Optional build RDS database
This commit is contained in:
90
cloudformation/nakama/rds.yaml
Normal file
90
cloudformation/nakama/rds.yaml
Normal file
@ -0,0 +1,90 @@
|
||||
AWSTemplateFormatVersion: "2010-09-09"
|
||||
Description: Nakama RDS stack
|
||||
Parameters:
|
||||
#------------------------
|
||||
# Deployment Information
|
||||
#------------------------
|
||||
environment:
|
||||
Type: String
|
||||
Description: Name of the environment
|
||||
Default: production
|
||||
VpcId:
|
||||
Description: ID of the VPC
|
||||
Type: AWS::EC2::VPC::Id
|
||||
|
||||
#------------------
|
||||
# Secret's Manager
|
||||
#------------------
|
||||
Secret:
|
||||
Type: String
|
||||
Description: Arn of the secret in Secret's Manager
|
||||
Default: ""
|
||||
|
||||
Conditions:
|
||||
CreateSecret: !Equals [!Ref Secret, ""]
|
||||
|
||||
Resources:
|
||||
SecurityGroup:
|
||||
Type: AWS::EC2::SecurityGroup
|
||||
Properties:
|
||||
GroupDescription: RDS Allowed Ports
|
||||
VpcId: !Ref VpcId
|
||||
SecurityGroupIngress:
|
||||
- IpProtocol: icmp
|
||||
FromPort: "-1"
|
||||
ToPort: "-1"
|
||||
CidrIp: 0.0.0.0/0
|
||||
- IpProtocol: tcp
|
||||
FromPort: "5432"
|
||||
ToPort: "5432"
|
||||
CidrIp: 0.0.0.0/0
|
||||
SecurityGroupEgress:
|
||||
- IpProtocol: icmp
|
||||
FromPort: "-1"
|
||||
ToPort: "-1"
|
||||
CidrIp: 0.0.0.0/0
|
||||
- IpProtocol: tcp
|
||||
FromPort: "0"
|
||||
ToPort: "65535"
|
||||
CidrIp: 0.0.0.0/0
|
||||
- IpProtocol: udp
|
||||
FromPort: "0"
|
||||
ToPort: "65535"
|
||||
CidrIp: 0.0.0.0/0
|
||||
|
||||
RdsPassword:
|
||||
Type: AWS::SecretsManager::Secret
|
||||
Condition: CreateSecret
|
||||
Properties:
|
||||
Name: !Sub "nakama/rds/password"
|
||||
Description: "Master password for RDS"
|
||||
GenerateSecretString:
|
||||
ExcludePunctuation: true
|
||||
ExcludeCharacters: '"@/\'
|
||||
|
||||
DbInstance:
|
||||
Type: AWS::RDS::DBInstance
|
||||
Properties:
|
||||
DBInstanceClass: db.t2.micro
|
||||
DBInstanceIdentifier: !Sub "nakama-rds-${environment}"
|
||||
Engine: postgres
|
||||
MasterUsername: postgres
|
||||
MasterUserPassword: !Join ["", ["{{resolve:secretsmanager:", !If [ CreateSecret, !Ref RdsPassword, !Ref Secret] ,":SecretString}}" ]]
|
||||
Port: "5432"
|
||||
AllocatedStorage: "100"
|
||||
VPCSecurityGroups:
|
||||
- !Ref SecurityGroup
|
||||
|
||||
Outputs:
|
||||
RdsSecret:
|
||||
Description: ARN of the Secret's Manager secret for the RDS password
|
||||
Value: !If [ CreateSecret, !Ref RdsPassword, !Ref Secret]
|
||||
RdsUsername:
|
||||
Description: ARN of the Secret's Manager secret for the RDS password
|
||||
Value: postgres
|
||||
RdsEnpoint:
|
||||
Description: Endpoint to connect to database
|
||||
Value: !GetAtt DbInstance.Endpoint.Address
|
||||
RdsPort:
|
||||
Description: Port to connect to database
|
||||
Value: !GetAtt DbInstance.Endpoint.Port
|
||||
@ -14,6 +14,9 @@ Parameters:
|
||||
Default: production
|
||||
AllowedValues: ['develop', 'production']
|
||||
ConstraintDescription: "Must be a possible release version."
|
||||
VpcId:
|
||||
Description: ID of the VPC
|
||||
Type: AWS::EC2::VPC::Id
|
||||
|
||||
#-------------------
|
||||
# ECS Configuration
|
||||
@ -28,9 +31,6 @@ Parameters:
|
||||
PublicSubnets:
|
||||
Description: The public subnets for the ALB to run in.
|
||||
Type: String
|
||||
VpcId:
|
||||
Description: ID of the VPC
|
||||
Type: AWS::EC2::VPC::Id
|
||||
PortalCertificate:
|
||||
Description: Arn of AWS Certificate
|
||||
Type: String
|
||||
@ -38,6 +38,13 @@ Parameters:
|
||||
#----------------------
|
||||
# Nakama Configuration
|
||||
#----------------------
|
||||
|
||||
CreateDatabase:
|
||||
Type: String
|
||||
Default: "true"
|
||||
AllowedValues: ["true", "false"]
|
||||
|
||||
# Manual Database Configuration
|
||||
DatabaseUsername:
|
||||
Type: String
|
||||
Description: Username of the Postgres server
|
||||
@ -45,16 +52,34 @@ Parameters:
|
||||
DatabasePassword:
|
||||
Type: String
|
||||
Description: Password for the Postgres server
|
||||
Default: ""
|
||||
DatabaseEndpoint:
|
||||
Type: String
|
||||
Description: Endpoint for the Postgres server
|
||||
Default: ""
|
||||
DatabasePort:
|
||||
Type: Number
|
||||
Description: Port for the Postgres server
|
||||
Default: 5432
|
||||
|
||||
|
||||
Conditions:
|
||||
CreateRdsStack: !Equals [!Ref CreateDatabase, "true"]
|
||||
|
||||
Resources:
|
||||
|
||||
#----------
|
||||
# Database
|
||||
#----------
|
||||
RdsDatabase:
|
||||
Condition: CreateRdsStack
|
||||
Type: AWS::CloudFormation::Stack
|
||||
Properties:
|
||||
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/rds.yaml'
|
||||
Parameters:
|
||||
environment: !Ref environment
|
||||
VpcId: !Ref VpcId
|
||||
|
||||
#-----------------
|
||||
# Load Balancing
|
||||
#-----------------
|
||||
@ -168,10 +193,10 @@ Resources:
|
||||
Properties:
|
||||
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/task.yaml'
|
||||
Parameters:
|
||||
DatabaseUsername: !Ref DatabaseUsername
|
||||
DatabasePassword: !Ref DatabasePassword
|
||||
DatabaseEndpoint: !Ref DatabaseEndpoint
|
||||
DatabasePort: !Ref DatabasePort
|
||||
DatabaseUsername: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsUsername, !Ref DatabaseUsername]
|
||||
DatabasePassword: !If ["CreateRdsStack", !Join ["", ["{{resolve:secretsmanager:", !GetAtt RdsDatabase.Outputs.RdsSecret, ":SecretString}}" ]], !Ref DatabasePassword]
|
||||
DatabaseEndpoint: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsEnpoint, !Ref DatabaseEndpoint]
|
||||
DatabasePort: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsPort, !Ref DatabasePort]
|
||||
|
||||
EcsService:
|
||||
DependsOn: AdminPortalAlbListener
|
||||
|
||||
Reference in New Issue
Block a user