-
-
Save arbabnazar/7f58d5314915a170fbfe to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Environment specific variables | |
COMPANY: rbgeek | |
ENVIRONMENT: dev | |
SERVER_ROLE: web | |
# VPC specific variables | |
VPC_NAME: "{{ COMPANY }}-{{ ENVIRONMENT }}" | |
VPC_REGION: eu-west-1 # Ireland | |
VPC_CIDR: "10.10.0.0/16" | |
VPC_CLASS_DEFAULT: "10.10" | |
#Github username for creating EC2 KEY Pair | |
GITHUB_USERNAME: "arbabnazar" | |
EC2_KEY_NAME: "{{ GITHUB_USERNAME }}-github-key" | |
LOCAL_USER_SSH_KEY: no | |
# Ubuntu AMI specific variables | |
AMI_NAME: "ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*" | |
AMI_OWNER: "099720109477" | |
# EC2 instances specific variables | |
EC2_INSTANCE_TYPE: t2.nano | |
EC2_SECURITY_GROUP_NAME: | |
- "{{ VPC_NAME }}-{{ SSH_SG_NAME }}" | |
- "{{ VPC_NAME }}-{{ WEB_SG_NAME }}" | |
EC2_VOLUME_SIZE: 10 | |
EC2_COUNT: 1 | |
EC2_SUBNET_ID: | |
- "{{ PUBLIC_SUBNET_1 }}" | |
- "{{ PUBLIC_SUBNET_2 }}" | |
# RDS specific variables | |
RDS_SUBNET_GROUP_NAME: "{{ VPC_NAME }}-subnet-group" | |
RDS_SG_DESCRIPTION: "Subnet Group for rds instances inside {{ VPC_NAME }} VPC" | |
RDS_SG_SUBNETS: | |
- "{{ PRIVATE_SUBNET_1 }}" | |
- "{{ PRIVATE_SUBNET_2 }}" | |
RDS_SG_NAME: "{{ VPC_NAME }}-{{ DATABASE_SG_NAME }}" | |
RDS_MULTI_ZONE_OPTION: no | |
RDS_INSTANCE_NAME: "{{ COMPANY }}-{{ ENVIRONMENT }}-rds" | |
RDS_DB_ENGINE: MySQL | |
RDS_DB_SIZE: 10 | |
RDS_DB_NAME: "mydatabase" | |
RDS_INSTANCE_TYPE: "db.t2.micro" | |
RDS_DB_USERNAME: root | |
RDS_DB_PASSWORD: "verystrongpassword" | |
RDS_BACKUP_RETENTION_PERIOD: 1 | |
RDS_PUBLICLY_ACCESSIBLE: no | |
RDS_WAIT_TIMEOUT: 1800 | |
# Elastic Load Balancer specific variables | |
ELB_NAME: "{{ COMPANY }}-{{ ENVIRONMENT }}-{{ SERVER_ROLE }}-elb" | |
ELB_SUBNET_ID: | |
- "{{ PUBLIC_SUBNET_1 }}" | |
- "{{ PUBLIC_SUBNET_2 }}" | |
ELB_PURGE_SUBNETS: yes | |
ELB_CROSS_AZ_LOAD_BALANCING: yes | |
ELB_PING_PROTOCOL: tcp | |
ELB_PING_PORT: 80 | |
ELB_RESPONSE_TIMEOUT: 5 | |
ELB_INTERVAL: 30 | |
ELB_UNHEALTHY_THRESHOLD: 2 | |
ELB_HEALTHY_THRESHOLD: 10 | |
ELB_CONNECTION_DRAINING_TIMEOUT: 60 | |
ELB_SECURITY_GROUP_NAME: "{{ VPC_NAME }}-{{ ELB_SG_NAME }}" | |
ELB_LISTENERS: | |
- protocol: http | |
load_balancer_port: 80 | |
instance_protocol: http | |
instance_port: 80 | |
- protocol: https | |
load_balancer_port: 443 | |
instance_protocol: http | |
instance_port: 80 | |
ssl_certificate_id: "arn:aws:iam::189142601945:server-certificate/tendo-crt" | |
# EC2 Security Groups specific variables | |
WEB_SG_NAME: "webserver-sg" | |
DATABASE_SG_NAME: "rds-sg" | |
SSH_SG_NAME: "ssh-sg" | |
ELB_SG_NAME: "elb-sg" | |
# Security Groups | |
EC2_SECURITY_GROUPS: "{{ SSH_SG + WEB_SG + DATABASE_SG + ELB_SG }}" | |
# Secrity Groups info(Name, Description and Rules) for Web, RDS and ELB | |
SSH_SG: | |
- name: "{{ VPC_NAME }}-{{ SSH_SG_NAME }}" | |
description: "This sg is for remote access to instances inside {{ VPC_NAME }} VPC" | |
rules: | |
- proto: tcp | |
from_port: 22 | |
to_port: 22 | |
cidr_ip: 0.0.0.0/0 | |
WEB_SG: | |
- name: "{{ VPC_NAME }}-{{ WEB_SG_NAME }}" | |
description: "This sg is for web instances inside {{ VPC_NAME }} VPC" | |
rules: | |
- proto: tcp | |
from_port: 80 | |
to_port: 80 | |
cidr_ip: 0.0.0.0/0 | |
- proto: tcp | |
from_port: 443 | |
to_port: 443 | |
cidr_ip: 0.0.0.0/0 | |
DATABASE_SG: | |
- name: "{{ VPC_NAME }}-{{ DATABASE_SG_NAME }}" | |
description: "This sg is for rds instances inside {{ VPC_NAME }} VPC" | |
rules: | |
- proto: tcp | |
from_port: 3306 | |
to_port: 3306 | |
group_name: "{{ VPC_NAME }}-{{ WEB_SG_NAME }}" | |
ELB_SG: | |
- name: "{{ VPC_NAME }}-{{ ELB_SG_NAME }}" | |
description: "This sg is for ELB inside {{ VPC_NAME }} VPC" | |
rules: | |
- proto: tcp | |
from_port: 80 | |
to_port: 80 | |
cidr_ip: 0.0.0.0/0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment