evert/iac-duplicate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
iac-duplicate/terraform/scripts/ec2-user-data.sh
T
Jenkins CI 71be2abd2e Add complete SACC v4 infrastructure project 
- Terraform modules: VPC, EC2, RDS, S3, CloudFront, Route53, Lambda, IAM, Security Groups
- Ansible playbooks for server configuration
- Scripts: create-test-environment.sh, destroy-test-environment.sh, validate-environment.sh
- Documentation: README, QUICKSTART, AGENTS
- Jenkins pipeline for automated deployment
- Jenkins pipeline for environment destruction
2026-06-03 04:39:01 +00:00

98 lines
2.6 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
# User Data para instancia EC2 SACC v4
# =====================================
# Este script se ejecuta al inicio de la instancia
set -e
# Actualizar sistema
echo "Actualizando sistema..."
apt-get update -y
apt-get upgrade -y
# Instalar dependencias base
echo "Instalando dependencias..."
apt-get install -y \
openjdk-21-jdk \
nginx \
unzip \
jq \
net-tools \
htop \
logrotate \
curl \
wget \
git \
python3 \
python3-pip \
ansible \
awscli
# Crear usuarios y grupos
echo "Configurando usuarios..."
groupadd -g 1006 duat || true
useradd -u 997 -g duat -s /bin/bash -m osiris || true
useradd -u 1001 -g duat -s /bin/bash -m thoth || true
# Crear directorios
echo "Creando directorios..."
mkdir -p /opt/sacc4
mkdir -p /var/log/sacc4
mkdir -p /etc/sacc4
mkdir -p /var/www/html
# Configurar permisos
chown -R thoth:duat /opt/sacc4
chmod 2775 /opt/sacc4
# Configurar SSH
echo "Configurando SSH..."
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
sed -i 's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config
systemctl restart sshd
# Configurar UFW
echo "Configurando firewall..."
ufw default deny incoming
ufw default allow outgoing
ufw allow 22/tcp
ufw allow 80/tcp
ufw allow 443/tcp
ufw allow 8080:8085/tcp
ufw --force enable
# Instalar CloudWatch agent
echo "Instalando CloudWatch agent..."
wget https://s3.amazonaws.com/amazoncloudwatch-agent/ubuntu/amd64/latest/amazon-cloudwatch-agent.deb
dpkg -i amazon-cloudwatch-agent.deb
rm amazon-cloudwatch-agent.deb
# Crear configuración de CloudWatch
cat > /opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json <<'EOF'
{
"metrics": {
"namespace": "SACC4",
"metrics_collected": {
"cpu": { "measurement": ["cpu_usage_idle", "cpu_usage_user"], "metrics_collection_interval": 60 },
"mem": { "measurement": ["mem_used_percent"], "metrics_collection_interval": 60 },
"disk": { "measurement": ["disk_used_percent"], "resources": ["/"], "metrics_collection_interval": 60 }
}
},
"logs": {
"logs_collected": {
"files": {
"collect_list": [
{ "file_path": "/var/log/sacc4/*/*.log", "log_group_name": "sacc4-application-logs", "log_stream_name": "{instance_id}" }
]
}
}
}
}
EOF
# Iniciar CloudWatch agent
/opt/aws/amazon-cloudwatch-agent/bin/amazon-cloudwatch-agent-ctl -a fetch-config -m ec2 -s -c file:/opt/aws/amazon-cloudwatch-agent/etc/amazon-cloudwatch-agent.json
echo "Configuración base completada!"
echo "IP privada: $(hostname -I | awk '{print $1}')"
echo "Esperando despliegue de aplicación..."
Reference in New Issue View Git Blame Copy Permalink