Skip to content

Instantly share code, notes, and snippets.

@tcbyrd

tcbyrd/README.md

Created December 5, 2017 23:35
Show Gist options
  • Save tcbyrd/556dbb185679f8d42fd8d273f0881d24 to your computer and use it in GitHub Desktop.
Save tcbyrd/556dbb185679f8d42fd8d273f0881d24 to your computer and use it in GitHub Desktop.
Download ZIP
Example Terraform Configuration for setting up GitHub Enterprise
Raw
README.md
  1. Upload the license and set initial password once the image is accessible via IP (API Reference)
# Setup license and management console password
curl -X POST "https://${GHE_IP}:8443/setup/api/start" -k -F license=@./github-enterprise.ghl -F "password=${GHE_PWD}"
  1. Apply settings through the Management Console API using a settings.json file (API Reference)
curl -L -X PUT "https://api_key:${GHE_PWD}@${GHE_IP}:8443/setup/api/settings" --data-urlencode "settings=`cat ./settings.json`" -k
  1. Start the configuration process (API Reference)
curl -L -X POST "https://api_key:${GHE_PWD}@${GHE_IP}:8443/setup/api/configure" -k

Below is the minimal settings.json example used in the webinar (basically just turns on public pages) (Full API Reference)

{
  "enterprise": {
    "private_mode": true,
    "public_pages": true,
    "subdomain_isolation": false,
    "signup_enabled": false,
    "auth_mode": "default",
    "assets": null,
    "pages": {
      "enabled": true
    }
  }
}
Raw
example.tf
provider "aws" {
profile = "${profile_name}" # Pull credentials from a profile in `/.aws/credentials`
region = "us-east-1"
}
resource "aws_instance" "ghe_webinar_demo" {
ami = "ami-105ad26a" # AMI is for 2.11.5 on us-east-1
instance_type = "m4.xlarge"
ebs_block_device {
device_name = "/dev/xvdf"
volume_size = "100"
volume_type = "gp2"
delete_on_termination = true
}
tags {
Description = "ghe demo for tcbyrds webinar"
Name = "tcbyrd-ghe-webinar (2.11.5)"
GHE-AMI-Version = "2.11.5"
}
vpc_security_group_ids = ["${aws_security_group.ghe_webinar_demo.id}"]
}
resource "aws_security_group" "ghe_webinar_demo" {
name = "ghe_webinar_demo"
description = "Default GHE ruleset used for tcbyrds webinar"
egress {
from_port = 0
to_port = 0
protocol = -1
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Git over SSH access"
}
ingress {
from_port = 122
to_port = 122
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Instance shell access"
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Web application access"
}
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Plain-text web based Management Console"
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Web application and Git over HTTPS access"
}
ingress {
from_port = 8443
to_port = 8443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Secure web based Management Console"
}
ingress {
from_port = 1194
to_port = 1194
protocol = "udp"
cidr_blocks = ["0.0.0.0/0"]
description = "Secure replication network tunnel in High Availability configuration"
}
}
@pierluigi
Copy link

Adding here the outputs.tf file shown in the demo for convenience!

output ip {
    value = "${aws_instance.ghe_enablement_demo.public_ip}"
}

output "Public DNS" {
    value = "${aws_instance.ghe_enablement_demo.public_dns}"
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment