Optional build RDS database
This commit is contained in:
parent
f7529c993c
commit
567d8c837f
@ -10,6 +10,10 @@ Make sure you are logged into the AWS Console and have permissions then click:
|
|||||||
|
|
||||||
Fill out the parameters and launch!
|
Fill out the parameters and launch!
|
||||||
|
|
||||||
|
### Parameter Notes
|
||||||
|
|
||||||
|
Parameters, `DatabaseUsername`, `DatabasePassword`, `DatabaseEndpoint`, and `DatabasePort`, only used if `CreateDatabase` is false.
|
||||||
|
|
||||||
## To Do
|
## To Do
|
||||||
|
|
||||||
- [ ] Load Balancing
|
- [ ] Load Balancing
|
||||||
@ -18,6 +22,9 @@ Fill out the parameters and launch!
|
|||||||
- [ ] Auto Scaling
|
- [ ] Auto Scaling
|
||||||
- [x] Dynamic Port Routing
|
- [x] Dynamic Port Routing
|
||||||
- [x] HTTPS
|
- [x] HTTPS
|
||||||
|
- [x] Build Database
|
||||||
- [ ] Custom Admin User
|
- [ ] Custom Admin User
|
||||||
- [x] Automatically migrate database
|
- [x] Automatically migrate database
|
||||||
- [ ] Custom security keys
|
- [ ] Custom security keys
|
||||||
|
- [ ] Formatted Launch Parameters
|
||||||
|
- [ ] Informative `ReadMe.md`
|
||||||
|
90
cloudformation/nakama/rds.yaml
Normal file
90
cloudformation/nakama/rds.yaml
Normal file
@ -0,0 +1,90 @@
|
|||||||
|
AWSTemplateFormatVersion: "2010-09-09"
|
||||||
|
Description: Nakama RDS stack
|
||||||
|
Parameters:
|
||||||
|
#------------------------
|
||||||
|
# Deployment Information
|
||||||
|
#------------------------
|
||||||
|
environment:
|
||||||
|
Type: String
|
||||||
|
Description: Name of the environment
|
||||||
|
Default: production
|
||||||
|
VpcId:
|
||||||
|
Description: ID of the VPC
|
||||||
|
Type: AWS::EC2::VPC::Id
|
||||||
|
|
||||||
|
#------------------
|
||||||
|
# Secret's Manager
|
||||||
|
#------------------
|
||||||
|
Secret:
|
||||||
|
Type: String
|
||||||
|
Description: Arn of the secret in Secret's Manager
|
||||||
|
Default: ""
|
||||||
|
|
||||||
|
Conditions:
|
||||||
|
CreateSecret: !Equals [!Ref Secret, ""]
|
||||||
|
|
||||||
|
Resources:
|
||||||
|
SecurityGroup:
|
||||||
|
Type: AWS::EC2::SecurityGroup
|
||||||
|
Properties:
|
||||||
|
GroupDescription: RDS Allowed Ports
|
||||||
|
VpcId: !Ref VpcId
|
||||||
|
SecurityGroupIngress:
|
||||||
|
- IpProtocol: icmp
|
||||||
|
FromPort: "-1"
|
||||||
|
ToPort: "-1"
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
- IpProtocol: tcp
|
||||||
|
FromPort: "5432"
|
||||||
|
ToPort: "5432"
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
SecurityGroupEgress:
|
||||||
|
- IpProtocol: icmp
|
||||||
|
FromPort: "-1"
|
||||||
|
ToPort: "-1"
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
- IpProtocol: tcp
|
||||||
|
FromPort: "0"
|
||||||
|
ToPort: "65535"
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
- IpProtocol: udp
|
||||||
|
FromPort: "0"
|
||||||
|
ToPort: "65535"
|
||||||
|
CidrIp: 0.0.0.0/0
|
||||||
|
|
||||||
|
RdsPassword:
|
||||||
|
Type: AWS::SecretsManager::Secret
|
||||||
|
Condition: CreateSecret
|
||||||
|
Properties:
|
||||||
|
Name: !Sub "nakama/rds/password"
|
||||||
|
Description: "Master password for RDS"
|
||||||
|
GenerateSecretString:
|
||||||
|
ExcludePunctuation: true
|
||||||
|
ExcludeCharacters: '"@/\'
|
||||||
|
|
||||||
|
DbInstance:
|
||||||
|
Type: AWS::RDS::DBInstance
|
||||||
|
Properties:
|
||||||
|
DBInstanceClass: db.t2.micro
|
||||||
|
DBInstanceIdentifier: !Sub "nakama-rds-${environment}"
|
||||||
|
Engine: postgres
|
||||||
|
MasterUsername: postgres
|
||||||
|
MasterUserPassword: !Join ["", ["{{resolve:secretsmanager:", !If [ CreateSecret, !Ref RdsPassword, !Ref Secret] ,":SecretString}}" ]]
|
||||||
|
Port: "5432"
|
||||||
|
AllocatedStorage: "100"
|
||||||
|
VPCSecurityGroups:
|
||||||
|
- !Ref SecurityGroup
|
||||||
|
|
||||||
|
Outputs:
|
||||||
|
RdsSecret:
|
||||||
|
Description: ARN of the Secret's Manager secret for the RDS password
|
||||||
|
Value: !If [ CreateSecret, !Ref RdsPassword, !Ref Secret]
|
||||||
|
RdsUsername:
|
||||||
|
Description: ARN of the Secret's Manager secret for the RDS password
|
||||||
|
Value: postgres
|
||||||
|
RdsEnpoint:
|
||||||
|
Description: Endpoint to connect to database
|
||||||
|
Value: !GetAtt DbInstance.Endpoint.Address
|
||||||
|
RdsPort:
|
||||||
|
Description: Port to connect to database
|
||||||
|
Value: !GetAtt DbInstance.Endpoint.Port
|
@ -14,6 +14,9 @@ Parameters:
|
|||||||
Default: production
|
Default: production
|
||||||
AllowedValues: ['develop', 'production']
|
AllowedValues: ['develop', 'production']
|
||||||
ConstraintDescription: "Must be a possible release version."
|
ConstraintDescription: "Must be a possible release version."
|
||||||
|
VpcId:
|
||||||
|
Description: ID of the VPC
|
||||||
|
Type: AWS::EC2::VPC::Id
|
||||||
|
|
||||||
#-------------------
|
#-------------------
|
||||||
# ECS Configuration
|
# ECS Configuration
|
||||||
@ -28,9 +31,6 @@ Parameters:
|
|||||||
PublicSubnets:
|
PublicSubnets:
|
||||||
Description: The public subnets for the ALB to run in.
|
Description: The public subnets for the ALB to run in.
|
||||||
Type: String
|
Type: String
|
||||||
VpcId:
|
|
||||||
Description: ID of the VPC
|
|
||||||
Type: AWS::EC2::VPC::Id
|
|
||||||
PortalCertificate:
|
PortalCertificate:
|
||||||
Description: Arn of AWS Certificate
|
Description: Arn of AWS Certificate
|
||||||
Type: String
|
Type: String
|
||||||
@ -38,6 +38,13 @@ Parameters:
|
|||||||
#----------------------
|
#----------------------
|
||||||
# Nakama Configuration
|
# Nakama Configuration
|
||||||
#----------------------
|
#----------------------
|
||||||
|
|
||||||
|
CreateDatabase:
|
||||||
|
Type: String
|
||||||
|
Default: "true"
|
||||||
|
AllowedValues: ["true", "false"]
|
||||||
|
|
||||||
|
# Manual Database Configuration
|
||||||
DatabaseUsername:
|
DatabaseUsername:
|
||||||
Type: String
|
Type: String
|
||||||
Description: Username of the Postgres server
|
Description: Username of the Postgres server
|
||||||
@ -45,16 +52,34 @@ Parameters:
|
|||||||
DatabasePassword:
|
DatabasePassword:
|
||||||
Type: String
|
Type: String
|
||||||
Description: Password for the Postgres server
|
Description: Password for the Postgres server
|
||||||
|
Default: ""
|
||||||
DatabaseEndpoint:
|
DatabaseEndpoint:
|
||||||
Type: String
|
Type: String
|
||||||
Description: Endpoint for the Postgres server
|
Description: Endpoint for the Postgres server
|
||||||
|
Default: ""
|
||||||
DatabasePort:
|
DatabasePort:
|
||||||
Type: Number
|
Type: Number
|
||||||
Description: Port for the Postgres server
|
Description: Port for the Postgres server
|
||||||
Default: 5432
|
Default: 5432
|
||||||
|
|
||||||
|
|
||||||
|
Conditions:
|
||||||
|
CreateRdsStack: !Equals [!Ref CreateDatabase, "true"]
|
||||||
|
|
||||||
Resources:
|
Resources:
|
||||||
|
|
||||||
|
#----------
|
||||||
|
# Database
|
||||||
|
#----------
|
||||||
|
RdsDatabase:
|
||||||
|
Condition: CreateRdsStack
|
||||||
|
Type: AWS::CloudFormation::Stack
|
||||||
|
Properties:
|
||||||
|
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/rds.yaml'
|
||||||
|
Parameters:
|
||||||
|
environment: !Ref environment
|
||||||
|
VpcId: !Ref VpcId
|
||||||
|
|
||||||
#-----------------
|
#-----------------
|
||||||
# Load Balancing
|
# Load Balancing
|
||||||
#-----------------
|
#-----------------
|
||||||
@ -168,10 +193,10 @@ Resources:
|
|||||||
Properties:
|
Properties:
|
||||||
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/task.yaml'
|
TemplateURL: !Sub 'https://s3.${AWS::Region}.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/task.yaml'
|
||||||
Parameters:
|
Parameters:
|
||||||
DatabaseUsername: !Ref DatabaseUsername
|
DatabaseUsername: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsUsername, !Ref DatabaseUsername]
|
||||||
DatabasePassword: !Ref DatabasePassword
|
DatabasePassword: !If ["CreateRdsStack", !Join ["", ["{{resolve:secretsmanager:", !GetAtt RdsDatabase.Outputs.RdsSecret, ":SecretString}}" ]], !Ref DatabasePassword]
|
||||||
DatabaseEndpoint: !Ref DatabaseEndpoint
|
DatabaseEndpoint: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsEnpoint, !Ref DatabaseEndpoint]
|
||||||
DatabasePort: !Ref DatabasePort
|
DatabasePort: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsPort, !Ref DatabasePort]
|
||||||
|
|
||||||
EcsService:
|
EcsService:
|
||||||
DependsOn: AdminPortalAlbListener
|
DependsOn: AdminPortalAlbListener
|
||||||
|
Loading…
Reference in New Issue
Block a user