-
-
Notifications
You must be signed in to change notification settings - Fork 268
/
Copy pathcloud_formation.yml
244 lines (218 loc) · 6.56 KB
/
cloud_formation.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
InstanceType:
Type: String
Default: t3.micro
Description: EC2 machine instance size (see https://aws.amazon.com/ec2/instance-types/)
AmiId:
Type: AWS::SSM::Parameter::Value<AWS::EC2::Image::Id>
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
Description: Amazon Linux 2 image ID (leave this as is)
VolumeSize:
Type: Number
Default: 64
MinValue: 16
Description: Disk size in Gb to allocate for storing downloaded episodes
PodsyncVersion:
Type: String
Default: latest
Description: Podsync version to use (see https://github.com/mxpv/podsync/releases)
PodsyncPort:
Type: Number
Default: 8080
MaxValue: 65535
Description: Server port to use
YouTubeApiKey:
Type: String
AllowedPattern: '.+' # Required
Description: |
Key to use for YouTube API access (see https://github.com/mxpv/podsync/blob/master/docs/how_to_get_youtube_api_key.md)
VimeoAccessToken:
Type: String
AllowedPattern: '.+' # Required
Description: |
Key to use for Vimeo API access (see https://github.com/mxpv/podsync/blob/master/docs/how_to_get_vimeo_token.md)
FeedId:
Type: String
Default: 'ID1'
AllowedPattern: '.+' # Required
Description: |
ID to use for the feed (you'll access it as http://localhost/ID1.xml)
FeedUrl:
Type: String
AllowedPattern: '.+'
Description: |
YouTube or Vimeo URL to host with Podsync (for example: https://www.youtube.com/user/XYZ)
PageSize:
Type: Number
Default: 50
MinValue: 5
Description: |
The number of episodes to query each time
Format:
Type: String
AllowedValues:
- 'audio'
- 'video'
Default: 'video'
Description: Feed format (audio or video)
Quality:
Type: String
AllowedValues:
- 'high'
- 'low'
Default: 'high'
Description: Feed quality (high or low)
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: 'VM configuration'
Parameters:
- InstanceType
- KeyName
- AmiId
- VolumeSize
- Label:
default: 'Podsync configuration'
Parameters:
- PodsyncVersion
- PodsyncPort
- YouTubeApiKey
- VimeoAccessToken
- Label:
default: 'Feed configuration'
Parameters:
- FeedId
- FeedUrl
- PageSize
- Format
- Quality
ParameterLabels:
InstanceType:
default: 'Instance type'
AmiId:
default: 'AMI ID'
VolumeSize:
default: 'Volume size'
PodsyncVersion:
default: 'Version'
PodsyncPort:
default: 'Server port'
YouTubeApiKey:
default: 'YouTube API Key'
VimeoAccessToken:
default: 'Vimeo Token'
FeedId:
default: 'Feed ID'
FeedUrl:
default: 'Feed URL'
PageSize:
default: 'Page size'
Resources:
NewKeyPair:
Type: AWS::EC2::KeyPair
Properties:
KeyName: !Sub "${AWS::StackName}"
Ec2Instance:
Type: AWS::EC2::Instance
CreationPolicy:
ResourceSignal:
Count: 1
Properties:
InstanceType: !Ref InstanceType
KeyName: !Ref NewKeyPair
ImageId: !Ref AmiId
SecurityGroups:
- !Ref AccessSecurityGroup
EbsOptimized: true
BlockDeviceMappings:
- DeviceName: /dev/xvda
Ebs:
VolumeSize: !Ref VolumeSize
IamInstanceProfile: !Ref SsmInstanceProfile
Tags:
- Key: 'Name'
Value: !Sub "${AWS::StackName}"
UserData:
Fn::Base64: !Sub |
#!/usr/bin/env bash
set -ex
trap '/opt/aws/bin/cfn-signal --exit-code 1 --resource Ec2Instance --region ${AWS::Region} --stack ${AWS::StackName}' ERR
# Install Docker
yum update -y
amazon-linux-extras install docker
systemctl start docker
usermod -a -G docker ec2-user
export publichost=$(ec2-metadata --public-hostname | cut -d ' ' -f2)
# Create configuration file
mkdir -p /home/ec2-user/podsync/data
tee /home/ec2-user/podsync/config.toml <<EOF
[server]
port = ${PodsyncPort}
hostname = "http://$publichost:${PodsyncPort}"
[storage]
[storage.local]
data_dir = "/home/ec2-user/podsync/data"
[tokens]
youtube = "${YouTubeApiKey}"
vimeo = "${VimeoAccessToken}"
[feeds]
[feeds.${FeedId}]
url = "${FeedUrl}"
page_size = ${PageSize}
quality = "${Quality}"
format = "${Format}"
EOF
# Pull image and run CLI
docker pull mxpv/podsync:${PodsyncVersion}
docker run -d \
-p ${PodsyncPort}:${PodsyncPort} \
-v /home/ec2-user/podsync/data:/app/data \
-v /home/ec2-user/podsync/config.toml:/app/config.toml \
--restart always \
mxpv/podsync:${PodsyncVersion}
# Signal ok
/opt/aws/bin/cfn-signal --exit-code 0 --resource Ec2Instance --region ${AWS::Region} --stack ${AWS::StackName}
# Setup instance profile with SSM policy. This let's connect to the EC2 machine via SSM console
SsmIamRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Sub "${AWS::StackName}"
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- 'sts:AssumeRole'
ManagedPolicyArns:
- 'arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore'
SsmInstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
InstanceProfileName: !Sub "${AWS::StackName}"
Roles:
- !Ref SsmIamRole
# Limit access to SSH and CLI server
AccessSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: !Sub "Podsync CLI security group for ${AWS::StackName}"
SecurityGroupIngress:
- IpProtocol: tcp
FromPort: !Ref PodsyncPort
ToPort: !Ref PodsyncPort
CidrIp: 0.0.0.0/0
Description: Access to Podsync server
- IpProtocol: tcp
FromPort: 22
ToPort: 22
CidrIp: 0.0.0.0/0
Description: SSH access to EC2 machine
Outputs:
PodsyncUrl:
Description: 'Feed URL'
Value: !Sub "http://${Ec2Instance.PublicDnsName}:${PodsyncPort}/${FeedId}.xml/"