{"id":17665675,"url":"https://github.com/faun/provisioneering","last_synced_at":"2025-03-30T12:26:15.436Z","repository":{"id":32172601,"uuid":"35745930","full_name":"faun/provisioneering","owner":"faun","description":"Generate and provision and servers used by the Tahi project","archived":false,"fork":false,"pushed_at":"2015-01-16T02:43:01.000Z","size":468,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-05T14:15:09.423Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/faun.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-05-17T00:44:44.000Z","updated_at":"2018-04-11T17:48:40.000Z","dependencies_parsed_at":"2022-09-11T05:12:59.795Z","dependency_job_id":null,"html_url":"https://github.com/faun/provisioneering","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faun%2Fprovisioneering","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faun%2Fprovisioneering/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faun%2Fprovisioneering/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/faun%2Fprovisioneering/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/faun","download_url":"https://codeload.github.com/faun/provisioneering/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246317591,"owners_count":20757987,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-23T21:07:02.562Z","updated_at":"2025-03-30T12:26:15.416Z","avatar_url":"https://github.com/faun.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"#Provisioneering\n\nA minimal set of scripts to generate an AWS AMI and provision an EC2 instance from the resulting image.\n\n## Setup\n\n### Prerequisites:\n\n- [Node](http://nodejs.org/download/) for parsing json\n- [Pip](https://pip.pypa.io/en/latest/installing.html) for installing awscli. Alternate installation instructions [here](http://docs.aws.amazon.com/cli/latest/userguide/installing.html)\n- [Ansible](http://docs.ansible.com/intro_installation.html)\n- [Debops](http://docs.debops.org/en/latest/installation.html)\n\nConfigure AWS CLI\n``` console\n  aws configure\n```\n\nFollow the prompts. They will lead the way. Make sure you select JSON as the output format.\n\n\n---\n\nCreate a user on AWS with the following IAM policy (or similar):\n\n``` json\n{\n  \"Statement\": [{\n      \"Effect\": \"Allow\",\n      \"Action\" : [\n        \"ec2:AttachVolume\",\n        \"ec2:CreateVolume\",\n        \"ec2:DeleteVolume\",\n        \"ec2:CreateKeypair\",\n        \"ec2:DeleteKeypair\",\n        \"ec2:CreateSecurityGroup\",\n        \"ec2:DeleteSecurityGroup\",\n        \"ec2:AuthorizeSecurityGroupIngress\",\n        \"ec2:CreateImage\",\n        \"ec2:RunInstances\",\n        \"ec2:TerminateInstances\",\n        \"ec2:StopInstances\",\n        \"ec2:DescribeVolumes\",\n        \"ec2:DetachVolume\",\n        \"ec2:DescribeInstances\",\n        \"ec2:CreateSnapshot\",\n        \"ec2:DeleteSnapshot\",\n        \"ec2:DescribeSnapshots\",\n        \"ec2:DescribeImages\",\n        \"ec2:RegisterImage\",\n        \"ec2:CreateTags\",\n        \"ec2:ModifyImageAttribute\"\n      ],\n      \"Resource\" : \"*\"\n  }]\n}\n```\n\nDefine the following configuration variables:\n\n``` console\n# The AWS access key with IAM to be able to provision\nAWS_ACCESS_KEY_ID='YOUR-ACCESS_KEY'\nAWS_SECRET_ACCESS_KEY='YOUR_SECRET_ACCESS_KEY'\n\n# Define the security group for provisioning\nAWS_SECURITY_GROUP_ID='sg-e4969181'\n\n# Launch instance SSH key\nAWS_KEY_NAME='ssh-key-name-identifier'\n\n# Define instance size\nAWS_INSTANCE_SIZE='t2.small'\n\n# VPC ID for launched instance\nAWS_VPC_ID='vpc-36a92853'\n\n# Launched instance subnet id\nAWS_SUBNET_ID='subnet-6216b115'\n\n# Launched instance VPC zones\nAWS_VPC_ZONES='us-east-1a'\n\n# Tag for instance identification\nRAILS_ENVIRONMENT='staging'\n\n# Base ami image (Ubuntu 14.04 in this case)\nAWS_SOURCE_AMI='ami-9eaa1cf6'\n\n# The tag name for your new EC2 instance\nSERVER_NAME=\"ihat-${RAILS_ENVIRONMENT}\"\n\n# Your Github deploy token\nRAILS_DEPLOY_GIT_ACCESS_TOKEN='21342341234'\n\n```\n\nGenerate an AMI:\n\n``` console\nBUILT_AMI=$(bin/generate_ami) || cat build.log\n```\n\nLaunch the resulting AMI as an EC2 instance\n``` console\nbin/launch_ami_image\n```\n\nEnjoy your newly provisioned server with Docker and Fig pre-installed.\n\n# Provisioning with Ansible\n\nWe are using the [debops](http://debops.org/) framework for provisioning servers.\n\nSee the debops [documentation](http://docs.debops.org/en/latest/installation.html) for installation instructions.\n\nThe tl;dr version:\n\n```\nsudo pip install debops\ndebops-update\n```\n\nStore the password to the vault:\n\n```\necho \"[password redacted]\" \u003e ~/.vault_pass.txt\n```\n\nTo run the debops playbooks with our custom playbooks, run:\n\n```\nbin/provision\n```\n\nRun only the playbooks tagged with rails\\_deploy:\n```\nbin/provision -t rails_deploy \n```\n\nOr start at cloning the project's source code (for CI or if re-deploying code)\n\n```\n bin/provision -t rails_deploy --start-at-task=\"Clone the app's source code\"\n ```\n\nTo edit encrypted secrets for a server (ihat-staging in this case):\n\n```\nansible-vault edit ansible/inventory/host_vars/ihat-staging.yml --vault-password-file ~/.vault_pass.txt\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaun%2Fprovisioneering","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffaun%2Fprovisioneering","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffaun%2Fprovisioneering/lists"}