Lionel Martin li0nel
li0nel
/ gist:2dd1dada1a98cc2ea5e1a42fab7e79ab
Last active
March 25, 2024 07:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Use the official lightweight Node.js 12 image. | |
| # https://hub.docker.com/_/node | |
| FROM node:12-slim | |
| # Create and change to the app directory. | |
| WORKDIR /usr/src/app | |
| # Copy application dependency manifests to the container image. | |
| # A wildcard is used to ensure copying both package.json AND package-lock.json (when available). | |
| # Copying this first prevents re-running npm install on every code change. |
li0nel
/ Dockerfile
Last active
January 30, 2024 19:09
Run crons in Docker ; get cron logs as std Docker log
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM ubuntu:14.04 | |
| MAINTAINER li0nel | |
| USER root | |
| # Install CRON | |
| RUN apt-get update && apt-get -y install sudo && \ | |
| apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10 && \ | |
| echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.0.list && \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # One ALB with two listeners for HTTP and HTTPS | |
| # The HTTP listener will pointed to a specific Nginx container redirecting traffic to HTTPS | |
| # because neither ALB or ELB allow you to handle this through their configuration | |
| LoadBalancer: | |
| Type: AWS::ElasticLoadBalancingV2::LoadBalancer | |
| Properties: | |
| Name: !Ref EnvironmentName | |
| Subnets: !Ref PublicSubnets | |
| SecurityGroups: | |
| - !Ref LBSecurityGroup |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # One Docker registry that we will use both for the Laravel application | |
| # image and our Nginx image. | |
| # Note that if you give a name to the repository, CloudFormation can't | |
| # update it without a full replacement. | |
| ECR: | |
| Type: AWS::ECR::Repository | |
| Properties: | |
| # RepositoryName: !Sub ${AWS::StackName}-nginx | |
| RepositoryPolicyText: | |
| Version: "2012-10-17" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| fastcgi_cache_path /dev/shm levels=1:2 keys_zone=laravel:100m; | |
| fastcgi_cache_key "$scheme$request_method$host$request_uri$query_string"; | |
| server { | |
| listen 80 default_server; | |
| server_name laravel.info; | |
| root /usr/share/nginx/html/; | |
| index index.php index.html; |
li0nel
/ security-groups.yml
Created
December 9, 2017 10:44
CloudFormation stack for security-groups
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This security group defines who/where is allowed to access the ECS hosts directly. | |
| # By default we're just allowing access from the load balancer. If you want to SSH | |
| # into the hosts, or expose non-load balanced services you can open their ports here. | |
| ECSSecurityGroup: | |
| Type: AWS::EC2::SecurityGroup | |
| Properties: | |
| VpcId: !Ref VPC | |
| GroupDescription: Access to the ECS hosts and the tasks/containers that run on them | |
| SecurityGroupIngress: | |
| # Only allow inbound access to ECS from the ELB |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Create a script that will use the AWS Route53 CLI to insert DNS TXT records for Let's Encrypt DNS validation | |
| echo 'aws route53 wait resource-record-sets-changed --id \ | |
| $(aws route53 change-resource-record-sets --hosted-zone-id \ | |
| "$(aws route53 list-hosted-zones-by-name --dns-name $2. | |
| --query HostedZones[0].Id --output text)" \ | |
| --query ChangeInfo.Id | |
| --output text \ | |
| --change-batch "{ | |
| \"Changes\": [{ | |
| \"Action\": \"$1\", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Use Let's Encrypt certbot to order a free certificate | |
| certbot certonly --non-interactive --manual \ | |
| --manual-auth-hook "./auth-hook.sh UPSERT your_domain.com" \ | |
| --manual-cleanup-hook "./auth-hook.sh DELETE your_domain.com" \ | |
| --preferred-challenge dns \ | |
| --config-dir "./letsencrypt" \ | |
| --work-dir "./letsencrypt" \ | |
| --logs-dir "./letsencrypt" \ | |
| --agree-tos \ | |
| --manual-public-ip-logging-ok \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| aws route53 wait resource-record-sets-changed --id \ | |
| $(aws route53 change-resource-record-sets --hosted-zone-id \ | |
| "$(aws route53 list-hosted-zones-by-name --dns-name $2. \ | |
| --query HostedZones[0].Id --output text)" \ | |
| --query ChangeInfo.Id \ | |
| --output text \ | |
| --change-batch "{ \ | |
| \"Changes\": [{ \ | |
| \"Action\": \"$1\", \ | |
| \"ResourceRecordSet\": { \ |
li0nel
/ task-definitions.yaml
Created
December 11, 2017 20:44
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The worker containers simply execute the Laravel artisan queue:work | |
| # command instead of php-fpm | |
| TaskDefinitionWorker: | |
| Type: AWS::ECS::TaskDefinition | |
| Properties: | |
| Family: laravel-workers | |
| ContainerDefinitions: | |
| - Name: app | |
| Essential: true | |
| Image: !Join [ ".", [ !Ref "AWS::AccountId", "dkr.ecr", !Ref "AWS::Region", !Join [ ":", [ !Join [ "/", [ "amazonaws.com", !Ref ECR ] ], "laravel" ] ] ] ] |
NewerOlder