapping.volume-type": "gp2",
"root-device-type": "ebs"
},
"owners": ["amazon"],
"most_recent": true
},
"ssh_username": "ec2-user"
}],
"provisioners": [{
"type": "shell",
"inline": [
"sudo apt-get install -y git"
],
"only": ["ubuntu16-ami"]
},{
"type": "shell",
"inline": [
"sudo yum install -y git"
],
"only": ["amazon-linux-ami"]
},{
"type": "shell",
"inline": [
"if test -n \"{{user `vault_download_url`}}\"; then",
" /tmp/terraform-aws-vault/modules/install-vault/install-vault --download-url {{user `vault_download_url`}};",
"else",
"git clone https://github.com/hashicorp/terraform-aws-vault.git /tmp/terraform-aws-vault",
"/tmp/terraform-aws-vault/modules/install-vault/install-vault --version {{user `vault_version`}}",
"fi"
],
"pause_before": "30s"
}
,
{
"type": "file",
"source": "{{template_dir}}/auth/sign-request.py",
"destination": "/tmp/sign-request.py"
},{
"type": "file",
"source": "{{user `ca_public_key_path`}}",
"destination": "/tmp/ca.crt.pem"
},{
"type": "file",
"source": "{{user `tls_public_key_path`}}",
"destination": "/tmp/vault.crt.pem"
},{
"type": "file",
"source": "{{user `tls_private_key_path`}}",
"destination": "/tmp/vault.key.pem"
},{
"type": "shell",
"inline": [
"sudo mv /tmp/sign-request.py /opt/vault/scripts/",
"sudo mv /tmp/ca.crt.pem /opt/vault/tls/",
"sudo mv /tmp/vault.crt.pem /opt/vault/tls/",
"sudo mv /tmp/vault.key.pem /opt/vault/tls/",
"sudo chown -R vault:vault /opt/vault/tls/",
"sudo chmod -R 600 /opt/vault/tls",
"sudo chmod 700 /opt/vault/tls",
"sudo /tmp/terraform-aws-vault/modules/update-certificate-store/update-certificate-store --cert-file-path /opt/vault/tls/ca.crt.pem"
]
},{
"type": "shell",
"inline": [
"git clone --branch {{user `consul_module_version`}} https://github.com/hashicorp/terraform-aws-consul.git /tmp/terraform-aws-consul",
"if test -n \"{{user `consul_download_url`}}\"; then",
" /tmp/terraform-aws-consul/modules/install-consul/install-consul --download-url {{user `consul_download_url`}};",
"else",
" /tmp/terraform-aws-consul/modules/install-consul/install-consul --version {{user `consul_version`}};",
"fi",
"/tmp/terraform-aws-consul/modules/install-dnsmasq/install-dnsmasq"
]
}]
}