From 50eb8cdcf86e132c57652a43d3a225ebc6898c1e Mon Sep 17 00:00:00 2001 From: Gio <43544549+romer8@users.noreply.github.com> Date: Sun, 14 Apr 2024 17:35:57 -0600 Subject: [PATCH 01/29] Update elasticbeanstalk.tf update to use python version 3.6 instead of 3.5.12 for available-solution-stacks --- terraform/aws/elasticbeanstalk.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/aws/elasticbeanstalk.tf b/terraform/aws/elasticbeanstalk.tf index e94fe49..86ed0d6 100644 --- a/terraform/aws/elasticbeanstalk.tf +++ b/terraform/aws/elasticbeanstalk.tf @@ -14,7 +14,7 @@ resource "aws_elastic_beanstalk_application" "hydroserver_django_app" { resource "aws_elastic_beanstalk_environment" "hydroserver_django_env" { name = "hydroserver-${var.instance}-env" application = aws_elastic_beanstalk_application.hydroserver_django_app.name - solution_stack_name = "64bit Amazon Linux 2 v3.5.12 running Python 3.8" + solution_stack_name = "64bit Amazon Linux 2 v3.6.0 running Python 3.8" setting { namespace = "aws:elasticbeanstalk:environment" From cfb9bd3657de1ff029d0c93d40bfa58e5ea445c7 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 16 Apr 2024 18:30:41 -0600 Subject: [PATCH 02/29] added to destroy infraestracture --- .github/workflows/aws_destroy_deployment.yml | 50 ++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 .github/workflows/aws_destroy_deployment.yml diff --git a/.github/workflows/aws_destroy_deployment.yml b/.github/workflows/aws_destroy_deployment.yml new file mode 100644 index 0000000..a6007e2 --- /dev/null +++ b/.github/workflows/aws_destroy_deployment.yml @@ -0,0 +1,50 @@ +name: Destroy HydroServer AWS Cloud Deployment + +on: + workflow_dispatch: + inputs: + environment: + description: 'Enter a deployment environment name.' + required: true + +permissions: + id-token: write + contents: read + +jobs: + setup-deployment: + runs-on: ubuntu-20.04 + environment: ${{ github.event.inputs.environment }} + defaults: + run: + working-directory: ./terraform/aws + steps: + - name: configureawscredentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ vars.AWS_IAM_ROLE }} + role-session-name: create-hydroserver-resources + aws-region: ${{ vars.AWS_REGION }} + + - name: Checkout Repo + uses: actions/checkout@v3 + with: + ref: main + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v1 + + - name: Terraform Init + run: terraform init -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/aws_application_${{ github.event.inputs.environment }}" + + - name: Terraform Plan + id: plan + run: terraform plan -destroy -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" + continue-on-error: true + + - name: Terraform Plan Status + if: steps.plan.outcome == 'failure' + run: exit 1 + + - name: Terraform Apply + run: terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" From fd4b534b00237eda5fe51846d76d8294af3eb42f Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:10:29 -0600 Subject: [PATCH 03/29] added first iteration of terraform and github action that does the deployment of self hosted timescaledb --- ...self_hosted_timescale_ create_database.yml | 121 ++++++++++++++++++ .../self_hosted_timescale/app-instances.tf | 67 ++++++++++ terraform/self_hosted_timescale/main.tf | 16 +++ terraform/self_hosted_timescale/outputs.tf | 4 + terraform/self_hosted_timescale/s3.tf | 30 +++++ .../self_hosted_timescale/security-group.tf | 59 +++++++++ terraform/self_hosted_timescale/variables.tf | 16 +++ 7 files changed, 313 insertions(+) create mode 100644 .github/workflows/self_hosted_timescale_ create_database.yml create mode 100644 terraform/self_hosted_timescale/app-instances.tf create mode 100644 terraform/self_hosted_timescale/main.tf create mode 100644 terraform/self_hosted_timescale/outputs.tf create mode 100644 terraform/self_hosted_timescale/s3.tf create mode 100644 terraform/self_hosted_timescale/security-group.tf create mode 100644 terraform/self_hosted_timescale/variables.tf diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml new file mode 100644 index 0000000..5f9a636 --- /dev/null +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -0,0 +1,121 @@ +name: Create HydroServer Timescale Cloud Database + +on: + workflow_dispatch: + inputs: + environment: + description: 'Enter a deployment environment name.' + required: true + superuser-email: + description: 'Enter the email for the Django superuser.' + required: true + superuser-password: + description: 'Enter the password for the Django superuser.' + required: true + partition-interval: + description: 'Enter a partition interval in days.' + default: '365' + required: true + db-user: + description: 'Enter a username for the timescale db' + required: true + db-password: + description: 'Enter a password for the timescale db' + required: true + hydroserver-version: + description: 'Enter a version of HydroServer to use. Leave blank to use the latest version.' + required: false + +permissions: + id-token: write + contents: read + +jobs: + setup-deployment: + runs-on: ubuntu-20.04 + environment: ${{ github.event.inputs.environment }} + steps: + - name: configureawscredentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ vars.AWS_IAM_ROLE }} + role-session-name: create-hydroserver-resources + aws-region: ${{ vars.AWS_REGION }} + + - name: Checkout Repo + uses: actions/checkout@v3 + with: + ref: main + path: ops + + - name: Get Latest HydroServer Version + id: get_latest_tag + run: echo "tag=$(curl -sL https://api.github.com/repos/hydroserver2/hydroserver-webapp-back/releases/latest | jq -r '.tag_name')" >> $GITHUB_OUTPUT + + - name: Checkout Backend Repo + uses: actions/checkout@v4 + with: + repository: hydroserver2/hydroserver-webapp-back + ref: refs/tags/${{ github.event.inputs.hydroserver-version || steps.get_latest_tag.outputs.tag }} + path: backend + + - name: Setup SSH + uses: webfactory/ssh-agent@v0.5.0 + with: + ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + - name: Terraform Init + working-directory: ./ops/terraform/self_hosted_timescale + run: terraform init -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_self_hosted_database_${{ github.event.inputs.environment }}" + + - name: Terraform Plan + id: plan + working-directory: ./ops/terraform/self_hosted_timescale + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }} -var private_key =${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY}}" + continue-on-error: true + + - name: Terraform Plan Status + if: steps.plan.outcome == 'failure' + run: exit 1 + + - name: Terraform Apply + working-directory: ./ops/terraform/self_hosted_timescale + run: | + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt + echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt + echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt + echo "CONNECTION_STRING=postgresql://${{ github.event.inputs.db-user }}:${{ github.event.inputs.db-password }}@$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value'):5432/tsdb" >> timescale_${{ github.event.inputs.environment }}_connection.txt + cat << EOF > ../../../backend/.env + PROXY_BASE_URL=http://127.0.0.1:8000 + DATABASE_URL=postgresql://${{ github.event.inputs.db-user }}:${{ github.event.inputs.db-password }}@$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value'):5432/tsdb + DEPLOYED=True + EOF + + - name: Upload Connection Details to S3 + working-directory: ./ops/terraform/self_hosted_timescale + run: | + aws s3 cp timescale_${{ github.event.inputs.environment }}_connection.txt s3://${{ vars.TERRAFORM_BUCKET }}/output/timescale_${{ github.event.inputs.environment }}_connection.txt + + - name: Install Django Dependencies + working-directory: ./backend + run: | + python -m pip install --upgrade pip + pip install -r requirements.txt + pip install pyopenssl --upgrade + + - name: Run Database Setup Commands + working-directory: ./backend + env: + DJANGO_SETTINGS_MODULE: hydroserver.settings + DJANGO_SUPERUSER_EMAIL: ${{ github.event.inputs.superuser-email }} + DJANGO_SUPERUSER_PASSWORD: ${{ github.event.inputs.superuser-password }} + DJANGO_SUPERUSER_FIRST_NAME: ADMIN + DJANGO_SUPERUSER_LAST_NAME: ADMIN + run: | + python manage.py migrate + python manage.py configure_timescaledb --partition-interval-days ${{ github.event.inputs.partition-interval }} + python manage.py createsuperuser --noinput diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf new file mode 100644 index 0000000..23469e9 --- /dev/null +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -0,0 +1,67 @@ +/* Setup our aws provider */ +provider "aws" { + region = var.region +} + +resource "aws_instance" "primary_1" { + ami = var.aws_ami + instance_type = var.aws_type + security_groups = ["${aws_security_group.swarm.name}"] + key_name = aws_key_pair.deployer.key_name + connection { + host = self.public_ip + user = "ec2-user" + private_key = file("${path.module}/id_rsa.pem") + } + provisioner "remote-exec" { + inline = [ + "sudo yum update -y", + "sudo yum install git -y", + "sudo amazon-linux-extras install docker -y", + "sudo service docker start", + "sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose", + "sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose", + "sudo chmod +x /usr/local/bin/docker-compose;", + "sudo docker network create tsdb", + "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", + "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + ] + } + tags = { + Name = "tsdb-primary-${var.instance}-${data.aws_caller_identity.current.account_id}" + } + depends_on = [ + aws_s3_bucket.timescale_backup_bucket + ] +} +resource "aws_instance" "replica_1" { + ami = "ami-00798d7180f25aac2" + instance_type = var.aws_type + security_groups = ["${aws_security_group.swarm.name}"] + key_name = aws_key_pair.deployer.key_name + connection { + host = self.public_ip + user = "ec2-user" + private_key = var.private_key + } + provisioner "remote-exec" { + inline = [ + "sudo yum update -y", + "sudo yum install git -y", + "sudo amazon-linux-extras install docker -y", + "sudo service docker start", + "sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose", + "sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose", + "sudo chmod +x /usr/local/bin/docker-compose;", + "sudo docker network create tsdb", + "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", + "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + ] + } + tags = { + Name = "tsdb-replica-${var.instance}-${data.aws_caller_identity.current.account_id}" + } + depends_on = [ + aws_s3_bucket.timescale_backup_bucket + ] +} diff --git a/terraform/self_hosted_timescale/main.tf b/terraform/self_hosted_timescale/main.tf new file mode 100644 index 0000000..611bcf5 --- /dev/null +++ b/terraform/self_hosted_timescale/main.tf @@ -0,0 +1,16 @@ +terraform { + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 4.16" + } + } + backend "s3" {} + required_version = ">= 1.2.0" +} + +provider "aws" { + region = var.region +} + +data "aws_caller_identity" "current" {} diff --git a/terraform/self_hosted_timescale/outputs.tf b/terraform/self_hosted_timescale/outputs.tf new file mode 100644 index 0000000..f6e955f --- /dev/null +++ b/terraform/self_hosted_timescale/outputs.tf @@ -0,0 +1,4 @@ +output "self_hosted_tsdb_hostname" { + value = aws_instance.primary_1.public_ip +} + diff --git a/terraform/self_hosted_timescale/s3.tf b/terraform/self_hosted_timescale/s3.tf new file mode 100644 index 0000000..9c6ac70 --- /dev/null +++ b/terraform/self_hosted_timescale/s3.tf @@ -0,0 +1,30 @@ +# Creation of S3 bucket for TimescaleDB backup +resource "aws_s3_bucket" "timescale_backup_bucket" { + bucket = "timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id}" +} + + +# ------------------------------------------------ # +# S3 Restrict Public Access # +# ------------------------------------------------ # +resource "aws_s3_bucket_public_access_block" "timescale_backup_bucket" { + bucket = aws_s3_bucket.timescale_backup_bucket.id + + block_public_acls = true + block_public_policy = true + ignore_public_acls = true + restrict_public_buckets = true +} + +# ------------------------------------------------ # +# S3 Ownership Controls # +# ------------------------------------------------ # +resource "aws_s3_bucket_ownership_controls" "timescale_backup_bucket" { + bucket = aws_s3_bucket.timescale_backup_bucket.id + rule { + object_ownership = "BucketOwnerEnforced" + } + depends_on = [aws_s3_bucket_public_access_block.timescale_backup_bucket] +} + + diff --git a/terraform/self_hosted_timescale/security-group.tf b/terraform/self_hosted_timescale/security-group.tf new file mode 100644 index 0000000..eda70ea --- /dev/null +++ b/terraform/self_hosted_timescale/security-group.tf @@ -0,0 +1,59 @@ +/* Default security group */ +resource "aws_security_group" "swarm" { + name = "swarm-group-tdsb-${var.instance}-${data.aws_caller_identity.current.account_id}" + description = "Default security group that allows inbound and outbound traffic from all instances in the VPC" + + ingress { + from_port = "0" + to_port = "0" + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + self = true + } + + ingress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + ingress { + from_port = 5432 + to_port = 5432 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + ingress { + from_port = 3000 + to_port = 3000 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + + egress { + from_port = "0" + to_port = "0" + protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + self = true + } + egress { + from_port = 22 + to_port = 22 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 5432 + to_port = 5432 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + egress { + from_port = 3000 + to_port = 3000 + protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } +} diff --git a/terraform/self_hosted_timescale/variables.tf b/terraform/self_hosted_timescale/variables.tf new file mode 100644 index 0000000..7a45c09 --- /dev/null +++ b/terraform/self_hosted_timescale/variables.tf @@ -0,0 +1,16 @@ +// Default AWS Access Credentials +variable "access_key" {} +variable "secret_key" {} +variable "instance" {} +variable "region" {} +variable "db_user" {} +variable "db_password" {} +variable "aws_ami" { + default = "ami-00beae93a2d981137" +} +variable "private_key" {} +variable "aws_type" { + default = "t2.micro" +} + + From ec7884a884c8c2ced04c6259c25595af70524bd0 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:13:08 -0600 Subject: [PATCH 04/29] change action name --- .github/workflows/self_hosted_timescale_ create_database.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 5f9a636..4a38631 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -1,4 +1,4 @@ -name: Create HydroServer Timescale Cloud Database +name: Create HydroServer Self Hosted TimescaleScale Database Cluster with Backup on: workflow_dispatch: From e7af360d581ebf6589233eca12170f977cf0fd9f Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:23:22 -0600 Subject: [PATCH 05/29] no need of webfactory/ssh-agent@v0.5.0 action --- .github/workflows/self_hosted_timescale_ create_database.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 4a38631..963581f 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -59,11 +59,6 @@ jobs: ref: refs/tags/${{ github.event.inputs.hydroserver-version || steps.get_latest_tag.outputs.tag }} path: backend - - name: Setup SSH - uses: webfactory/ssh-agent@v0.5.0 - with: - ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }} - - name: Setup Terraform uses: hashicorp/setup-terraform@v3 From 4df2d06ac5a9d442f285e075e3b3c9110ae875ea Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:25:19 -0600 Subject: [PATCH 06/29] fix: Duplicate provider configuration --- terraform/self_hosted_timescale/app-instances.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf index 23469e9..7c5522c 100644 --- a/terraform/self_hosted_timescale/app-instances.tf +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -1,8 +1,3 @@ -/* Setup our aws provider */ -provider "aws" { - region = var.region -} - resource "aws_instance" "primary_1" { ami = var.aws_ami instance_type = var.aws_type From e99f27ac799717b8391b9c0f46388f823729a75e Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:29:01 -0600 Subject: [PATCH 07/29] fix space for var --- .github/workflows/self_hosted_timescale_ create_database.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 963581f..2a2cb41 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -69,7 +69,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }} -var private_key =${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY}}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }} -var private_key=${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" continue-on-error: true - name: Terraform Plan Status From e396bcc6417218a8f86575b48aeffbf68aab1a10 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:32:52 -0600 Subject: [PATCH 08/29] fix terraform apply --- .github/workflows/self_hosted_timescale_ create_database.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 2a2cb41..e9d538c 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -69,7 +69,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }} -var private_key=${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }} -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" continue-on-error: true - name: Terraform Plan Status @@ -79,7 +79,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/self_hosted_timescale run: | - terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt From 9ce1dd04e80b968548a17cb02fd9076bdfa30560 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:40:18 -0600 Subject: [PATCH 09/29] correct one more typo --- .github/workflows/self_hosted_timescale_ create_database.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index e9d538c..d4addbe 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -69,7 +69,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }} -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" continue-on-error: true - name: Terraform Plan Status From 35e81132c61f6b6dd5896b1df58ebf61ea4717bc Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:42:33 -0600 Subject: [PATCH 10/29] fix: private_key = file("${path.module}/id_rsa.pem") --- terraform/self_hosted_timescale/app-instances.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf index 7c5522c..ac54125 100644 --- a/terraform/self_hosted_timescale/app-instances.tf +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -6,7 +6,7 @@ resource "aws_instance" "primary_1" { connection { host = self.public_ip user = "ec2-user" - private_key = file("${path.module}/id_rsa.pem") + private_key = var.private_key } provisioner "remote-exec" { inline = [ From 5dc35eebe0b4bb70e9b489c3b678e52a057993fe Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:44:53 -0600 Subject: [PATCH 11/29] add resulting key pairs --- terraform/self_hosted_timescale/key-pairs.tf | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 terraform/self_hosted_timescale/key-pairs.tf diff --git a/terraform/self_hosted_timescale/key-pairs.tf b/terraform/self_hosted_timescale/key-pairs.tf new file mode 100644 index 0000000..4a39bd0 --- /dev/null +++ b/terraform/self_hosted_timescale/key-pairs.tf @@ -0,0 +1,4 @@ +resource "aws_key_pair" "deployer" { + key_name = "deploy-tsdb-${var.instance}-${data.aws_caller_identity.current.account_id}" + public_key = var.private_key +} From 15e13114f1334edc5d407a0b51ff1b97bb26207d Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 14:45:55 -0600 Subject: [PATCH 12/29] addec quotes to output --- terraform/self_hosted_timescale/outputs.tf | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/terraform/self_hosted_timescale/outputs.tf b/terraform/self_hosted_timescale/outputs.tf index f6e955f..71f211d 100644 --- a/terraform/self_hosted_timescale/outputs.tf +++ b/terraform/self_hosted_timescale/outputs.tf @@ -1,4 +1,3 @@ output "self_hosted_tsdb_hostname" { - value = aws_instance.primary_1.public_ip + value = "aws_instance.primary_1.public_ip" } - From 0ce28fe5f784bce99f28032111d3a3c27f45c823 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:14:44 -0600 Subject: [PATCH 13/29] added public key --- .github/workflows/self_hosted_timescale_ create_database.yml | 4 ++-- terraform/self_hosted_timescale/key-pairs.tf | 2 +- terraform/self_hosted_timescale/variables.tf | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index d4addbe..717e2fd 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -69,7 +69,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" continue-on-error: true - name: Terraform Plan Status @@ -79,7 +79,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/self_hosted_timescale run: | - terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt diff --git a/terraform/self_hosted_timescale/key-pairs.tf b/terraform/self_hosted_timescale/key-pairs.tf index 4a39bd0..27d6819 100644 --- a/terraform/self_hosted_timescale/key-pairs.tf +++ b/terraform/self_hosted_timescale/key-pairs.tf @@ -1,4 +1,4 @@ resource "aws_key_pair" "deployer" { key_name = "deploy-tsdb-${var.instance}-${data.aws_caller_identity.current.account_id}" - public_key = var.private_key + public_key = var.public_key } diff --git a/terraform/self_hosted_timescale/variables.tf b/terraform/self_hosted_timescale/variables.tf index 7a45c09..23f0caf 100644 --- a/terraform/self_hosted_timescale/variables.tf +++ b/terraform/self_hosted_timescale/variables.tf @@ -9,6 +9,7 @@ variable "aws_ami" { default = "ami-00beae93a2d981137" } variable "private_key" {} +variable "public_key" {} variable "aws_type" { default = "t2.micro" } From 2521f418df72038c1ca7aead0378d880409547cd Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:35:17 -0600 Subject: [PATCH 14/29] added instance type to options, and corrected error for amazon linux --- .../self_hosted_timescale_ create_database.yml | 11 +++++++++-- .../self_hosted_timescale/app-instances.tf | 18 ++++++++++-------- terraform/self_hosted_timescale/variables.tf | 6 ++---- 3 files changed, 21 insertions(+), 14 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 717e2fd..3a799d5 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -22,6 +22,9 @@ on: db-password: description: 'Enter a password for the timescale db' required: true + aws-isntance-type: + description: 'Enter aaws ec2 isntance type (default is t2.micro)' + required: false hydroserver-version: description: 'Enter a version of HydroServer to use. Leave blank to use the latest version.' required: false @@ -52,6 +55,10 @@ jobs: id: get_latest_tag run: echo "tag=$(curl -sL https://api.github.com/repos/hydroserver2/hydroserver-webapp-back/releases/latest | jq -r '.tag_name')" >> $GITHUB_OUTPUT + - name: Get EC2 Instance Type + id: get_instance_type + run: echo "instance_type=${{ github.event.inputs.aws-instance-type || 't2.micro' }}" >> $GITHUB_OUTPUT + - name: Checkout Backend Repo uses: actions/checkout@v4 with: @@ -69,7 +76,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-isntance-type || steps.get_instance_type.outputs.instance_type }}" continue-on-error: true - name: Terraform Plan Status @@ -79,7 +86,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/self_hosted_timescale run: | - terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-isntance-type || steps.get_instance_type.outputs.instance_type }}" echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf index ac54125..db1901c 100644 --- a/terraform/self_hosted_timescale/app-instances.tf +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -12,14 +12,15 @@ resource "aws_instance" "primary_1" { inline = [ "sudo yum update -y", "sudo yum install git -y", - "sudo amazon-linux-extras install docker -y", + "sudo yum install -y docker", "sudo service docker start", + "sudo usermod -a -G docker ec2-user", "sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose", "sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose", "sudo chmod +x /usr/local/bin/docker-compose;", - "sudo docker network create tsdb", - "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", - "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + "docker network create tsdb", + "docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", + "docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" ] } tags = { @@ -43,14 +44,15 @@ resource "aws_instance" "replica_1" { inline = [ "sudo yum update -y", "sudo yum install git -y", - "sudo amazon-linux-extras install docker -y", + "sudo yum install -y docker", "sudo service docker start", + "sudo usermod -a -G docker ec2-user", "sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose", "sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose", "sudo chmod +x /usr/local/bin/docker-compose;", - "sudo docker network create tsdb", - "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", - "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + "docker network create tsdb", + "docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", + "docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" ] } tags = { diff --git a/terraform/self_hosted_timescale/variables.tf b/terraform/self_hosted_timescale/variables.tf index 23f0caf..0e76465 100644 --- a/terraform/self_hosted_timescale/variables.tf +++ b/terraform/self_hosted_timescale/variables.tf @@ -6,12 +6,10 @@ variable "region" {} variable "db_user" {} variable "db_password" {} variable "aws_ami" { - default = "ami-00beae93a2d981137" + default = "ami-09e647bf7a368e505" } variable "private_key" {} variable "public_key" {} -variable "aws_type" { - default = "t2.micro" -} +variable "aws_type" {} From c739cff3af8c3570464d98aaeb865a09c7220d8c Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:39:49 -0600 Subject: [PATCH 15/29] fixed name --- .../workflows/self_hosted_timescale_ create_database.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 3a799d5..e15d982 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -22,7 +22,7 @@ on: db-password: description: 'Enter a password for the timescale db' required: true - aws-isntance-type: + aws-instance-type: description: 'Enter aaws ec2 isntance type (default is t2.micro)' required: false hydroserver-version: @@ -76,7 +76,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-isntance-type || steps.get_instance_type.outputs.instance_type }}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" continue-on-error: true - name: Terraform Plan Status @@ -86,7 +86,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/self_hosted_timescale run: | - terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-isntance-type || steps.get_instance_type.outputs.instance_type }}" + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt From f22086a0af0484a800096fff3388077efddcf521 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:42:30 -0600 Subject: [PATCH 16/29] change name --- .github/workflows/self_hosted_timescale_ create_database.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index e15d982..486b3d0 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -76,7 +76,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/self_hosted_timescale - run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" + run: terraform plan -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" continue-on-error: true - name: Terraform Plan Status @@ -86,7 +86,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/self_hosted_timescale run: | - terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_instance_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt From 110f2452e58f4b36252eb1a484dff04bc5d73cac Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:46:38 -0600 Subject: [PATCH 17/29] fixing more typos --- terraform/self_hosted_timescale/app-instances.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf index db1901c..31ff369 100644 --- a/terraform/self_hosted_timescale/app-instances.tf +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -31,7 +31,7 @@ resource "aws_instance" "primary_1" { ] } resource "aws_instance" "replica_1" { - ami = "ami-00798d7180f25aac2" + ami = var.aws_ami instance_type = var.aws_type security_groups = ["${aws_security_group.swarm.name}"] key_name = aws_key_pair.deployer.key_name From 056f87f2cd89138f58434f2db44233ee627409d1 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:51:13 -0600 Subject: [PATCH 18/29] change ami id. Different in each region --- terraform/self_hosted_timescale/variables.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/self_hosted_timescale/variables.tf b/terraform/self_hosted_timescale/variables.tf index 0e76465..0f7f24c 100644 --- a/terraform/self_hosted_timescale/variables.tf +++ b/terraform/self_hosted_timescale/variables.tf @@ -6,7 +6,7 @@ variable "region" {} variable "db_user" {} variable "db_password" {} variable "aws_ami" { - default = "ami-09e647bf7a368e505" + default = "ami-00beae93a2d981137" } variable "private_key" {} variable "public_key" {} From 8221d60aec34fdad454447a819a577ffc8f5bf9f Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 15:58:36 -0600 Subject: [PATCH 19/29] use sudo instead --- terraform/self_hosted_timescale/app-instances.tf | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf index 31ff369..46edf8b 100644 --- a/terraform/self_hosted_timescale/app-instances.tf +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -14,13 +14,12 @@ resource "aws_instance" "primary_1" { "sudo yum install git -y", "sudo yum install -y docker", "sudo service docker start", - "sudo usermod -a -G docker ec2-user", "sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose", "sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose", "sudo chmod +x /usr/local/bin/docker-compose;", - "docker network create tsdb", - "docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", - "docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + "sudo docker network create tsdb", + "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", + "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" ] } tags = { @@ -46,13 +45,12 @@ resource "aws_instance" "replica_1" { "sudo yum install git -y", "sudo yum install -y docker", "sudo service docker start", - "sudo usermod -a -G docker ec2-user", "sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose", "sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose", "sudo chmod +x /usr/local/bin/docker-compose;", - "docker network create tsdb", - "docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", - "docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + "sudo docker network create tsdb", + "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", + "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" ] } tags = { From bcb08cfacf3cd941fdd44b283d53118aa8e5db81 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 21:18:51 -0600 Subject: [PATCH 20/29] correction --- terraform/self_hosted_timescale/outputs.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/terraform/self_hosted_timescale/outputs.tf b/terraform/self_hosted_timescale/outputs.tf index 71f211d..3477703 100644 --- a/terraform/self_hosted_timescale/outputs.tf +++ b/terraform/self_hosted_timescale/outputs.tf @@ -1,3 +1,3 @@ output "self_hosted_tsdb_hostname" { - value = "aws_instance.primary_1.public_ip" + value = aws_instance.primary_1.public_ip } From 66aafc7b9dd12ff136081a804cb7f86eeb3e293f Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 22:07:33 -0600 Subject: [PATCH 21/29] added destroy workflow, and corrected workflow to destroy hs infra --- .github/workflows/aws_destroy_deployment.yml | 2 +- .../destroy_self_hosted_timescale.yml | 79 +++++++++++++++++++ ...self_hosted_timescale_ create_database.yml | 4 +- .../workflows/timescale_create_database.yml | 12 +-- .../self_hosted_timescale/app-instances.tf | 4 +- 5 files changed, 90 insertions(+), 11 deletions(-) create mode 100644 .github/workflows/destroy_self_hosted_timescale.yml diff --git a/.github/workflows/aws_destroy_deployment.yml b/.github/workflows/aws_destroy_deployment.yml index a6007e2..7002b3c 100644 --- a/.github/workflows/aws_destroy_deployment.yml +++ b/.github/workflows/aws_destroy_deployment.yml @@ -12,7 +12,7 @@ permissions: contents: read jobs: - setup-deployment: + destroy-deployment: runs-on: ubuntu-20.04 environment: ${{ github.event.inputs.environment }} defaults: diff --git a/.github/workflows/destroy_self_hosted_timescale.yml b/.github/workflows/destroy_self_hosted_timescale.yml new file mode 100644 index 0000000..07cbf12 --- /dev/null +++ b/.github/workflows/destroy_self_hosted_timescale.yml @@ -0,0 +1,79 @@ +name: Destroy Self Hosted TimescaleScale Database Cluster with Backup + +on: + workflow_dispatch: + inputs: + environment: + description: 'Enter a deployment environment name.' + required: true + db-user: + description: 'Enter a username for the timescale db' + required: true + db-password: + description: 'Enter a password for the timescale db' + required: true + aws-instance-type: + description: 'Enter aws ec2 isntance type, please use the same instance type as the one used to create the database' + required: false + +permissions: + id-token: write + contents: read + +jobs: + destroy-deployment: + runs-on: ubuntu-20.04 + environment: ${{ github.event.inputs.environment }} + steps: + - name: configureawscredentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ vars.AWS_IAM_ROLE }} + role-session-name: create-hydroserver-resources + aws-region: ${{ vars.AWS_REGION }} + + - name: Checkout Repo + uses: actions/checkout@v3 + with: + ref: main + path: ops + + - name: Get EC2 Instance Type + id: get_instance_type + run: echo "instance_type=${{ github.event.inputs.aws-instance-type || 't2.micro' }}" >> $GITHUB_OUTPUT + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + - name: Terraform Init + working-directory: ./ops/terraform/self_hosted_timescale + run: terraform init -destroy -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_self_hosted_database_${{ github.event.inputs.environment }}" + + - name: Terraform Plan + id: plan + working-directory: ./ops/terraform/self_hosted_timescale + run: terraform plan -destroy -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" + continue-on-error: true + + - name: Terraform Plan Status + if: steps.plan.outcome == 'failure' + run: exit 1 + + - name: Terraform Apply + working-directory: ./ops/terraform/self_hosted_timescale + run: | + terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" + echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt + echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt + echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt + echo "CONNECTION_STRING=postgresql://${{ github.event.inputs.db-user }}:${{ github.event.inputs.db-password }}@$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value'):5432/tsdb" >> timescale_${{ github.event.inputs.environment }}_connection.txt + cat << EOF > ../../../backend/.env + PROXY_BASE_URL=http://127.0.0.1:8000 + DATABASE_URL=postgresql://${{ github.event.inputs.db-user }}:${{ github.event.inputs.db-password }}@$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value'):5432/tsdb + DEPLOYED=True + EOF + + - name: Delete the Connection Details in S3 + working-directory: ./ops/terraform/self_hosted_timescale + run: | + aws s3 rm s3://${{ vars.TERRAFORM_BUCKET }}/output/timescale_${{ github.event.inputs.environment }}_connection.txt diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 486b3d0..7e806f3 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -1,4 +1,4 @@ -name: Create HydroServer Self Hosted TimescaleScale Database Cluster with Backup +name: Create Self Hosted TimescaleScale Database Cluster with Backup For HydroServer on: workflow_dispatch: @@ -23,7 +23,7 @@ on: description: 'Enter a password for the timescale db' required: true aws-instance-type: - description: 'Enter aaws ec2 isntance type (default is t2.micro)' + description: 'Enter aws ec2 isntance type (default is t2.micro)' required: false hydroserver-version: description: 'Enter a version of HydroServer to use. Leave blank to use the latest version.' diff --git a/.github/workflows/timescale_create_database.yml b/.github/workflows/timescale_create_database.yml index f73bab9..eeeb334 100644 --- a/.github/workflows/timescale_create_database.yml +++ b/.github/workflows/timescale_create_database.yml @@ -16,7 +16,7 @@ on: description: 'Enter a partition interval in days.' default: '365' required: true - hydroserver-version: + hydroserver-version: description: 'Enter a version of HydroServer to use. Leave blank to use the latest version.' required: false @@ -35,7 +35,7 @@ jobs: role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ vars.AWS_IAM_ROLE }} role-session-name: create-hydroserver-resources aws-region: ${{ vars.AWS_REGION }} - + - name: Checkout Repo uses: actions/checkout@v3 with: @@ -45,7 +45,7 @@ jobs: - name: Get Latest HydroServer Version id: get_latest_tag run: echo "tag=$(curl -sL https://api.github.com/repos/hydroserver2/hydroserver-webapp-back/releases/latest | jq -r '.tag_name')" >> $GITHUB_OUTPUT - + - name: Checkout Backend Repo uses: actions/checkout@v4 with: @@ -88,14 +88,14 @@ jobs: working-directory: ./ops/terraform/timescale run: | aws s3 cp timescale_${{ github.event.inputs.environment }}_connection.txt s3://${{ vars.TERRAFORM_BUCKET }}/output/timescale_${{ github.event.inputs.environment }}_connection.txt - + - name: Install Django Dependencies working-directory: ./backend run: | python -m pip install --upgrade pip pip install -r requirements.txt pip install pyopenssl --upgrade - + - name: Run Database Setup Commands working-directory: ./backend env: @@ -107,4 +107,4 @@ jobs: run: | python manage.py migrate python manage.py configure_timescaledb --partition-interval-days ${{ github.event.inputs.partition-interval }} - python manage.py createsuperuser --noinput + python manage.py createsuperuser --noinput diff --git a/terraform/self_hosted_timescale/app-instances.tf b/terraform/self_hosted_timescale/app-instances.tf index 46edf8b..16c1602 100644 --- a/terraform/self_hosted_timescale/app-instances.tf +++ b/terraform/self_hosted_timescale/app-instances.tf @@ -19,7 +19,7 @@ resource "aws_instance" "primary_1" { "sudo chmod +x /usr/local/bin/docker-compose;", "sudo docker network create tsdb", "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", - "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" ] } tags = { @@ -50,7 +50,7 @@ resource "aws_instance" "replica_1" { "sudo chmod +x /usr/local/bin/docker-compose;", "sudo docker network create tsdb", "sudo docker run --restart=unless-stopped --name=tsdb_db -d -p 5432:5432 --network tsdb -e POSTGRES_DB=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_PASSWORD=${var.db_password} -v $(pwd)/data:/var/lib/postgresql/data timescale/timescaledb:latest-pg13", - "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e TSDB_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" + "sudo docker run -d --restart=unless-stopped --name=postgres_backup --network tsdb -e SCHEDULE='@daily' -e S3_REGION=${var.region} -e S3_ACCESS_KEY_ID=${var.access_key} -e S3_SECRET_ACCESS_KEY=${var.secret_key} -e S3_BUCKET=timescale-backup-${var.instance}-${data.aws_caller_identity.current.account_id} -e POSTGRES_DATABASE=tsdb -e POSTGRES_USER=${var.db_user} -e POSTGRES_HOST=tsdb_db -e POSTGRES_PASSWORD=${var.db_password} -e S3_PREFIX=backup -e POSTGRES_EXTRA_OPTS='--format=plain --quote-all-identifiers --no-tablespaces --no-owner --no-privileges' schickling/postgres-backup-s3" ] } tags = { From 3f54da00e164e32df7b26212d222fd75110f2327 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 22:12:51 -0600 Subject: [PATCH 22/29] added another github action for destroying tiemscaledb cloud --- ...loyment.yml => destroy_aws_deployment.yml} | 0 .../workflows/destroy_timescale_database.yml | 66 +++++++++++++++++++ 2 files changed, 66 insertions(+) rename .github/workflows/{aws_destroy_deployment.yml => destroy_aws_deployment.yml} (100%) create mode 100644 .github/workflows/destroy_timescale_database.yml diff --git a/.github/workflows/aws_destroy_deployment.yml b/.github/workflows/destroy_aws_deployment.yml similarity index 100% rename from .github/workflows/aws_destroy_deployment.yml rename to .github/workflows/destroy_aws_deployment.yml diff --git a/.github/workflows/destroy_timescale_database.yml b/.github/workflows/destroy_timescale_database.yml new file mode 100644 index 0000000..23a4162 --- /dev/null +++ b/.github/workflows/destroy_timescale_database.yml @@ -0,0 +1,66 @@ +name: Create HydroServer Timescale Cloud Database + +on: + workflow_dispatch: + inputs: + environment: + description: 'Enter a deployment environment name.' + required: true + +permissions: + id-token: write + contents: read + +jobs: + setup-deployment: + runs-on: ubuntu-20.04 + environment: ${{ github.event.inputs.environment }} + steps: + - name: configureawscredentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ vars.AWS_IAM_ROLE }} + role-session-name: create-hydroserver-resources + aws-region: ${{ vars.AWS_REGION }} + + - name: Checkout Repo + uses: actions/checkout@v3 + with: + ref: main + path: ops + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v3 + + - name: Terraform Init + working-directory: ./ops/terraform/timescale + run: terraform init -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_database_${{ github.event.inputs.environment }}" + + - name: Terraform Plan + id: plan + working-directory: ./ops/terraform/timescale + run: terraform plan -destroy -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + continue-on-error: true + + - name: Terraform Plan Status + if: steps.plan.outcome == 'failure' + run: exit 1 + + - name: Terraform Apply + working-directory: ./ops/terraform/timescale + run: | + terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + echo "HOSTNAME=$(terraform output -json | jq -r '.hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt + echo "PORT=$(terraform output -json | jq -r '.port.value')" >> timescale_${{ github.event.inputs.environment }}_connection.txt + echo "PASSWORD=$(terraform output -json | jq -r '.password.value')" >> timescale_${{ github.event.inputs.environment }}_connection.txt + echo "CONNECTION_STRING=postgresql://tsdbadmin:$(terraform output -json | jq -r '.password.value')@$(terraform output -json | jq -r '.hostname.value'):$(terraform output -json | jq -r '.port.value')/tsdb" >> timescale_${{ github.event.inputs.environment }}_connection.txt + cat << EOF > ../../../backend/.env + PROXY_BASE_URL=http://127.0.0.1:8000 + DATABASE_URL=postgresql://tsdbadmin:$(terraform output -json | jq -r ".password.value")@$(terraform output -json | jq -r ".hostname.value"):$(terraform output -json | jq -r ".port.value")/tsdb + DEPLOYED=True + EOF + + - name: Delete Connection Details to S3 + working-directory: ./ops/terraform/timescale + run: | + aws s3 rm s3://${{ vars.TERRAFORM_BUCKET }}/output/timescale_${{ github.event.inputs.environment }}_connection.txt From 348195a8e3508ebb53411f574f1430ba8b33ebcf Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 22:18:12 -0600 Subject: [PATCH 23/29] remove -destroy from init --- .github/workflows/destroy_self_hosted_timescale.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/destroy_self_hosted_timescale.yml b/.github/workflows/destroy_self_hosted_timescale.yml index 07cbf12..8871353 100644 --- a/.github/workflows/destroy_self_hosted_timescale.yml +++ b/.github/workflows/destroy_self_hosted_timescale.yml @@ -47,7 +47,7 @@ jobs: - name: Terraform Init working-directory: ./ops/terraform/self_hosted_timescale - run: terraform init -destroy -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_self_hosted_database_${{ github.event.inputs.environment }}" + run: terraform init -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_self_hosted_database_${{ github.event.inputs.environment }}" - name: Terraform Plan id: plan From 473996ad2e3059bdac91b7a8c767b5d5136e6c89 Mon Sep 17 00:00:00 2001 From: romer8 Date: Tue, 4 Jun 2024 22:21:27 -0600 Subject: [PATCH 24/29] Fix: ./backend/.env: No such file or directory --- .github/workflows/destroy_self_hosted_timescale.yml | 9 --------- .github/workflows/destroy_timescale_database.yml | 9 --------- 2 files changed, 18 deletions(-) diff --git a/.github/workflows/destroy_self_hosted_timescale.yml b/.github/workflows/destroy_self_hosted_timescale.yml index 8871353..61aaed9 100644 --- a/.github/workflows/destroy_self_hosted_timescale.yml +++ b/.github/workflows/destroy_self_hosted_timescale.yml @@ -63,15 +63,6 @@ jobs: working-directory: ./ops/terraform/self_hosted_timescale run: | terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" - echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt - echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt - echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt - echo "CONNECTION_STRING=postgresql://${{ github.event.inputs.db-user }}:${{ github.event.inputs.db-password }}@$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value'):5432/tsdb" >> timescale_${{ github.event.inputs.environment }}_connection.txt - cat << EOF > ../../../backend/.env - PROXY_BASE_URL=http://127.0.0.1:8000 - DATABASE_URL=postgresql://${{ github.event.inputs.db-user }}:${{ github.event.inputs.db-password }}@$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value'):5432/tsdb - DEPLOYED=True - EOF - name: Delete the Connection Details in S3 working-directory: ./ops/terraform/self_hosted_timescale diff --git a/.github/workflows/destroy_timescale_database.yml b/.github/workflows/destroy_timescale_database.yml index 23a4162..348bda8 100644 --- a/.github/workflows/destroy_timescale_database.yml +++ b/.github/workflows/destroy_timescale_database.yml @@ -50,15 +50,6 @@ jobs: working-directory: ./ops/terraform/timescale run: | terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - echo "HOSTNAME=$(terraform output -json | jq -r '.hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt - echo "PORT=$(terraform output -json | jq -r '.port.value')" >> timescale_${{ github.event.inputs.environment }}_connection.txt - echo "PASSWORD=$(terraform output -json | jq -r '.password.value')" >> timescale_${{ github.event.inputs.environment }}_connection.txt - echo "CONNECTION_STRING=postgresql://tsdbadmin:$(terraform output -json | jq -r '.password.value')@$(terraform output -json | jq -r '.hostname.value'):$(terraform output -json | jq -r '.port.value')/tsdb" >> timescale_${{ github.event.inputs.environment }}_connection.txt - cat << EOF > ../../../backend/.env - PROXY_BASE_URL=http://127.0.0.1:8000 - DATABASE_URL=postgresql://tsdbadmin:$(terraform output -json | jq -r ".password.value")@$(terraform output -json | jq -r ".hostname.value"):$(terraform output -json | jq -r ".port.value")/tsdb - DEPLOYED=True - EOF - name: Delete Connection Details to S3 working-directory: ./ops/terraform/timescale From 2d057f88fbc401927930536fef6a93af1829671d Mon Sep 17 00:00:00 2001 From: romer8 Date: Wed, 5 Jun 2024 11:11:10 -0600 Subject: [PATCH 25/29] change name --- .github/workflows/destroy_timescale_database.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/destroy_timescale_database.yml b/.github/workflows/destroy_timescale_database.yml index 348bda8..8dac9d5 100644 --- a/.github/workflows/destroy_timescale_database.yml +++ b/.github/workflows/destroy_timescale_database.yml @@ -1,4 +1,4 @@ -name: Create HydroServer Timescale Cloud Database +name: Destroy HydroServer Timescale Cloud Database on: workflow_dispatch: From 07c7f442f4944875f97358fa4cc89889d6c9c9c0 Mon Sep 17 00:00:00 2001 From: romer8 Date: Wed, 5 Jun 2024 11:50:57 -0600 Subject: [PATCH 26/29] added target --- .github/workflows/destroy_timescale_database.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/destroy_timescale_database.yml b/.github/workflows/destroy_timescale_database.yml index 8dac9d5..d5ec1e9 100644 --- a/.github/workflows/destroy_timescale_database.yml +++ b/.github/workflows/destroy_timescale_database.yml @@ -39,7 +39,7 @@ jobs: - name: Terraform Plan id: plan working-directory: ./ops/terraform/timescale - run: terraform plan -destroy -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + run: terraform plan -destroy -no-color -plan=timescale_service.hydroserver_timescale -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" continue-on-error: true - name: Terraform Plan Status @@ -49,7 +49,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/timescale run: | - terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + terraform apply -destroy -plan=timescale_service.hydroserver_timescale -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - name: Delete Connection Details to S3 working-directory: ./ops/terraform/timescale From b1a58209bc163372af07ea975359de5ae6d6e4a2 Mon Sep 17 00:00:00 2001 From: romer8 Date: Wed, 5 Jun 2024 11:59:14 -0600 Subject: [PATCH 27/29] added target --- .../workflows/destroy_timescale_database.yml | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/.github/workflows/destroy_timescale_database.yml b/.github/workflows/destroy_timescale_database.yml index d5ec1e9..2d01fdd 100644 --- a/.github/workflows/destroy_timescale_database.yml +++ b/.github/workflows/destroy_timescale_database.yml @@ -36,10 +36,25 @@ jobs: working-directory: ./ops/terraform/timescale run: terraform init -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_database_${{ github.event.inputs.environment }}" + - name: Terraform Plan with target + id: plan-target + working-directory: ./ops/terraform/timescale + run: terraform plan -destroy -no-color -target=timescale_service.hydroserver_timescale -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + continue-on-error: true + + - name: Terraform Plan Status with target + if: steps.plan-target.outcome == 'failure' + run: exit 1 + + - name: Terraform Apply with target + working-directory: ./ops/terraform/timescale + run: | + terraform apply -destroy -target=timescale_service.hydroserver_timescale -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + - name: Terraform Plan id: plan working-directory: ./ops/terraform/timescale - run: terraform plan -destroy -no-color -plan=timescale_service.hydroserver_timescale -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + run: terraform plan -destroy -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" continue-on-error: true - name: Terraform Plan Status @@ -49,7 +64,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/timescale run: | - terraform apply -destroy -plan=timescale_service.hydroserver_timescale -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" + terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - name: Delete Connection Details to S3 working-directory: ./ops/terraform/timescale From 81413cff82f40f437803924ca82d08c4bceee0c7 Mon Sep 17 00:00:00 2001 From: romer8 Date: Wed, 5 Jun 2024 12:05:55 -0600 Subject: [PATCH 28/29] just delete the version of destroy --- .../workflows/destroy_timescale_database.yml | 72 ------------------- 1 file changed, 72 deletions(-) delete mode 100644 .github/workflows/destroy_timescale_database.yml diff --git a/.github/workflows/destroy_timescale_database.yml b/.github/workflows/destroy_timescale_database.yml deleted file mode 100644 index 2d01fdd..0000000 --- a/.github/workflows/destroy_timescale_database.yml +++ /dev/null @@ -1,72 +0,0 @@ -name: Destroy HydroServer Timescale Cloud Database - -on: - workflow_dispatch: - inputs: - environment: - description: 'Enter a deployment environment name.' - required: true - -permissions: - id-token: write - contents: read - -jobs: - setup-deployment: - runs-on: ubuntu-20.04 - environment: ${{ github.event.inputs.environment }} - steps: - - name: configureawscredentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/${{ vars.AWS_IAM_ROLE }} - role-session-name: create-hydroserver-resources - aws-region: ${{ vars.AWS_REGION }} - - - name: Checkout Repo - uses: actions/checkout@v3 - with: - ref: main - path: ops - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v3 - - - name: Terraform Init - working-directory: ./ops/terraform/timescale - run: terraform init -backend-config="bucket=${{ vars.TERRAFORM_BUCKET }}" -backend-config="region=${{ vars.AWS_REGION }}" -backend-config="key=state/timescale_database_${{ github.event.inputs.environment }}" - - - name: Terraform Plan with target - id: plan-target - working-directory: ./ops/terraform/timescale - run: terraform plan -destroy -no-color -target=timescale_service.hydroserver_timescale -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - continue-on-error: true - - - name: Terraform Plan Status with target - if: steps.plan-target.outcome == 'failure' - run: exit 1 - - - name: Terraform Apply with target - working-directory: ./ops/terraform/timescale - run: | - terraform apply -destroy -target=timescale_service.hydroserver_timescale -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - - - name: Terraform Plan - id: plan - working-directory: ./ops/terraform/timescale - run: terraform plan -destroy -no-color -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - continue-on-error: true - - - name: Terraform Plan Status - if: steps.plan.outcome == 'failure' - run: exit 1 - - - name: Terraform Apply - working-directory: ./ops/terraform/timescale - run: | - terraform apply -destroy -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var project_id="${{ vars.TIMESCALE_PROJECT_ID }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" - - - name: Delete Connection Details to S3 - working-directory: ./ops/terraform/timescale - run: | - aws s3 rm s3://${{ vars.TERRAFORM_BUCKET }}/output/timescale_${{ github.event.inputs.environment }}_connection.txt From c9d7f01eee08a370ad741570e0adfacc1a56a7a8 Mon Sep 17 00:00:00 2001 From: romer8 Date: Sat, 6 Jul 2024 16:57:02 -0600 Subject: [PATCH 29/29] changes to the self hosted timescaledb --- .../workflows/self_hosted_timescale_ create_database.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/self_hosted_timescale_ create_database.yml b/.github/workflows/self_hosted_timescale_ create_database.yml index 7e806f3..f666cf2 100644 --- a/.github/workflows/self_hosted_timescale_ create_database.yml +++ b/.github/workflows/self_hosted_timescale_ create_database.yml @@ -53,7 +53,7 @@ jobs: - name: Get Latest HydroServer Version id: get_latest_tag - run: echo "tag=$(curl -sL https://api.github.com/repos/hydroserver2/hydroserver-webapp-back/releases/latest | jq -r '.tag_name')" >> $GITHUB_OUTPUT + run: echo "tag=$(curl -sL https://api.github.com/repos/hydroserver2/hydroserver-api-services/releases/latest | jq -r '.tag_name')" >> $GITHUB_OUTPUT - name: Get EC2 Instance Type id: get_instance_type @@ -62,7 +62,7 @@ jobs: - name: Checkout Backend Repo uses: actions/checkout@v4 with: - repository: hydroserver2/hydroserver-webapp-back + repository: hydroserver2/hydroserver-api-services ref: refs/tags/${{ github.event.inputs.hydroserver-version || steps.get_latest_tag.outputs.tag }} path: backend @@ -86,7 +86,7 @@ jobs: - name: Terraform Apply working-directory: ./ops/terraform/self_hosted_timescale run: | - terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.TIMESCALE_ACCESS_KEY }}" -var secret_key="${{ secrets.TIMESCALE_SECRET_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" + terraform apply -auto-approve -var instance="${{ github.event.inputs.environment }}" -var region="${{ vars.AWS_REGION }}" -var db_user="${{ github.event.inputs.db-user }}" -var db_password="${{ github.event.inputs.db-password }}" -var access_key="${{ secrets.USER_ACCESS_KEY_ID }}" -var secret_key="${{ secrets.USER_SECRET_ACCESS_KEY }}" -var private_key="${{ secrets.SELF_HOSTED_TIMESCALE_PRIVATE_KEY }}" -var public_key="${{ secrets.SELF_HOSTED_TIMESCALE_PUBLIC_KEY }}" -var aws_type="${{ github.event.inputs.aws-instance-type || steps.get_instance_type.outputs.instance_type }}" echo "HOSTNAME=$(terraform output -json | jq -r '.self_hosted_tsdb_hostname.value')" > timescale_${{ github.event.inputs.environment }}_connection.txt echo "PORT=5432" >> timescale_${{ github.event.inputs.environment }}_connection.txt echo "PASSWORD=${{ github.event.inputs.db-password }}" >> timescale_${{ github.event.inputs.environment }}_connection.txt