Skip to content
This repository has been archived by the owner on Jul 17, 2020. It is now read-only.

Commit

Permalink
New release
Browse files Browse the repository at this point in the history
  • Loading branch information
@nordri
nordri committed Feb 6, 2018
1 parent 821cb31 commit d4559a4
Show file tree
Hide file tree
Showing 2 changed files with 463 additions and 109 deletions.
393 changes: 393 additions & 0 deletions cloudformation-openvidu/CF-OpenVidu-1.7.0.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,393 @@
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "Deploying OpenVidu Server over AWS",
"Parameters": {
"KeyName": {
"Description": "Name of an existing EC2 KeyPair to enable SSH access to the instance",
"Type": "AWS::EC2::KeyPair::KeyName",
"ConstraintDescription": "must be the name of an existing EC2 KeyPair."
},
"InstanceType": {
"Description": "Demos Machine EC2 instance type",
"Type": "String",
"Default": "t2.xlarge",
"AllowedValues": [
"t2.large",
"t2.xlarge",
"t2.2xlarge",
"m5.xlarge",
"m5.2xlarge",
"m5.4xlarge",
"m5.12xlarge",
"m5.24xlarge",
"m4.xlarge",
"m4.2xlarge",
"m4.4xlarge",
"m4.10xlarge",
"m4.16xlarge"
],
"ConstraintDescription": "must be a valid EC2 instance type."
},
"MyDomainName": {
"Description": "For example: openvidu.io",
"Type": "String"
},
"PublicElasticIP": {
"Description": "In case you want to use Let's Encrypt, the Elastic IP you generated",
"Type": "String"
},
"OpenViduSecret": {
"Description": "Secret to connect to your OpenVidu Server",
"Type": "String",
"Default": "MY_SECRET"
},
"WhichCert": {
"Description": "You can choose from the list below which certificate to use",
"Type": "String",
"Default": "selfsigned",
"AllowedValues": [
"selfsigned",
"letsencrypt",
"owncert"
]
},
"LetsEncryptEmail": {
"Description": "Email necesary for Let's Encrypt notifications",
"Type": "String"
},
"OwnCertCRT": {
"Description": "Copy and paste CRT file content here",
"Type": "String"
},
"OwnCertKEY": {
"Description": "Copy and paste KEY file content here",
"Type": "String"
},
"WantToSendInfo": {
"Description": "Do you agree to send anonymous information to OpenVidu Team for statistics",
"Type": "String",
"Default": "true",
"AllowedValues": ["true", "false"]
},
"FreeHTTPAccesToRecordingVideos": {
"Description": "Do you want to access your recordings",
"Type": "String",
"Default": "false",
"AllowedValues": ["true", "false"]
}
},
"Mappings": {
"RegionMap": {
"us-east-1": {
"AMI1": "ami-cd0f5cb6"
},
"us-west-1": {
"AMI1": "ami-09d2fb69"
},
"ap-northeast-2": {
"AMI1": "ami-d28a53bc"
},
"ap-northeast-1": {
"AMI1": "ami-ea4eae8c"
},
"sa-east-1": {
"AMI1": "ami-10186f7c"
},
"ap-southeast-1": {
"AMI1": "ami-6f198a0c"
},
"ca-central-1": {
"AMI1": "ami-9818a7fc"
},
"ap-southeast-2": {
"AMI1": "ami-e2021d81"
},
"us-west-2": {
"AMI1": "ami-6e1a0117"
},
"us-east-2": {
"AMI1": "ami-10547475"
},
"ap-south-1": {
"AMI1": "ami-099fe766"
},
"eu-central-1": {
"AMI1": "ami-1e339e71"
},
"eu-west-1": {
"AMI1": "ami-785db401"
},
"eu-west-2": {
"AMI1": "ami-996372fd"
}
}
},
"Metadata": {
"AWS::CloudFormation::Interface": {
"ParameterGroups": [{
"Label": {
"default": "SSL Certificate Configuration"
},
"Parameters": [
"WhichCert",
"LetsEncryptEmail",
"MyDomainName",
"PublicElasticIP",
"OwnCertCRT",
"OwnCertKEY"
]
},
{
"Label": {
"default": "OpenVidu Configuration"
},
"Parameters": [
"OpenViduSecret",
"FreeHTTPAccesToRecordingVideos"
]
}
],
"ParameterLabels": {
"WhichCert": {
"default": "Type of SSL Certificate"
},
"MyDomainName": {
"default": "Fully qualified domain name"
},
"PublicElasticIP": {
"default": "Elastic IP"
},
"LetsEncryptEmail": {
"default": "Email"
},
"WantOpenViduSecret": {
"default": "Enter your own secret here"
},
"OwnCertCRT": {
"default": "CRT file"
},
"OwnCertKEY": {
"default": "KEY file"
},
"OpenViduSecret": {
"default": "OpenVidu Secret"
},
"FreeHTTPAccesToRecordingVideos": {
"default": "Free HTTP access to recorded videos"
}
}
}
},
"Conditions": {
"NoSelfSigned": {
"Fn::Not": [{
"Fn::Equals": [{
"Ref": "WhichCert"
},
"selfsigned"
]
}]
}
},
"Resources": {
"WebServerInstance": {
"Type": "AWS::EC2::Instance",
"Properties": {
"ImageId": {
"Fn::FindInMap": [
"RegionMap",
{
"Ref": "AWS::Region"
},
"AMI1"
]
},
"InstanceType": {
"Ref": "InstanceType"
},
"SecurityGroups": [{
"Ref": "WebServerSecurityGroup"
}],
"KeyName": {
"Ref": "KeyName"
},
"Tags": [{
"Key": "Name",
"Value": {
"Ref": "AWS::StackName"
}
}],
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"", [
"#!/bin/bash -xe\n",
"source /home/ubuntu/.bashrc\n",
"export HOME=/home/ubuntu\n",
"apt-get update\n",
"apt-get install -y git ansible python-pip\n",
"pip install https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-latest.tar.gz\n",
"git clone https://github.com/OpenVidu/openvidu-cloud-devops /opt/workdir\n",
"pushd /opt/workdir/cloudformation-openvidu\n",
"WORKINGDIR=/opt/workdir/cloudformation-openvidu\n",
"PIP=$(curl http://169.254.169.254/latest/meta-data/public-ipv4)\n",
"PublicHostname=$(curl http://169.254.169.254/latest/meta-data/public-hostname)\n",
"# install docker\n",
"ansible-galaxy install geerlingguy.docker\n",
"# nginx\n",
"sed -i \"s/DOMAIN_NAME/", { "Ref": "MyDomainName" }, "/\" $WORKINGDIR/roles/nginx/vars/main.yml\n",
"sed -i \"s/LETSENCRYPT_EMAIL/", { "Ref": "LetsEncryptEmail" }, "/\" $WORKINGDIR/roles/nginx/vars/main.yml\n",
"sed -i \"s/AWS_EIP/$PIP/\" $WORKINGDIR/roles/nginx/vars/main.yml\n",
"sed -i \"s/AWS_PUBLIC_HOSTNAME/$PublicHostname/\" $WORKINGDIR/roles/nginx/vars/main.yml\n",
"sed -i \"s/whichcert: selfsigned/whichcert: ", { "Ref": "WhichCert" }, "/\" $WORKINGDIR/roles/nginx/vars/main.yml\n",
"echo ", { "Ref": "OwnCertCRT" }, " > $WORKINGDIR/roles/nginx/files/nginx.crt\n",
"sed -i \"s/BEGIN CERTIFICATE/BEGINCERTIFICATE/\" $WORKINGDIR/roles/nginx/files/nginx.crt\n",
"sed -i \"s/END CERTIFICATE/ENDCERTIFICATE/\" $WORKINGDIR/roles/nginx/files/nginx.crt\n",
"sed -i \"s/ /\\n/g\" $WORKINGDIR/roles/nginx/files/nginx.crt\n",
"sed -i \"s/BEGINCERTIFICATE/BEGIN CERTIFICATE/\" $WORKINGDIR/roles/nginx/files/nginx.crt\n",
"sed -i \"s/ENDCERTIFICATE/END CERTIFICATE/\" $WORKINGDIR/roles/nginx/files/nginx.crt\n",
"echo ", { "Ref": "OwnCertKEY" }, " > $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/BEGIN RSA PRIVATE KEY/BEGINRSAPRIVATEKEY/\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/BEGIN PRIVATE KEY/BEGINPRIVATEKEY/\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/END RSA PRIVATE KEY/ENDRSAPRIVATEKEY/\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/ /\\n/g\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/BEGINRSAPRIVATEKEY/BEGIN RSA PRIVATE KEY/\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/ENDRSAPRIVATEKEY/END RSA PRIVATE KEY/\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"sed -i \"s/ENDPRIVATEKEY/END PRIVATE KEY/\" $WORKINGDIR/roles/nginx/files/nginx.key\n",
"# OpenVidu\n",
"sed -i \"s/OV_VERSION/latest/\" $WORKINGDIR/roles/openvidu/vars/main.yml\n",
"sed -i \"s/run_ec2: false/run_ec2: true/\" $WORKINGDIR/roles/openvidu/vars/main.yml\n",
"sed -i \"s/DOMAIN_NAME/", { "Ref": "MyDomainName" }, "/\" $WORKINGDIR/roles/openvidu/vars/main.yml\n",
"sed -i \"s/FREEHTTPACCESTORECORDINGVIDEOS/", { "Ref": "FreeHTTPAccesToRecordingVideos" }, "/\" $WORKINGDIR/roles/openvidu/vars/main.yml\n",
"sed -i \"s/whichcert: selfsigned/whichcert: ", { "Ref": "WhichCert" }, "/\" $WORKINGDIR/roles/openvidu/vars/main.yml\n",
"# KMS\n",
"sed -i \"s/TURN_USER/turn_user/\" $WORKINGDIR/roles/kms/vars/main.yml\n",
"sed -i \"s/TURN_PASSWORD/", { "Fn::Base64": { "Ref": "AWS::StackName" } }, "/\" $WORKINGDIR/roles/kms/vars/main.yml\n",
"sed -i \"s/AWS_EIP/$PIP/\" $WORKINGDIR/roles/kms/vars/main.yml\n",
"# System shutdown\n",
"sed -i \"s/TURN_USER/turn_user/\" $WORKINGDIR/roles/system-shutdown/vars/main.yml\n",
"sed -i \"s/TURN_PASSWORD/", { "Fn::Base64": { "Ref": "AWS::StackName" } }, "/\" $WORKINGDIR/roles/system-shutdown/vars/main.yml\n",
"# stats\n",
"sed -i \"s/allowsendinfo: true/allowsendinfo: ", { "Ref": "WantToSendInfo" }, "/\" $WORKINGDIR/roles/stats/vars/main.yml\n",
"ansible-playbook -i \"localhost,\" -c local play.yml\n",
"popd\n",
"/usr/local/bin/check_app_ready.sh\n",
"/usr/local/bin/cfn-signal -e $? --stack ", {
"Ref": "AWS::StackName"
}, " --resource WaitCondition --region ", {
"Ref": "AWS::Region"
}, "\n"
]
]
}
},
"BlockDeviceMappings": [{
"DeviceName": "/dev/sda1",
"Ebs": {
"VolumeType": "io1",
"Iops": "200",
"DeleteOnTermination": "true",
"VolumeSize": "100"
}
}]
}
},
"MyEIP": {
"Type": "AWS::EC2::EIPAssociation",
"Condition": "NoSelfSigned",
"Properties": {
"InstanceId": {
"Ref": "WebServerInstance"
},
"EIP": {
"Ref": "PublicElasticIP"
}
}
},
"WaitCondition": {
"Type": "AWS::CloudFormation::WaitCondition",
"CreationPolicy": {
"ResourceSignal": {
"Timeout": "PT15M",
"Count": "1"
}
}
},
"WebServerSecurityGroup": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Full open access",
"SecurityGroupIngress": [{
"IpProtocol": "udp",
"FromPort": "0",
"ToPort": "65535",
"CidrIp": "0.0.0.0/0"
},
{
"IpProtocol": "tcp",
"FromPort": "0",
"ToPort": "65535",
"CidrIp": "0.0.0.0/0"
}
]
}
}
},
"Outputs": {
"WebsiteURL": {
"Description": "Use this URL to connect OpenVidu",
"Value": {
"Fn::Join": [
"", [
"https://",
{
"Fn::GetAtt": [
"WebServerInstance",
"PublicDnsName"
]
},
":8443"
]
]
}
},
"WebsiteIP": {
"Description": "alternatively, you can access througt this IP",
"Value": {
"Fn::GetAtt": [
"WebServerInstance",
"PublicIp"
]
}
},
"WebsiteURLLE": {
"Description": "Use this URL to connect to OpenVidu",
"Value": {
"Fn::Join": [
"", [
"https://",
{
"Ref": "MyDomainName"
},
":8443"
]
]
},
"Condition": "NoSelfSigned"
},
"OpenViduSecretOutput": {
"Description": "OpenVidu secret to generate tokens",
"Value": {
"Ref": "OpenViduSecret"
}
},
"TurnPassword": {
"Description": "Password for the user turn_user",
"Value": {
"Fn::Base64": {
"Ref": "AWS::StackName"
}
}
}
}
}
Loading

0 comments on commit d4559a4

Please sign in to comment.