-
Notifications
You must be signed in to change notification settings - Fork 3
/
box.yaml
152 lines (147 loc) · 5.08 KB
/
box.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Workstation
Mappings:
AWSRegion2AMI:
eu-central-1:
AMI: ami-0bdf93799014acdc4
Parameters:
InstanceType:
AllowedValues:
- t2.nano
- t2.micro
- t2.medium
- c5.xlarge
- m5.large
ConstraintDescription: must be a valid EC2 instance type.
Default: t2.micro
Description: Instance type for EC2 instance.
Type: String
KeyName:
ConstraintDescription: must be the name of an existing EC2 KeyPair.
Default: box
Description: Name of an existing EC2 KeyPair to enable SSH access to the instances
Type: AWS::EC2::KeyPair::KeyName
HostedZone:
AllowedPattern: "[\\x20-\\x7E]*"
ConstraintDescription: can contain only ASCII characters.
Default: piotr.is.
Description: zone name
MaxLength: '255'
MinLength: '1'
Type: String
IP:
ConstraintDescription: must be an IP address
Description: IP address to which the SG will be open (SSH/Mosh)
Type: String
Resources:
EIP:
Type: "AWS::EC2::EIP"
Properties:
Domain: vpc
Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !FindInMap [ AWSRegion2AMI, !Ref "AWS::Region", AMI ]
InstanceType: !Ref InstanceType
KeyName: !Ref KeyName
SecurityGroups: [!Ref SecurityGroup]
BlockDeviceMappings:
- DeviceName: /dev/sda1
Ebs:
VolumeSize: 20 # for them dockerz
Tags:
- Key: Name
Value: !Join [ "-", [EC2, !Ref "AWS::StackName"] ]
UserData:
Fn::Base64: !Sub |
#cloud-config
write_files:
- content: |
PATH="/home/ubuntu/.local/bin:/usr/local/go/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
LC_ALL=en_US.UTF-8
LANG=en_US.UTF-8
DEBIAN_FRONTEND=noninteractive
path: /etc/environment
package_update: true
package_upgrade: true
packages:
- awscli
- build-essential
- curl
- git
# - haskell-stack
- htop
- mc
- mosh
- openssh-server
- python
- python-pip
- python-setuptools
- python-wheel
- python3
- python3-pip
- python3-setuptools
- python3-wheel
- silversearcher-ag
- software-properties-common
- tmux
- tzdata
- wget
- zsh
runcmd:
- sed -i -e '/^PermitRootLogin/s/^.*$/PermitRootLogin no/' /etc/ssh/sshd_config
# - usermod -a -G docker ubuntu
# - curl -L https://julialang-s3.julialang.org/bin/linux/x64/1.1/julia-1.1.0-linux-x86_64.tar.gz | tar -zxv
# - ln -s /home/ubuntu/julia-1.1.0/bin/julia /usr/local/bin/julia
- ln -fs /usr/share/zoneinfo/Europe/Amsterdam /etc/localtime
- dpkg-reconfigure -f noninteractive tzdata
- curl -L https://github.com/neovim/neovim/releases/download/v0.3.7/nvim.appimage -o /usr/bin/nvim
- pip2 install neovim
- pip3 install neovim
- git clone https://github.com/robbyrussell/oh-my-zsh.git /home/ubuntu/.oh-my-zsh
- cp /home/ubuntu/.oh-my-zsh/templates/zshrc.zsh-template /home/ubuntu/.zshrc
- usermod -s /bin/zsh ubuntu
- curl -L https://dl.google.com/go/go1.12.5.linux-amd64.tar.gz | tar -C /usr/local -zxv
- git clone --depth 1 https://github.com/junegunn/fzf.git /home/ubuntu/.fzf
- ./home/ubuntu/.fzf/install --key-bindings --completion --update-rc
- git clone https://github.com/pkazmierczak/configs.git /home/ubuntu/configs
- curl -fLo /home/ubuntu/.config/nvim/autoload/plug.vim --create-dirs https://raw.githubusercontent.com/junegunn/vim-plug/master/plug.vim
- ln -s /home/ubuntu/configs/.vim/init.vim /home/ubuntu/.config/nvim/init.vim
- echo "some ssh key" >> /home/ubuntu/.ssh/authorized_keys
- chown -R ubuntu:ubuntu /home/ubuntu
- LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 mosh-server
EIPAssociation:
Type: "AWS::EC2::EIPAssociation"
Properties:
AllocationId: !GetAtt EIP.AllocationId
InstanceId: !Ref Instance
SecurityGroup:
Properties:
GroupDescription: 'Enable access to the instance. '
SecurityGroupIngress:
- CidrIp: !Sub '${IP}/32'
FromPort: '60000'
IpProtocol: udp
ToPort: '61000'
- CidrIp: !Sub '${IP}/32'
FromPort: '22'
IpProtocol: tcp
ToPort: '22'
- CidrIp: !Sub '${IP}/32'
FromPort: '8888'
IpProtocol: tcp
ToPort: '8888'
Tags:
- Key: Name
Value: !Join [ "-", [SG, !Ref "AWS::StackName"] ]
Type: AWS::EC2::SecurityGroup
MyDNS:
Type: AWS::Route53::RecordSet
Properties:
HostedZoneName: !Ref HostedZone
Comment: CNAME for the server
Name: !Join [ ".", [!Ref "AWS::StackName", !Ref HostedZone] ]
Type: A
TTL: 300
ResourceRecords: [ !Ref EIP ]