-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathterragen
executable file
·278 lines (239 loc) · 8.35 KB
/
terragen
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
#!/bin/bash
# Declare variables
declare -A terraform_vars=([project_name]="" [do_token]="" [region]="" [image_slug]="" [load_balancer_size]="" [backend_node_size]="" [backend_node_count]="");
declare regions=("nyc1" "nyc2" "nyc3" "ams2" "ams3" "sfo1" "sfo2" "sgp1" "lon1" "fra1" "tor1" "blr1");
# Get user input for Terraform variables
function setVars() {
read -p "Please enter in your project name: " terraform_vars[project_name];
# Check for SSH key
if [[ -f ${HOME}/.ssh/id_rsa ]]; then
until [[ "${valid}" ]]; do
read -p "${HOME}/.ssh/id_rsa has been located. Would you like to use it for your configuration? y/n: " response;
case "${response}" in
"Y"|"y") private_key_path="${HOME}/.ssh/id_rsa";
if [[ -f "${HOME}/.ssh/id_rsa.pub" ]]; then
public_key=$(cat ${HOME}/.ssh/id_rsa.pub);
else
echo -e "Unable to locate ${HOME}/.ssh/id_rsa.pub. Please create a new key pair or place them into ${HOME}/.ssh/";
exit 1;
fi
valid=true;
;;
"N"|"n")
read -p "Please enter in the full path to your private SSH key: " private_key_path;
public_key=$(cat ${private_key_path}.*pub);
valid=true;
;;
*) echo -e "\nThe choice you entered was not valid. Try again.\n"
;;
esac
done
unset valid;
else
ssh-keygen -t rsa -C "$(hostname -f)" -q -N "" -f ${HOME}/.ssh/id_rsa;
private_key_path="${HOME}/.ssh/id_rsa";
public_key=$(cat ${HOME}/.ssh/id_rsa.pub);
fi
read -p "Please enter in your DigitalOcean API token: " terraform_vars[do_token];
if [[ ! -f ${HOME}/.config/doctl/config.yaml ]]; then
mkdir -p ${HOME}/.config/doctl/;
cat << EOF > ${HOME}/.config/doctl/config.yaml
access-token: ${terraform_vars[do_token]}
output: text
EOF
chmod 600 ${HOME}/.config/doctl/config.yaml;
fi
# Add new ssh key to cloud
doctl compute ssh-key create $(hostname -f) --public-key "${public_key}" &>/dev/null;
# Grab ssh key id and ssh key fingerprint
key_array=($(doctl compute ssh-key list | grep "$(ssh-keygen -lf ${private_key_path} -E md5 | awk '{print $2}'| cut -d: -f2-)"));
# Set up a password to be used for ansible-vault
until [[ ${valid} ]]; do
read -sp "Enter in a password to be used for ansible-vault: " vault_pass;
echo;
if [[ ! -z ${vault_pass} ]]; then
read -sp "Re-enter your ansible-vault password: " vault_pass_confirm;
if [[ ${vault_pass} == ${vault_pass_confirm} ]]; then
echo -e "\nYour ansible-vault password has been set.\n";
valid=true;
else
echo -e "\nThe passwords did not match. Please try again.\n";
fi
else
echo "You cannot use a blank password. Please try again.";
fi
done
unset valid
# create ha_auth_key
ha_auth_key=$(dd if='/dev/urandom' bs=512 count=1 2>'/dev/null' | openssl sha1 | awk '{print $2}')
# Have the user select a data center region
until [[ ${valid} ]]; do
cat << EOF
Please select a data center.
1) New York 1
2) New York 2
3) New York 3
4) Amsterdam 2
5) Amsterdam 3
6) San Francisco 1
7) San Francisco 2
8) Singapore 1
9) London 1
10) Frankfurt 1
11) Toronto 1
12) Bangalore 1
EOF
read -p "Enter in your choice: " dc_selection;
if (( ${dc_selection} > 0 && ${dc_selection} < 13 )) &>/dev/null; then
echo -e "\nData center is now set.\n";
valid=true;
else
echo -e "\nPlease enter in a valid choice.\n";
fi
done
unset valid
n=$(echo $(( ${dc_selection}-1 )));
terraform_vars[region]=${regions[${n}]};
# Setting the distro to ubuntu 16-04
terraform_vars[image_slug]="ubuntu-16-04-x64";
# Get size for load balancers
until [[ "${valid}" ]]; do
cat << EOF
Please select a Droplet size from the listing for your load balancers.
1) 2gb
2) 4gb
3) 8gb
4) 16gb
5) 32gb
EOF
read -p "Enter in your choice:" lb_size;
case "${lb_size}" in
1) terraform_vars[load_balancer_size]="2gb";
valid=true;
;;
2) terraform_vars[load_balancer_size]="4gb";
valid=true;
;;
3) terraform_vars[load_balancer_size]="8gb";
valid=true;
;;
4) terraform_vars[load_balancer_size]="16gb";
valid=true;
;;
5) terraform_vars[load_balancer_size]="32gb";
valid=true;
;;
*) echo -e "\nYou did not enter a valid choice. Please try again.\n";
;;
esac
done
unset valid;
until [[ "${valid}" ]]; do
cat << EOF
Please select a Droplet size from the listing for your backend servers.
1) 1gb
2) 2gb
3) 4gb
4) 8gb
EOF
read -p "Enter in your choice:" n_size;
case "${n_size}" in
1) terraform_vars[backend_node_size]="1gb";
valid=true;
;;
2) terraform_vars[backend_node_size]="2gb";
valid=true;
;;
3) terraform_vars[backend_node_size]="4gb";
valid=true;
;;
4) terraform_vars[backend_node_size]="8gb";
valid=true;
;;
*) echo -e "\nYou did not enter a valid choice. Please try again.\n";
;;
esac
done
unset valid;
read -p "Please enter then number of backend nodes you want to provision: " terraform_vars[backend_node_count];
# Gather variables for nginx
echo -e "\nNow let's set up your backend nginx configuration.\n";
read -p "Enter in your application name (ex. myapp1): " app_name;
read -p "Enter the path you want to use for your document root: " doc_root;
read -p "Enter in the domain name you're going to use (ex. example.com www.example.com): " server_name;
}
# create terraform configuration
function terraConf() {
cat << EOF > terraform.tfvars
do_token = "${terraform_vars[do_token]}"
project = "${terraform_vars[project_name]}"
/* region choices include: nyc1, nyc2, nyc3, ams2, ams3, sfo1, sgp1, lon1, fra1, tor1 */
region = "${terraform_vars[region]}"
/* some image slugs include: ubuntu-16-04-x64, ubuntu-14-04-x64.
Keep in mind the associated Ansible playbook was written to be executed on Ubuntu. */
image_slug = "${terraform_vars[image_slug]}"
keys = "${key_array[0]}"
private_key_path = "${private_key_path}"
ssh_fingerprint = "${key_array[2]}"
public_key = "${public_key}"
lb_size = "${terraform_vars[load_balancer_size]}"
node_count = "${terraform_vars[backend_node_count]}"
node_size = "${terraform_vars[backend_node_size]}"
EOF
}
# create vars file for Ansible
function ansibleVars() {
cat << EOF > group_vars/all/vars
sites:
${app_name}:
doc_root: ${doc_root}
server_name: ${server_name}
EOF
cat << EOF > group_vars/all/load_balancer
# DigitalOcean access token
do_token: "{{ vault_do_token }}"
# Generated ha auth key. Consult README.md for how to generate.
ha_auth_key: "{{ vault_ha_auth_key }}"
EOF
}
# create vault file
function ansibleVault() {
cat << EOF > group_vars/all/vault
---
vault_do_token: ${terraform_vars[do_token]}
vault_ha_auth_key: ${ha_auth_key}
EOF
echo "${vault_pass}" > ${HOME}/.vaultpass.txt;
ansible-vault encrypt group_vars/all/vault;
}
# prompt user to execute scripts
function deployNow() {
until [[ "${valid}" ]]; do
read -p "Would you like to deploy now? y/n: " deploy;
case "${deploy}" in
"Y"|"y") terraform init
terraform apply;
echo -en "\nWaiting for cloud-config to complete.";
for i in {1..45}; do
printf ".";
sleep 1;
done
ansible-playbook -i /usr/local/bin/terraform-inventory site.yml;
fip=$(terraform state show digitalocean_floating_ip.fip | grep ip_address | cut -d" " -f3);
echo -e "\n Congratulations! You now have your initial load balancers and backend nodes set up. Your public floating IP is ${fip}.";
valid=true;
;;
"N"|"n") echo -e "\nTo complete your deployment, navigate over to ${project_dir} and execute 'terraform init', 'terraform apply', then 'ansible-playbook -i /usr/local/bin/terraform-inventory site.yml;'. Goodbye!";
valid=true;
;;
*) echo -e "\nPlease enter in a valid choice.\n"
;;
esac
done
}
# Execute functions
setVars;
terraConf;
ansibleVars;
ansibleVault;
deployNow;