{"id":24464652,"url":"https://github.com/antonputra/infra","last_synced_at":"2025-10-07T14:55:36.109Z","repository":{"id":272475718,"uuid":"916528380","full_name":"antonputra/infra","owner":"antonputra","description":null,"archived":false,"fork":false,"pushed_at":"2025-01-23T16:39:47.000Z","size":72,"stargazers_count":0,"open_issues_count":0,"forks_count":4,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-10-02T10:33:39.867Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/antonputra.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-01-14T09:20:09.000Z","updated_at":"2025-01-23T16:39:51.000Z","dependencies_parsed_at":"2025-01-14T18:29:05.580Z","dependency_job_id":"aaadbc46-c509-49f9-a04c-885c9226c4e7","html_url":"https://github.com/antonputra/infra","commit_stats":null,"previous_names":["antonputra/infra"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/antonputra/infra","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antonputra%2Finfra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antonputra%2Finfra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antonputra%2Finfra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antonputra%2Finfra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/antonputra","download_url":"https://codeload.github.com/antonputra/infra/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/antonputra%2Finfra/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278794398,"owners_count":26046968,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-07T02:00:06.786Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-21T05:16:26.166Z","updated_at":"2025-10-07T14:55:36.060Z","avatar_url":"https://github.com/antonputra.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Master replica\n\n## AWS Certificate Manager\n\n## Commands\n\n```bash\nterraform apply -var-file=dev.tfvars -var-file=../common.tfvars\n```\n\n1. Create Route53 PrivateHosted ZOne\n2. To create EC2 instance using Terraform\n   - we have 2 disks OS /\n   - 20 Gb mounted /data\n3. Install Postgres (manually) -\u003e packer\n\n   - 17.2 (latest vesion)\n   - optimize it with pgtune for ec2 instance\n   - systemd service files\n\n   - postgres.antonputra.pvt\n\n4. Create schema + tables\n5. Add python endpoint\n\n## Install PostgreSQL\n\n```bash\nsudo apt update \u0026\u0026 sudo apt -y upgrade\nsudo reboot\n\nexport DATA_DISK=\"/dev/nvme1n1\"\n\nsudo mkdir /data\nsudo mkfs.xfs ${DATA_DISK}\nsudo mount -o defaults ${DATA_DISK} /data\nsudo lsblk --fs\necho \"/dev/disk/by-uuid/730a8acd-d12b-49e6-a99b-7e9e22e7b63f /data xfs defaults 0 1\" | sudo tee -a /etc/fstab\n```\n\n```sql\n--\n-- Create application users.\n--\nCREATE USER fastapi_app WITH PASSWORD 'devops123' SUPERUSER CREATEDB CREATEROLE LOGIN;\n\n--\n-- Create device tables.\n--\nCREATE TABLE IF NOT EXISTS fastapi_device (id SERIAL PRIMARY KEY, uuid UUID DEFAULT NULL, mac VARCHAR(255) DEFAULT NULL, firmware VARCHAR(255) DEFAULT NULL, created_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP, updated_at TIMESTAMP WITH TIME ZONE DEFAULT CURRENT_TIMESTAMP);\n\n```\n\n```\nTEMPORAL_VERSION=1.25.2\nTEMPORAL_ADMINTOOLS_VERSION=1.25.2-tctl-1.18.1-cli-1.1.1\nTEMPORAL_UI_VERSION=2.31.2\nPOSTGRESQL_VERSION=17\nOPENSEARCH_VERSION=2.5.0\n```\n\n```bash\n# ssh -i ~/.ssh/aws-demo.pem ubuntu@3.137.168.100\n\n\naws ssm start-session --region us-east-2 \\\n    --target i-0483135dee25af8c5 \\\n    --document-name AWS-StartPortForwardingSession \\\n    --parameters '{\"portNumber\":[\"5432\"], \"localPortNumber\":[\"5432\"]}'\n\naws ssm start-session --region us-east-2 \\\n    --target \"ecs:dev-main_d7441b23df6c426086cb772308fc5315_b198e08e395e487aa260f601032aeb5c\" \\\n    --document-name AWS-StartPortForwardingSession \\\n    --parameters '{\"portNumber\":[\"8080\"], \"localPortNumber\":[\"8080\"]}'\n\n# SSH to EC2\naws ssm start-session --region us-east-2 --target 0894a11f2ac14ac04\n\n# SSH to container\naws ecs execute-command \\\n --region us-east-2 \\\n --cluster dev-main \\\n --task arn:aws:ecs:us-east-2:424432388155:task/dev-main/b0da9bfc0b894704a158972d1782ba9f \\\n --container temporal \\\n --command \"/bin/bash\" \\\n --interactive\n\naws ecs describe-tasks \\\n    --cluster dev-main \\\n    --region us-east-2 \\\n    --tasks arn:aws:ecs:us-east-2:424432388155:task/dev-main/c8b394d7fea64bb88a2ee018ca106615\n```\n\nhttps://docs.timescale.com/self-hosted/latest/install/installation-linux/\n\n2 options\n\n1. Build from source code\n\n2. Use package managers\n\n- no compile\n- apt -\u003e create linux user\n- security\n\nEFS vs EBS\n\nEFS is elastic\nEFS\n\n- no size limit\n- you can attach this ebs to multiple EC2 instance\n- more expencive\n  $0.30 GB-Month\n\nEBS\n\n- gp3\n- no sharing, only 1 instance\n- size\n- $0.08/GB-month\n\ngp3\nio\nio1\nio2 - $0.125/GB-month\n\nEFS - common use case\nWordpress\nmysql + php\n\nec2 -\u003e mysql -\u003e same EFS volume\nec2 -\u003e php -\u003e same EFS volume\n\nEFS - replicate between regions for disaster recovery\nEBS - backups + upload to s3 + glasier (cold much cheaper)\n12 hours\n1 hou\n\nEBS (network storage)\n\n- storage (ssd size)\n- thoughtput (network)\n- disk write operations\n\ni8g.2xlarge (included)\n\n- local ssd (1 x 1,875 GB )\n\ncassabdra-01 2TB\ncassabdra-02 2TB\ncassabdra-03 2TB\ncassabdra-04 2TB\n\n\u003c!-- cassabdra-04 2TB --\u003e\n\n3 types\n\n1. Linux command -\n2. TCP - nc -vz localhost:8080\n3. Application/http - curl localhost/healthz\n\n- 200\n  201\n\nPrepare:\n\n- Frontend with application load balancer + TLS + HTTPS\n- AWS certificate manager\n- ecs app (nodejs) + backend = db for caching\n- Packer to create Postgres\n- attach data disks using user_data\n\nAWS certificate manager -\u003e 1 year\nLets encrypt -\u003e 90 days, 60 renewwed\n\n## Validate Temporal\n\n```bash\nwget https://github.com/fullstorydev/grpcurl/releases/download/v1.7.0/grpcurl_1.7.0_linux_x86_64.tar.gz \u0026\u0026 tar -xvf grpcurl_1.7.0_linux_x86_64.tar.gz \u0026\u0026 chmod +x grpcurl\n\n./grpcurl -plaintext -d '{\"service\": \"temporal.api.workflowservice.v1.WorkflowService\"}' temporal.dev.exotic.ecs:7233 grpc.health.v1.Health/Check\n\n./tctl --address temporal.dev.exotic.ecs:7233 cluster health\n```\n\nDNS A Record points to IP v4 address\nDNS AAAA Record points to IP v6 address\n\npostgres.dev.exotic.pvt -\u003e 10.0.27.153\n\nDNS CNAME record points to other DNS (reference)\n\ntemporal-ui.antonputra.com -\u003e temporal-ui-12347936.us-east-2.elb.amazonaws.com\n\npostgres.exotic.pvt -\u003e postgres.dev.exotic.pvt -\u003e 10.0.27.153\n\nweb site CNAME\n\nwww.antonputra.com -\u003e temporal-ui-12347936.us-east-2.elb.amazonaws.com\nantonputra.com -\u003e temporal-ui-12347936.us-east-2.elb.amazonaws.com\n\nDNS Alias\n\nantonputra.com -\u003e temporal-ui-12347936.us-east-2.elb.amazonaws.com\n\n## ECS\n\n1. To create Service -\u003e 5 replicas\n   Service monitor and redeploy or restart\n\n   Container -\u003e Task\n\n2. Create Task\n\nsudo cat /var/log/cloud-init-output.log\n\nsudo tail -f /var/log/cloud-init-output.log\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fantonputra%2Finfra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fantonputra%2Finfra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fantonputra%2Finfra/lists"}