forked from NeCTAR-RC/heat-templates
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwordpress_single_instance.yaml
160 lines (141 loc) · 5.67 KB
/
wordpress_single_instance.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
# http://docs.openstack.org/developer/heat/template_guide/hot_spec.html#heat-template-version
heat_template_version: 2014-10-16
description: >
NeCTAR sample template to install WordPress on a single instance with a local MySQL database
to store the data.
parameters:
# First off, the parameters that affect the environment
key_name:
description: Name of an existing KeyPair to enable SSH access to the instances
type: string
instance_type:
description: The NeCTAR flavour the webserver is to run on
type: string
default: m2.xsmall
constraints:
- allowed_values: [m2.xsmall, m2.small, m1.small]
description:
Must be a valid NeCTAR flavour with 10G drive, limited to the smaller ones available
fedora_image_id:
description: A NeCTAR fedora image
type: string
default: d3bae233-a0cd-4533-a710-d7aa9de0a4b7
# Then the installation specific parameters
db_name:
default: wordpress
description: The WordPress database name
type: string
constraints:
- length: { min: 6, max: 16}
description: The database name must be between 6 to 16 characters in length.
- allowed_pattern: '[a-zA-Z][a-zA-Z0-9]*'
description: Must begin with a letter and contain only alphanumeric characters.
db_username:
description: The WordPress database admin account username
default: bestAdminEver
type: string
constraints:
- length: { min: 6, max: 16}
description: The user name must be between 6 to 16 characters in length.
- allowed_pattern: '[a-zA-Z][a-zA-Z0-9]*'
description: Must begin with a letter and contain only alphanumeric characters.
resources:
# http://docs.openstack.org/developer/heat/template_guide/openstack.html#OS::Heat::RandomString
db_password:
type: OS::Heat::RandomString
# http://docs.openstack.org/developer/heat/template_guide/openstack.html#OS::Heat::RandomString
db_root_password:
type: OS::Heat::RandomString
# Creating a security group is possible: but it does eat into the number of groups that you are limited to (10)
security_group:
# http://docs.openstack.org/hot-reference/content/AWS__EC2__SecurityGroup.html
type: AWS::EC2::SecurityGroup
properties:
GroupDescription: Enable HTTP access via port 80 plus SSH and ICMP access
SecurityGroupIngress:
-
IpProtocol: icmp
FromPort: -1
ToPort: -1
CidrIp: 0.0.0.0/0
-
IpProtocol: tcp
FromPort: 80
ToPort: 80
CidrIp: 0.0.0.0/0
-
IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
wordpress_site:
# http://docs.openstack.org/hot-reference/content/AWS__EC2__Instance.html
type: AWS::EC2::Instance
metadata:
# See http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-init.html
AWS::CloudFormation::Init:
config:
files:
/tmp/setup.mysql:
content:
str_replace:
template: |
CREATE DATABASE db_name;
GRANT ALL PRIVILEGES ON db_name .* TO 'db_user'@'localhost' IDENTIFIED BY 'db_password';
FLUSH PRIVILEGES;
EXIT
params:
db_password: {get_resource: db_password}
db_user: {get_param: db_username}
db_name: { get_param: db_name }
mode: '000644'
owner: root
group: root
packages:
yum:
mariadb: []
mariadb-server: []
httpd: []
wordpress: []
services:
systemd:
mysqld: {enabled: 'true', ensureRunning: 'true'}
httpd: {enabled: 'true', ensureRunning: 'true'}
properties:
ImageId: { get_param: fedora_image_id }
InstanceType: { get_param: instance_type }
KeyName: { get_param: key_name }
# the following will break if you have maxed out your security group limit (10).
SecurityGroups: [ { get_resource: security_group } ]
# the following is written to /var/lib/cloud/data/cfn-userdata
# note the call to cfn-init which causes the AWS::CloudFomration::Init to be actioned
UserData:
str_replace:
template: |
#!/bin/bash -v
echo "stack_name wordpress_site stack_region" > /root/args.txt
/opt/aws/bin/cfn-init -s stack_name -r wordpress_site --region stack_region
# Setup MySQL root password and create a user
mysqladmin -u root password db_root_password
mysql -u root --password=db_root_password < /tmp/setup.mysql
sed -i "/Deny from All/d" /etc/httpd/conf.d/wordpress.conf
sed -i "s/Require local/Require all granted/" /etc/httpd/conf.d/wordpress.conf
sed -i s/database_name_here/db_name/ /etc/wordpress/wp-config.php
sed -i s/username_here/db_user/ /etc/wordpress/wp-config.php
sed -i s/password_here/db_password/ /etc/wordpress/wp-config.php
systemctl restart httpd.service
params:
stack_name: { get_param: 'OS::stack_name' }
stack_region: ap-southeast-1
db_root_password: { get_resource: db_root_password }
db_password: { get_resource: db_password }
db_user: { get_param: db_username }
db_name: { get_param: db_name }
outputs:
webste_url:
description: The URL of the wordpress site
value:
str_replace:
template: http://IpAddress/wordpress
params:
IpAddress: { get_attr: [wordpress_site, PublicIp]}