├── Dockerfile ├── README.md ├── atproto ├── module.tf ├── terraform.tfvars └── userdata.tpl ├── public ├── 1.PNG ├── 2.PNG ├── 3.PNG └── informe.pdf └── social-app ├── module.tf ├── terraform.tfvars └── userdata.tpl /Dockerfile: -------------------------------------------------------------------------------- 1 | # Usa la imagen base 2 | FROM public.ecr.aws/t8b2r8w9/social-app:latest 3 | 4 | # Expone el puerto 8100 que es el puerto en el que el servidor escucha 5 | EXPOSE 8100 6 | 7 | # Comando que se ejecutará al iniciar el contenedor 8 | CMD ["/usr/bin/bskyweb", "serve"] 9 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Proyecto de Infraestructura como Código (IaC) con Terraform y AWS 2 | 3 | ![2](./public/2.PNG) 4 | 5 | Este proyecto emplea [Terraform](https://developer.hashicorp.com/terraform/install) para la gestión e implementación de infraestructura en AWS, proporcionando un enfoque automatizado y reproducible para administrar recursos en la nube. 6 | 7 | ## Requisitos Previos 8 | 9 | Para ejecutar este proyecto de IaC, es necesario cumplir con los siguientes requisitos: 10 | 11 | 1. **Instalación de Terraform**: Asegúrate de tener [Terraform](https://developer.hashicorp.com/terraform/install) correctamente instalado en tu sistema. 12 | 13 | 2. **Configuración de Variables**: Configura el archivo **terraform.tfvars** en cada directorio del proyecto con las credenciales de tu cuenta de AWS. 14 | 15 | ### Variables Necesarias 16 | 17 | Las siguientes variables deben estar definidas en el archivo **terraform.tfvars**: 18 | 19 | - `aws_access_key`: Clave de acceso proporcionada por AWS. 20 | - `aws_secret_key`: Clave secreta asociada a la clave de acceso de AWS. 21 | - `key_name`: Nombre del par de claves generado en el servicio EC2. 22 | - `private_key_path`: Ruta del archivo de la clave privada asociada al par de claves. 23 | 24 | Estas variables se obtienen al tener una [cuenta de AWS](https://aws.amazon.com). 25 | 26 | ## Pasos para Desplegar la Infraestructura 27 | 28 | 1. **Inicializar el Directorio de Trabajo**: 29 | 30 | Inicia el directorio de trabajo que contiene los archivos de configuración de Terraform ejecutando el siguiente comando: 31 | 32 | ```bash 33 | terraform init 34 | ``` 35 | 36 | 2. **Generar un Plan de Ejecución**: 37 | 38 | Desarrolla un plan de ejecución que detalla las acciones necesarias para alcanzar el estado deseado de la infraestructura: 39 | 40 | ```bash 41 | terraform plan 42 | ``` 43 | 44 | 3. **Aplicar los Cambios**: 45 | 46 | Ejecuta las modificaciones requeridas para establecer el estado deseado de la infraestructura conforme a las definiciones de los archivos de configuración: 47 | 48 | ```bash 49 | terraform apply 50 | ``` 51 | 52 | 4. **Destruir la Infraestructura**: 53 | 54 | Elimina la infraestructura gestionada por Terraform de forma ordenada: 55 | 56 | ```bash 57 | terraform destroy 58 | ``` 59 | -------------------------------------------------------------------------------- /atproto/module.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | variable "aws_access_key" {} 3 | variable "aws_secret_key" {} 4 | variable "key_name" {} 5 | variable "private_key_path" {} 6 | variable "region" { 7 | default = "us-east-1" 8 | } 9 | 10 | # Provider 11 | provider "aws" { 12 | region = var.region 13 | access_key = var.aws_access_key 14 | secret_key = var.aws_secret_key 15 | } 16 | 17 | # Resources 18 | # Ami 19 | resource "aws_instance" "ec2-atproto" { 20 | instance_type = "t2.medium" 21 | ami = "ami-04b70fa74e45c3917" 22 | key_name = var.key_name 23 | user_data = file("userdata.tpl") 24 | 25 | vpc_security_group_ids = [aws_security_group.security-atproto.id] 26 | 27 | tags = { 28 | Name = "ec2-atproto" 29 | } 30 | } 31 | 32 | # Default VPC 33 | resource "aws_default_vpc" "default" {} 34 | 35 | # Security group 36 | resource "aws_security_group" "security-atproto" { 37 | name = "security-atproto" 38 | description = "allow ssh on 22 & http on port 80" 39 | vpc_id = aws_default_vpc.default.id 40 | 41 | ingress { 42 | from_port = 22 43 | to_port = 22 44 | protocol = "tcp" 45 | cidr_blocks = ["0.0.0.0/0"] 46 | } 47 | ingress { 48 | from_port = 2581 49 | to_port = 2581 50 | protocol = "tcp" 51 | cidr_blocks = ["0.0.0.0/0"] 52 | } 53 | ingress { 54 | from_port = 2582 55 | to_port = 2582 56 | protocol = "tcp" 57 | cidr_blocks = ["0.0.0.0/0"] 58 | } 59 | ingress { 60 | from_port = 2583 61 | to_port = 2583 62 | protocol = "tcp" 63 | cidr_blocks = ["0.0.0.0/0"] 64 | } 65 | ingress { 66 | from_port = 33847 67 | to_port = 33847 68 | protocol = "tcp" 69 | cidr_blocks = ["0.0.0.0/0"] 70 | } 71 | ingress { 72 | from_port = 2584 73 | to_port = 2584 74 | protocol = "tcp" 75 | cidr_blocks = ["0.0.0.0/0"] 76 | } 77 | ingress { 78 | from_port = 41099 79 | to_port = 41099 80 | protocol = "tcp" 81 | cidr_blocks = ["0.0.0.0/0"] 82 | } 83 | ingress { 84 | from_port = 45217 85 | to_port = 45217 86 | protocol = "tcp" 87 | cidr_blocks = ["0.0.0.0/0"] 88 | } 89 | egress { 90 | from_port = 0 91 | to_port = 0 92 | protocol = "-1" 93 | cidr_blocks = ["0.0.0.0/0"] 94 | } 95 | } 96 | 97 | # Output 98 | output "instance_id" { 99 | value = aws_instance.ec2-atproto.id 100 | } 101 | 102 | output "instance_public_ip" { 103 | value = aws_instance.ec2-atproto.public_ip 104 | } 105 | 106 | output "aws_instance_public_dns" { 107 | value = aws_instance.ec2-atproto.public_dns 108 | } 109 | -------------------------------------------------------------------------------- /atproto/terraform.tfvars: -------------------------------------------------------------------------------- 1 | # Private information 2 | aws_access_key = 3 | aws_secret_key = 4 | key_name = 5 | private_key_path = 6 | -------------------------------------------------------------------------------- /atproto/userdata.tpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg 3 | echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu focal stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 4 | curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.3/install.sh | bash 5 | sudo apt update -y 6 | nvm install 18 7 | nvm use 18 8 | sudo apt install -y git jq docker-ce 9 | sudo systemctl enable docker 10 | sudo systemctl start docker 11 | sudo usermod -aG docker $USER 12 | git clone https://github.com/bluesky-social/atproto 13 | cd /atproto && npm install --global pnpm && make deps && make build && make run-dev-env 14 | -------------------------------------------------------------------------------- /public/1.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/surcodev/IaC-BlueSky/97ec27ac63b5f4d8da0f6028313d128a50c37395/public/1.PNG -------------------------------------------------------------------------------- /public/2.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/surcodev/IaC-BlueSky/97ec27ac63b5f4d8da0f6028313d128a50c37395/public/2.PNG -------------------------------------------------------------------------------- /public/3.PNG: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/surcodev/IaC-BlueSky/97ec27ac63b5f4d8da0f6028313d128a50c37395/public/3.PNG -------------------------------------------------------------------------------- /public/informe.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/surcodev/IaC-BlueSky/97ec27ac63b5f4d8da0f6028313d128a50c37395/public/informe.pdf -------------------------------------------------------------------------------- /social-app/module.tf: -------------------------------------------------------------------------------- 1 | # Variables 2 | variable "aws_access_key" {} 3 | variable "aws_secret_key" {} 4 | variable "key_name" {} 5 | variable "private_key_path" {} 6 | variable "region" { 7 | default = "us-east-1" 8 | } 9 | 10 | # Provider 11 | provider "aws" { 12 | region = var.region 13 | access_key = var.aws_access_key 14 | secret_key = var.aws_secret_key 15 | } 16 | 17 | # Resources 18 | # Ami 19 | resource "aws_instance" "ec2-social-app" { 20 | instance_type = "t2.micro" 21 | ami = "ami-04b70fa74e45c3917" 22 | key_name = var.key_name 23 | user_data = file("userdata.tpl") 24 | 25 | vpc_security_group_ids = [aws_security_group.security-socialapp.id] 26 | 27 | tags = { 28 | Name = "ec2-social-app" 29 | } 30 | } 31 | 32 | # Default VPC 33 | resource "aws_default_vpc" "default" {} 34 | 35 | # Security group 36 | resource "aws_security_group" "security-socialapp" { 37 | name = "security-socialapp" 38 | description = "allow ssh on 22 & http on port 80" 39 | vpc_id = aws_default_vpc.default.id 40 | 41 | ingress { 42 | from_port = 22 43 | to_port = 22 44 | protocol = "tcp" 45 | cidr_blocks = ["0.0.0.0/0"] 46 | } 47 | 48 | ingress { 49 | from_port = 80 50 | to_port = 80 51 | protocol = "tcp" 52 | cidr_blocks = ["0.0.0.0/0"] 53 | } 54 | egress { 55 | from_port = 0 56 | to_port = 0 57 | protocol = "-1" 58 | cidr_blocks = ["0.0.0.0/0"] 59 | } 60 | } 61 | 62 | # Output 63 | output "instance_id" { 64 | value = aws_instance.ec2-social-app.id 65 | } 66 | 67 | output "instance_public_ip" { 68 | value = aws_instance.ec2-social-app.public_ip 69 | } 70 | 71 | output "aws_instance_public_dns" { 72 | value = aws_instance.ec2-social-app.public_dns 73 | } 74 | -------------------------------------------------------------------------------- /social-app/terraform.tfvars: -------------------------------------------------------------------------------- 1 | # Private information 2 | aws_access_key = 3 | aws_secret_key = 4 | key_name = 5 | private_key_path = 6 | -------------------------------------------------------------------------------- /social-app/userdata.tpl: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Añadir la clave GPG para Docker 3 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg 4 | # Añadir el repositorio de Docker 5 | echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu focal stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 6 | # Actualizar el sistema 7 | sudo apt update -y 8 | # Iniciar y habilitar Docker 9 | sudo apt install -y docker-ce 10 | sudo systemctl start docker 11 | sudo systemctl enable docker 12 | # Añadir el usuario ubuntu al grupo docker 13 | sudo usermod -aG docker ubuntu 14 | # Descargar y ejecutar la imagen Docker 15 | sudo docker pull public.ecr.aws/t8b2r8w9/social-app:latest 16 | sudo docker run -d --name social-app -p 80:8100 public.ecr.aws/t8b2r8w9/social-app:latest /bin/sh -c "/usr/bin/bskyweb serve" 17 | # Configurar iptables para redirigir el tráfico del puerto 80 al 8100 18 | sudo iptables -A PREROUTING -t nat -i enX0 -p tcp --dport 80 -j REDIRECT --to-port 8100 19 | #sudo netfilter-persistent save --------------------------------------------------------------------------------