Instantly share code, notes, and snippets.

Embed
What would you like to do?
Example Terraform Configuration for setting up GitHub Enterprise
  1. Upload the license and set initial password once the image is accessible via IP (API Reference)
# Setup license and management console password
curl -X POST "https://${GHE_IP}:8443/setup/api/start" -k -F license=@./github-enterprise.ghl -F "password=${GHE_PWD}"
  1. Apply settings through the Management Console API using a settings.json file (API Reference)
curl -L -X PUT "https://api_key:${GHE_PWD}@${GHE_IP}:8443/setup/api/settings" --data-urlencode "settings=`cat ./settings.json`" -k
  1. Start the configuration process (API Reference)
curl -L -X POST "https://api_key:${GHE_PWD}@${GHE_IP}:8443/setup/api/configure" -k

Below is the minimal settings.json example used in the webinar (basically just turns on public pages) (Full API Reference)

{
  "enterprise": {
    "private_mode": true,
    "public_pages": true,
    "subdomain_isolation": false,
    "signup_enabled": false,
    "auth_mode": "default",
    "assets": null,
    "pages": {
      "enabled": true
    }
  }
}
provider "aws" {
profile = "${profile_name}" # Pull credentials from a profile in `/.aws/credentials`
region = "us-east-1"
}
resource "aws_instance" "ghe_webinar_demo" {
ami = "ami-105ad26a" # AMI is for 2.11.5 on us-east-1
instance_type = "m4.xlarge"
ebs_block_device {
device_name = "/dev/xvdf"
volume_size = "100"
volume_type = "gp2"
delete_on_termination = true
}
tags {
Description = "ghe demo for tcbyrds webinar"
Name = "tcbyrd-ghe-webinar (2.11.5)"
GHE-AMI-Version = "2.11.5"
}
vpc_security_group_ids = ["${aws_security_group.ghe_webinar_demo.id}"]
}
resource "aws_security_group" "ghe_webinar_demo" {
name = "ghe_webinar_demo"
description = "Default GHE ruleset used for tcbyrds webinar"
egress {
from_port = 0
to_port = 0
protocol = -1
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Git over SSH access"
}
ingress {
from_port = 122
to_port = 122
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Instance shell access"
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Web application access"
}
ingress {
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Plain-text web based Management Console"
}
ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Web application and Git over HTTPS access"
}
ingress {
from_port = 8443
to_port = 8443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
description = "Secure web based Management Console"
}
ingress {
from_port = 1194
to_port = 1194
protocol = "udp"
cidr_blocks = ["0.0.0.0/0"]
description = "Secure replication network tunnel in High Availability configuration"
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment