layla/aws-nakama-stack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
aws-nakama-stack/cloudformation/nakama/top.yaml
Joseph Manley a57c16a69e Allow ECS to pull docker image from private repo 
Use AWS::NoValue

Remove {}

Try at CredentialsParameter level

Duplicate code :/

Remove volume
2020-07-28 19:45:34 -04:00

329 lines
9.9 KiB
YAML
Raw Permalink Blame History

AWSTemplateFormatVersion: '2010-09-09'
Description: Nakama ECS Service
Parameters:
#------------------------
# Deployment Information
#------------------------
environment:
Type: String
Description: Name of the environment to use in naming.
Default: production
release:
Type: String
Description: Name of the release name of the stack version to use.
Default: production
AllowedValues: ['develop', 'production']
ConstraintDescription: "Must be a possible release version."
VpcId:
Description: ID of the VPC to deploy resources.
Type: AWS::EC2::VPC::Id
#-------------------
# ECS Configuration
#-------------------
EcsClusterOverride:
Type: String
Description: The cluster to run the Nakama service on, if empty will create new cluster.
Default: ""
RepositoryCredentialsSecret:
Type: String
Description: Arn of repostiory secret from AWS Secrets Manager. See https://docs.aws.amazon.com/AmazonECS/latest/developerguide/private-auth.html for more information
Default: ""
#-----------------
# Load Balancing
#-----------------
PublicSubnets:
Description: The public subnets for the ALB to run in. (Seperate by spaces)
Type: String
PortalCertificate:
Description: Arn of AWS Certificate in ACM
Type: String
#----------------------
# Nakama Configuration
#----------------------
NakamaContainer:
Type: String
Description: Container image for Nakama server
Default: "heroiclabs/nakama:2.7.0"
NakamaUsername:
Type: String
Description: Username to access the Nakama admin portal
Default: "admin"
NakamaPasswordOverride:
Type: String
Description: Override Nakama admin portal password. Leave blank for random password.
Default: ""
NoEcho: true
#------------------------
# Database Configuration
#------------------------
CreateDatabase:
Type: String
Default: "true"
Description: If
AllowedValues: ["true", "false"]
# Manual Database Configuration
DatabaseUsername:
Type: String
Description: Manual username of the Postgres server
Default: postgres
DatabasePassword:
Type: String
Description: Manual password for the Postgres server
Default: ""
NoEcho: true
DatabaseEndpoint:
Type: String
Description: Manual endpoint for the Postgres server
Default: ""
DatabasePort:
Type: Number
Description: Manual port for the Postgres server
Default: 5432
# Advanced RDS Configuration
RdsInstanceClass:
Type: String
Description: Instance class for the dabase to run on
Default: db.t2.micro
RdsEngine:
Type: String
Description: Database engine for the database to use
Default: postgres
AllowedValues: ["aurora-postgresql", "postgres"]
RdsUsername:
Type: String
Description: Master account's username for database
Default: postgres
RdsPort:
Type: Number
Description: Port for the database to open a socket on
Default: "5432"
RdsStorage:
Type: Number
Description: The amount of storage (in GB) allocated to the RDS instance
Default: "100"
RdsAccessCidr:
Type: String
Description: The CIDR used in the security group to secure the database
Default: "0.0.0.0/0"
#-----
# DNS
#-----
Domain:
Type: String
Description: The domain to create the endpoint on (Must have an existing hosted zone ex. `example.com`) Leave blank to skip DNS.
Default: ""
SubDomain:
Type: String
Description: The subdomain to be used by nakama. (ex. `nakama.example.com`)
Default: nakama
Metadata:
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: "Deployment Information"
Parameters:
- environment
- release
- VpcId
- PublicSubnets
- Label:
default: "DNS"
Parameters:
- Domain
- SubDomain
- Label:
default: "Nakama Configuration"
Parameters:
- NakamaContainer
- NakamaUsername
- NakamaPasswordOverride
- Label:
default: "Load Balancing"
Parameters:
- PortalCertificate
- Label:
default: "ECS Configuration"
Parameters:
- EcsClusterOverride
- RepositoryCredentialsSecret
- Label:
default: "Database Configuration"
Parameters:
- CreateDatabase
- Label:
default: "Manual Database Configuration"
Parameters:
- DatabaseUsername
- DatabasePassword
- DatabaseEndpoint
- DatabasePort
- Label:
default: "RDS Configuration"
Parameters:
- RdsInstanceClass
- RdsEngine
- RdsUsername
- RdsPort
- RdsStorage
- RdsAccessCidr
ParameterLabels:
environment:
default: "Environment"
release:
default: "Release"
VpcId:
default: "Vpc Id"
EcsClusterOverride:
default: "Optional ECS Cluster Override"
PublicSubnets:
default: "Public Subnets"
PortalCertificate:
default: "Admin Portal ACM Certificate"
Domain:
default: "Route53 Domain"
NakamaContainer:
default: "Nakama Container Image"
NakamaUsername:
default: "Nakama Username"
NakamaPasswordOverride:
default: "Nakama Password Override"
CreateDatabase:
default: "Create RDS database?"
DatabaseUsername:
default: "Remote Database Username"
DatabasePassword:
default: "Remote Database Password"
DatabaseEndpoint:
default: "Remote Database Endpoint"
DatabasePort:
default: "Remote Database Port"
RdsInstanceClass:
default: "RDS Instance Class"
RdsEngine:
default: "RDS Engine"
RdsUsername:
default: "RDS Username"
RdsPort:
default: "RDS Port"
RdsStorage:
default: "RDS Storage"
RdsAccessCidr:
default: "RDS Allow Access CIDR"
RepositoryCredentialsSecret:
default: "Docker Repository Credentials"
Conditions:
CreateRdsStack: !Equals [!Ref CreateDatabase, "true"]
CreateDns: !Not [!Equals [!Ref Domain, ""]]
CreateCluster: !Equals [!Ref EcsClusterOverride, ""]
Resources:
#-----
# DNS
#-----
DnsRecords:
Condition: CreateDns
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/dns.yaml'
Parameters:
environment: !Ref environment
Domain: !Ref Domain
SubDomain: !Ref SubDomain
NakamaDns: !GetAtt LoadBalancing.Outputs.PublicNlbDnsName
AdminDns: !GetAtt LoadBalancing.Outputs.PublicAlbDnsName
#----------
# Database
#----------
RdsDatabase:
Condition: CreateRdsStack
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/rds.yaml'
Parameters:
environment: !Ref environment
VpcId: !Ref VpcId
InstanceClass: !Ref RdsInstanceClass
DatabaseEngine: !Ref RdsEngine
DatabaseUsername: !Ref RdsUsername
DatabasePort: !Ref RdsPort
DatabaseStorage: !Ref RdsStorage
DatabaseAccessCidr: !Ref RdsAccessCidr
#-----------------
# Load Balancing
#-----------------
LoadBalancing:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/load_balancing.yaml'
Parameters:
environment: !Ref environment
release: !Ref release
VpcId: !Ref VpcId
PublicSubnets: !Join [",", !Split [" ", !Ref PublicSubnets]]
PortalCertificate: !Ref PortalCertificate
#-------------
# ECS Cluster
#-------------
EcsCluster:
Condition: CreateCluster
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/cluster/top.yaml'
Parameters:
Environment: !Ref environment
VpcId: !Ref VpcId
SubnetIds: !Join [",", !Split [" ", !Ref PublicSubnets]]
Project: "Nakama"
#-------------------
# ECS Task & Service
#-------------------
TaskDefinition:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub 'https://s3.us-east-1.amazonaws.com/sumu-stacks/nakama/${release}/cloudformation/nakama/task.yaml'
Parameters:
NakamaContainer: !Ref NakamaContainer
DatabaseUsername: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsUsername, !Ref DatabaseUsername]
DatabasePassword: !If ["CreateRdsStack", !Join ["", ["{{resolve:secretsmanager:", !GetAtt RdsDatabase.Outputs.RdsSecret, ":SecretString}}" ]], !Ref DatabasePassword]
DatabaseEndpoint: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsEnpoint, !Ref DatabaseEndpoint]
DatabasePort: !If ["CreateRdsStack", !GetAtt RdsDatabase.Outputs.RdsPort, !Ref DatabasePort]
NakamaUsername: !Ref NakamaUsername
NakamaPasswordOverride: !Ref NakamaPasswordOverride
RepositoryCredentialsSecret: !Ref RepositoryCredentialsSecret
EcsService:
DependsOn: LoadBalancing
Type: AWS::ECS::Service
Properties:
Cluster: !If ["CreateCluster", !GetAtt EcsCluster.Outputs.Cluster, !Ref EcsClusterOverride]
DesiredCount: 1
TaskDefinition: !GetAtt TaskDefinition.Outputs.TaskArn
LoadBalancers:
- ContainerName: "nakama"
ContainerPort: 7351
TargetGroupArn: !GetAtt LoadBalancing.Outputs.AdminPortalTargetGroup
- ContainerName: "nakama"
ContainerPort: 7350
TargetGroupArn: !GetAtt LoadBalancing.Outputs.HttpApiTargetGroup
- ContainerName: "nakama"
ContainerPort: 7349
TargetGroupArn: !GetAtt LoadBalancing.Outputs.GRpcApiTargetGroup
- ContainerName: "nakama"
ContainerPort: 7348
TargetGroupArn: !GetAtt LoadBalancing.Outputs.GRpcEApiTargetGroup
Reference in New Issue View Git Blame Copy Permalink