infra-dapps/Makefile

#!/usr/bin/env bash

OS = $(strip $(shell uname -s))
ARCH = linux_amd64
ifeq ($(OS),Darwin)
	ARCH = darwin_amd64
endif

PLUGIN_DIR = ~/.terraform.d/plugins

ANSIBLE_PROVIDER_NAME = terraform-provider-ansible
ANSIBLE_PROVIDER_VERSION = v1.0.3
ANSIBLE_PROVIDER_ARCHIVE = $(ANSIBLE_PROVIDER_NAME)-$(ARCH).zip
ANSIBLE_PROVIDER_URL = https://github.com/nbering/terraform-provider-ansible/releases/download/$(ANSIBLE_PROVIDER_VERSION)/$(ANSIBLE_PROVIDER_ARCHIVE)
ANSIBLE_PROVIDER_PATH = $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVIDER_NAME)_$(ANSIBLE_PROVIDER_VERSION)

ANSIBLE_PROVISIO_NAME = terraform-provisioner-ansible
ANSIBLE_PROVISIO_VERSION = v2.3.0
ANSIBLE_PROVISIO_ARCHIVE = $(ANSIBLE_PROVISIO_NAME)-$(subst _,-,$(ARCH))_$(ANSIBLE_PROVISIO_VERSION)
ANSIBLE_PROVISIO_URL = https://github.com/radekg/terraform-provisioner-ansible/releases/download/$(ANSIBLE_PROVISIO_VERSION)/$(ANSIBLE_PROVISIO_ARCHIVE)
ANSIBLE_PROVISIO_PATH = $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION)

all: requirements plugins secrets init-terraform
	@echo "Success!"

plugins: install-ansible-provider install-ansible-provisioner

requirements:
	ansible-galaxy install --ignore-errors --force -r ansible/requirements.yml

check-unzip:
ifeq (, $(shell which unzip))
	$(error "No unzip in PATH, consider doing apt install unzip")
endif

install-ansible-provider: check-unzip
	@if [ ! -e $(ANSIBLE_PROVIDER_PATH) ]; then \
		mkdir -p $(PLUGIN_DIR); \
		wget $(ANSIBLE_PROVIDER_URL) -P $(PLUGIN_DIR); \
		unzip -o $(PLUGIN_DIR)/$(ANSIBLE_PROVIDER_ARCHIVE) -d $(PLUGIN_DIR); \
	else \
		echo "Already installed: $(ANSIBLE_PROVIDER_PATH)"; \
	fi

install-ansible-provisioner:
	@if [ ! -e $(ANSIBLE_PROVISIO_PATH) ]; then \
		mkdir -p $(PLUGIN_DIR); \
		wget $(ANSIBLE_PROVISIO_URL) -O $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION); \
		chmod +x $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION); \
	else \
		echo "Already installed: $(ANSIBLE_PROVISIO_PATH)"; \
	fi

init-terraform:
	terraform init -upgrade=true

secrets:
	echo "Saving secrets to: terraform.tfvars"
	@echo -e "\
# secrets extracted from password-store\n\
aws_access_key     = \"$(shell pass cloud/AWS/access-key)\"\n\
aws_secret_key     = \"$(shell pass cloud/AWS/secret-key)\"\n\
dap_ps_smtp_user   = \"$(shell pass cloud/AWS/ses/smtp-access-key)\"\n\
dap_ps_smtp_pass   = \"$(shell pass cloud/AWS/ses/smtp-password)\"\n\
dap_ps_admin_user  = \"$(shell pass service/dev/app/admin-user)\"\n\
dap_ps_admin_pass  = \"$(shell pass service/dev/app/admin-pass)\"\n\
dap_ps_dev_db_uri  = \"$(shell pass service/dev/mongodb/uri)\"\n\
dap_ps_prod_db_uri = \"$(shell pass service/prod/mongodb/uri)\"\n\
" > terraform.tfvars

cleanup:
	rm -r $(PLUGIN_DIR)/$(ARCHIVE)
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00			`#!/usr/bin/env bash`

			`OS = $(strip $(shell uname -s))`
			`ARCH = linux_amd64`
			`ifeq ($(OS),Darwin)`
			`ARCH = darwin_amd64`
			`endif`

			`PLUGIN_DIR = ~/.terraform.d/plugins`

add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`ANSIBLE_PROVIDER_NAME = terraform-provider-ansible`
upgrade to Terraform 0.12 Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-30 18:36:52 +00:00			`ANSIBLE_PROVIDER_VERSION = v1.0.3`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`ANSIBLE_PROVIDER_ARCHIVE = $(ANSIBLE_PROVIDER_NAME)-$(ARCH).zip`
			`ANSIBLE_PROVIDER_URL = https://github.com/nbering/terraform-provider-ansible/releases/download/$(ANSIBLE_PROVIDER_VERSION)/$(ANSIBLE_PROVIDER_ARCHIVE)`
			`ANSIBLE_PROVIDER_PATH = $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVIDER_NAME)_$(ANSIBLE_PROVIDER_VERSION)`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`ANSIBLE_PROVISIO_NAME = terraform-provisioner-ansible`
upgrade to Terraform 0.12 Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-30 18:36:52 +00:00			`ANSIBLE_PROVISIO_VERSION = v2.3.0`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`ANSIBLE_PROVISIO_ARCHIVE = $(ANSIBLE_PROVISIO_NAME)-$(subst _,-,$(ARCH))_$(ANSIBLE_PROVISIO_VERSION)`
			`ANSIBLE_PROVISIO_URL = https://github.com/radekg/terraform-provisioner-ansible/releases/download/$(ANSIBLE_PROVISIO_VERSION)/$(ANSIBLE_PROVISIO_ARCHIVE)`
			`ANSIBLE_PROVISIO_PATH = $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION)`
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`all: requirements plugins secrets init-terraform`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00			`@echo "Success!"`

delegate dap.ps domain management to Route53 We have to use Route53 because it provides the option to use an ALIAS type record which works for apex records and can point to a CloudFront distribution in a dynamic way. Without this we'd have to use A records which are static unlike a CNAME, which would eventually become obsolete and take down the site when they do. Details: https://github.com/dap-ps/infra-dapps/issues/18 Signed-off-by: Jakub Sokołowski <jakub@status.im> 2020-01-27 19:38:42 +00:00			`plugins: install-ansible-provider install-ansible-provisioner`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00
			`requirements:`
			`ansible-galaxy install --ignore-errors --force -r ansible/requirements.yml`

add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`check-unzip:`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`ifeq (, $(shell which unzip))`
			`$(error "No unzip in PATH, consider doing apt install unzip")`
			`endif`
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00
			`install-ansible-provider: check-unzip`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`@if [ ! -e $(ANSIBLE_PROVIDER_PATH) ]; then \`
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`mkdir -p $(PLUGIN_DIR); \`
			`wget $(ANSIBLE_PROVIDER_URL) -P $(PLUGIN_DIR); \`
			`unzip -o $(PLUGIN_DIR)/$(ANSIBLE_PROVIDER_ARCHIVE) -d $(PLUGIN_DIR); \`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`else \`
			`echo "Already installed: $(ANSIBLE_PROVIDER_PATH)"; \`
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`fi`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`install-ansible-provisioner:`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`@if [ ! -e $(ANSIBLE_PROVISIO_PATH) ]; then \`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00			`mkdir -p $(PLUGIN_DIR); \`
add installation of Gandi provider Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 19:15:14 +00:00			`wget $(ANSIBLE_PROVISIO_URL) -O $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION); \`
			`chmod +x $(PLUGIN_DIR)/$(ARCH)/$(ANSIBLE_PROVISIO_NAME)_$(ANSIBLE_PROVISIO_VERSION); \`
update plugins, make targets smarter Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-29 14:33:47 +00:00			`else \`
			`echo "Already installed: $(ANSIBLE_PROVISIO_PATH)"; \`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00			`fi`

			`init-terraform:`
			`terraform init -upgrade=true`

			`secrets:`
			`echo "Saving secrets to: terraform.tfvars"`
Makefile: Use -e with echo for proper newlines Signed-off-by: Jakub Sokołowski <jakub@status.im> 2020-01-22 08:06:47 +00:00			`@echo -e "\`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00			`# secrets extracted from password-store\n\`
add a prod environment Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-30 19:08:34 +00:00			`aws_access_key = \"$(shell pass cloud/AWS/access-key)\"\n\`
			`aws_secret_key = \"$(shell pass cloud/AWS/secret-key)\"\n\`
fix which credentials are used for smtp Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-08-06 13:47:42 +00:00			`dap_ps_smtp_user = \"$(shell pass cloud/AWS/ses/smtp-access-key)\"\n\`
			`dap_ps_smtp_pass = \"$(shell pass cloud/AWS/ses/smtp-password)\"\n\`
add a prod environment Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-07-30 19:08:34 +00:00			`dap_ps_admin_user = \"$(shell pass service/dev/app/admin-user)\"\n\`
			`dap_ps_admin_pass = \"$(shell pass service/dev/app/admin-pass)\"\n\`
			`dap_ps_dev_db_uri = \"$(shell pass service/dev/mongodb/uri)\"\n\`
			`dap_ps_prod_db_uri = \"$(shell pass service/prod/mongodb/uri)\"\n\`
add Makefile Signed-off-by: Jakub Sokołowski <jakub@status.im> 2019-05-28 18:38:02 +00:00			`" > terraform.tfvars`

			`cleanup:`
			`rm -r $(PLUGIN_DIR)/$(ARCHIVE)`