layla/aws-nakama-stack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2f5497ee76
aws-nakama-stack/cloudformation/nakama/top.yaml

211 lines
5.8 KiB
YAML
Raw Normal View History

Intial commit
2019-10-23 07:03:54 +02:00
AWSTemplateFormatVersion: '2010-09-09'
Description: Nakama ECS Service
Parameters:
#------------------------
# Deployment Information
#------------------------
environment:
Type: String
Description: Name of the environment to use in naming.
Default: production
release:
Type: String
Description: Name of the release name of the stack version to use.
Default: production
AllowedValues: ['develop', 'production']
ConstraintDescription: "Must be a possible release version."
Optional build RDS database
2019-10-24 01:44:48 +02:00
VpcId:
Description: ID of the VPC
Type: AWS::EC2::VPC::Id
Intial commit
2019-10-23 07:03:54 +02:00
#-------------------
# ECS Configuration
#-------------------
EcsCluster:
Type: String
Description: The cluster to run the Nakama service on.
#-----------------
# Load Balancing
#-----------------
PublicSubnets:
Description: The public subnets for the ALB to run in.
Type: String
PortalCertificate:
Description: Arn of AWS Certificate
Type: String
#----------------------
# Nakama Configuration
#----------------------
Optional build RDS database
2019-10-24 01:44:48 +02:00
CreateDatabase:
Type: String
Default: "true"
AllowedValues: ["true", "false"]
# Manual Database Configuration
Intial commit
2019-10-23 07:03:54 +02:00
DatabaseUsername:
Type: String
Description: Username of the Postgres server
Default: postgres
DatabasePassword:
Type: String
Description: Password for the Postgres server
Optional build RDS database
2019-10-24 01:44:48 +02:00
Default: ""
Intial commit
2019-10-23 07:03:54 +02:00
DatabaseEndpoint:
Type: String
Description: Endpoint for the Postgres server
Optional build RDS database
2019-10-24 01:44:48 +02:00
Default: ""
Intial commit
2019-10-23 07:03:54 +02:00
DatabasePort:
Type: Number
Description: Port for the Postgres server
Default: 5432
Optional build RDS database
2019-10-24 01:44:48 +02:00
Conditions:
CreateRdsStack: !Equals [!Ref CreateDatabase, "true"]
Intial commit
2019-10-23 07:03:54 +02:00
Resources:
Optional build RDS database
2019-10-24 01:44:48 +02:00
#----------
# Database
#----------
RdsDatabase:
Condition: CreateRdsStack
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/rds.yaml'
Parameters:
environment: !Ref environment
VpcId: !Ref VpcId
Intial commit
2019-10-23 07:03:54 +02:00
#-----------------
# Load Balancing
#-----------------
PublicALB:
Type: AWS::ElasticLoadBalancingV2::LoadBalancer
Properties:
LoadBalancerAttributes:
- Key: deletion_protection.enabled
Value: false
- Key: idle_timeout.timeout_seconds
Value: 60
Scheme: internet-facing
SecurityGroups:
- !Ref SecurityGroup
Subnets: !Split [",", !Ref PublicSubnets]
Tags:
- Key: Name
Value: !Sub "Nakama-${environment}-ALB"
- Key: environment
Value: !Ref environment
SecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupDescription: ECS Allowed Ports
VpcId: !Ref VpcId
SecurityGroupIngress:
- IpProtocol: icmp
FromPort: "-1"
ToPort: "-1"
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: "443"
ToPort: "443"
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: "80"
ToPort: "80"
CidrIp: 0.0.0.0/0
SecurityGroupEgress:
- IpProtocol: icmp
FromPort: "-1"
ToPort: "-1"
CidrIp: 0.0.0.0/0
- IpProtocol: tcp
FromPort: "0"
ToPort: "65535"
CidrIp: 0.0.0.0/0
- IpProtocol: udp
FromPort: "0"
ToPort: "65535"
CidrIp: 0.0.0.0/0
# Target group for admin portal port
AdminPortalTargetGroup:
Type: AWS::ElasticLoadBalancingV2::TargetGroup
Properties:
HealthCheckIntervalSeconds: 30
HealthCheckProtocol: HTTP
HealthCheckTimeoutSeconds: 15
HealthyThresholdCount: 2
UnhealthyThresholdCount: 2
Matcher:
HttpCode: '200'
HealthCheckPath: '/'
Port: 7351
Protocol: HTTP
TargetGroupAttributes:
- Key: deregistration_delay.timeout_seconds
Value: '20'
VpcId: !Ref 'VpcId'
Tags:
- Key: Name
Value: !Sub 'nakama-${release}'
# HTTPS for Admin Portal
AdminPortalAlbListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
Certificates:
- CertificateArn: !Ref PortalCertificate
DefaultActions:
- Type: forward
TargetGroupArn: !Ref AdminPortalTargetGroup
LoadBalancerArn: !Ref PublicALB
Port: 443
Protocol: HTTPS
# Redirect HTTP -> HTTPS
AdminPortalRedirectAlbListener:
Type: AWS::ElasticLoadBalancingV2::Listener
Properties:
DefaultActions:
- Type: redirect
RedirectConfig:
Protocol: HTTPS
Port: 443
Host: '#{host}'
Path: '/#{path}'
Query: '#{query}'
StatusCode: HTTP_301
LoadBalancerArn: !Ref PublicALB
Port: 80
Protocol: HTTP
#-------------------
# ECS Task & Service
#-------------------
TaskDefinition:
Type: AWS::CloudFormation::Stack
Properties:
Launching made easy
2019-10-23 07:26:00 +02:00
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/task.yaml'
Intial commit
2019-10-23 07:03:54 +02:00
Parameters:
Optional build RDS database
2019-10-24 01:44:48 +02:00
DatabaseUsername: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsUsername, !Ref DatabaseUsername]
DatabasePassword: !If ["CreateRdsStack", !Join ["", ["{{resolve:secretsmanager:", !GetAtt RdsDatabase.Outputs.RdsSecret, ":SecretString}}" ]], !Ref DatabasePassword]
DatabaseEndpoint: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsEnpoint, !Ref DatabaseEndpoint]
DatabasePort: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsPort, !Ref DatabasePort]
Intial commit
2019-10-23 07:03:54 +02:00
EcsService:
DependsOn: AdminPortalAlbListener
Type: AWS::ECS::Service
Properties:
Cluster: !Ref EcsCluster
DesiredCount: 1
TaskDefinition: !GetAtt TaskDefinition.Outputs.TaskArn
LoadBalancers:
- ContainerName: "nakama"
ContainerPort: 7351
TargetGroupArn: !Ref 'AdminPortalTargetGroup'
Reference in New Issue Copy Permalink