tobsn/.ebextensions production.config

## .ebextensions production.config
option_settings:
  - namespace: aws:autoscaling:asg
    option_name: MinSize
    value: 2
  - namespace: aws:autoscaling:asg
    option_name: MaxSize
    value: 6
  - namespace: aws:elasticbeanstalk:application:environment
    option_name: env
    value: production

packages:
  yum:
      glibc.i686: []
      libtool: []
      httpd24-devel: []

commands:
  00-security_updates:
    command: "yum update -y"
  01-cloudflare:
    command: wget https://www.cloudflare.com/static/misc/mod_cloudflare/mod_cloudflare.c
    cwd: /tmp
  02-cloudflare:
    command: apxs -a -i -c mod_cloudflare.c
    cwd: /tmp
  03-phpcacheclient:
    command: wget https://elasticache-downloads.s3.amazonaws.com/ClusterClient/PHP-5.5/latest-64bit
    cwd: /tmp
  04-phpcacheclient:
    command: pecl install /tmp/latest-64bit
  99-cleanup:
    command: rm -rf *cloudflare* && rm -rf *latest*

files:
  "/etc/httpd/conf.d/cloudflare.conf":
    mode: "000644"
    owner: root
    group: root
    content: |
      CloudFlareRemoteIPHeader X-Forwarded-For
      CloudFlareRemoteIPTrustedProxy 10.0.0.0/8
  "/etc/httpd/conf.d/tc3srewrite.conf":
    mode: "000644"
    owner: root
    group: root
    content: |
      RewriteEngine On
      RewriteRule ^tcS3_media/(.*)$ https://s3.amazonaws.com/bucketname/uploadfolder/$1 [R=301,L]
  "/etc/php-5.5.d/memcached.ini":
    mode: "000644"
    owner: root
    group: root
    content: |
      session.save_handler = memcached
      session.save_path = "memcachecluster.xxx.cfg.xxx.cache.amazonaws.com:11211"
      extension = amazon-elasticache-cluster-client.so

## instructions
a) create new instance in elastic beanstalk with sample app, set cname to be unique
b) add RDS when creating EB env
c) go into RDS instance and add your IP to allowed access
d) install wordpress locally and use RDS creds to set up remove database
e) create S3 bucket
f) create new IAM user with attached policy for above bucket
g) in now locally set up wordpress install "tcS3" plugin and configurate it with above creds

(following steps below can be repeated for changes, all changes should be done locally with remote DB)

h) git commit all changes locally
i) "eb use" env earlier created
j) eb deploy

(eventually remove local IP from RDS access)

optional: use cloudflare and add yourapp.elasticbeanstalk.com as cname for www/domain

## s3.single.bucket.new.user.policy
{
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:ListAllMyBuckets",
            "Resource": "arn:aws:s3:::*"
        },
        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::BUCKETNAME",
                "arn:aws:s3:::BUCKETNAME/*"
            ]
        }
    ]
}

## todo
possibly remove first line from php.ini after installing amazon cache client
printf '%s\n\n' "$(tail -n +2 php.ini)" > php.ini
	option_settings:
	- namespace: aws:autoscaling:asg
	option_name: MinSize
	value: 2
	- namespace: aws:autoscaling:asg
	option_name: MaxSize
	value: 6
	- namespace: aws:elasticbeanstalk:application:environment
	option_name: env
	value: production

	packages:
	yum:
	glibc.i686: []
	libtool: []
	httpd24-devel: []

	commands:
	00-security_updates:
	command: "yum update -y"
	01-cloudflare:
	command: wget https://www.cloudflare.com/static/misc/mod_cloudflare/mod_cloudflare.c
	cwd: /tmp
	02-cloudflare:
	command: apxs -a -i -c mod_cloudflare.c
	cwd: /tmp
	03-phpcacheclient:
	command: wget https://elasticache-downloads.s3.amazonaws.com/ClusterClient/PHP-5.5/latest-64bit
	cwd: /tmp
	04-phpcacheclient:
	command: pecl install /tmp/latest-64bit
	99-cleanup:
	command: rm -rf cloudflare && rm -rf latest

	files:
	"/etc/httpd/conf.d/cloudflare.conf":
	mode: "000644"
	owner: root
	group: root
	content: \|
	CloudFlareRemoteIPHeader X-Forwarded-For
	CloudFlareRemoteIPTrustedProxy 10.0.0.0/8
	"/etc/httpd/conf.d/tc3srewrite.conf":
	mode: "000644"
	owner: root
	group: root
	content: \|
	RewriteEngine On
	RewriteRule ^tcS3_media/(.*)$ https://s3.amazonaws.com/bucketname/uploadfolder/$1 [R=301,L]
	"/etc/php-5.5.d/memcached.ini":
	mode: "000644"
	owner: root
	group: root
	content: \|
	session.save_handler = memcached
	session.save_path = "memcachecluster.xxx.cfg.xxx.cache.amazonaws.com:11211"
	extension = amazon-elasticache-cluster-client.so
	a) create new instance in elastic beanstalk with sample app, set cname to be unique
	b) add RDS when creating EB env
	c) go into RDS instance and add your IP to allowed access
	d) install wordpress locally and use RDS creds to set up remove database
	e) create S3 bucket
	f) create new IAM user with attached policy for above bucket
	g) in now locally set up wordpress install "tcS3" plugin and configurate it with above creds

	(following steps below can be repeated for changes, all changes should be done locally with remote DB)

	h) git commit all changes locally
	i) "eb use" env earlier created
	j) eb deploy

	(eventually remove local IP from RDS access)

	optional: use cloudflare and add yourapp.elasticbeanstalk.com as cname for www/domain
	{
	"Statement": [
	{
	"Effect": "Allow",
	"Action": "s3:ListAllMyBuckets",
	"Resource": "arn:aws:s3:::*"
	},
	{
	"Effect": "Allow",
	"Action": "s3:*",
	"Resource": [
	"arn:aws:s3:::BUCKETNAME",
	"arn:aws:s3:::BUCKETNAME/*"
	]
	}
	]
	}
	possibly remove first line from php.ini after installing amazon cache client
	printf '%s\n\n' "$(tail -n +2 php.ini)" > php.ini