Merge pull request #135 from AET-DevOps25/test-aws-deployment

esadakcam · web-flow · commit f8e38cb36d97 · 2025-07-07T19:38:17.000+02:00
Test aws deployment
diff --git a/.github/workflows/ansible-manual.yml b/.github/workflows/ansible-manual.yml
@@ -9,7 +9,7 @@ on:
         type: string
 
 env:
-  SERVER_DN: ec2-18-212-178-250.compute-1.amazonaws.com # TODO: Change ip and Username according to aws vm
+  SERVER_DN: ec2-44-201-251-81.compute-1.amazonaws.com
   DEBUG: true
   SERVER_USERNAME: ubuntu
 
diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # RecipAI
 
-RecipAI is available at [`https://recipai.student.k8s.aet.cit.tum.de`](https://recipai.student.k8s.aet.cit.tum.de)
+RecipAI is available at [`https://recipai.student.k8s.aet.cit.tum.de`](https://recipai.student.k8s.aet.cit.tum.de) (k8s) and deployable at [`https://recipai.duckdns.org`](https://recipai.duckdns.org) (aws)
 
 For running it on docker please see [dockerized-deployment](#dockerized-deployment) and [.env.template](.env.template).
 
@@ -410,6 +410,17 @@ The project includes Helm charts for Kubernetes deployment in the `recipai-chart
             --set secrets.apiOpenWebUi="your open web ui api key"
    ```
 
+## AWS Deployment
+
+## Deploy with Ansible
+
+1. Change the host name of the server on [inventory.ini](./ansible/inventory.ini) and [ansible-manual](./.github/workflows/ansible-manual.yml) to the server or ip address of VM.
+2. Update `recipai.duckdns.org` DNS record on DuckDNS to point new VM IP address
+3. The application is now deployable through github actions with the following steps
+   - Run Manual Ansible Playbook Execution action install_docker.yml as input
+   - Run Manual Ansible Playbook Execution action with docker_compose_up.yml
+   - Run Manual Ansible Playbook Execution action with install_caddy.yml
+
 ## CI/CD Pipeline
 
 The project includes a GitHub Actions workflow `ci-cd.yml` for:
diff --git a/ansible/files/Caddyfile b/ansible/files/Caddyfile
@@ -0,0 +1,5 @@
+recipai.duckdns.org {
+    reverse_proxy localhost:5173
+    tls esad.akcam@tum.de
+    log
+}
diff --git a/ansible/files/config.json b/ansible/files/config.json
@@ -0,0 +1,4 @@
+{
+  "redirectUri": "https://recipai.duckdns.org/",
+  "clientId": "9c1befae9e56ca4e83629b18875b9b543692d19a2bb0e828ba4b5cbd3dc37627"
+}
diff --git a/ansible/inventory.ini b/ansible/inventory.ini
@@ -1,5 +1,5 @@
 [server]
-ec2-18-212-178-250.compute-1.amazonaws.com ansible_user=ubuntu
+ec2-44-201-251-81.compute-1.amazonaws.com ansible_user=ubuntu
 
 [all:vars]
 ansible_python_interpreter=/usr/bin/python3
diff --git a/ansible/playbooks/docker_compose_up.yml b/ansible/playbooks/docker_compose_up.yml
@@ -3,37 +3,32 @@
   hosts: all
   vars:
     project_dir: "{{ ansible_env.HOME }}/recipai"
-    folders_to_copy:
-      - server
-      - client
-      - genai
 
   tasks:
-    - name: Copy project folders
-      copy:
-        src: "../../{{ item }}/"
-        dest: "{{ project_dir }}/{{ item }}/"
-      loop: "{{ folders_to_copy }}"
+    - name: Ensure project directory exists
+      ansible.builtin.file:
+        path: "{{ project_dir }}"
+        state: directory
+
+    - name: Ensure client directory exists
+      ansible.builtin.file:
+        path: "{{ project_dir }}/client"
+        state: directory
 
     - name: Copy docker-compose.yml
       copy:
         src: "../../docker-compose.yml"
         dest: "{{ project_dir }}/docker-compose.yml"
 
-    - name: Copy server secrets
-      copy:
-        src: ../secrets/server.env
-        dest: "{{ project_dir }}/server/.env"
-
-    - name: Copy client secrets
+    - name: Copy docker-compose.yml
       copy:
-        src: ../secrets/client.env
-        dest: "{{ project_dir }}/client/.env"
+        src: "../files/config.json"
+        dest: "{{ project_dir }}/client/config.json"
 
-    - name: Copy genai secrets
+    - name: Copy secrets
       copy:
-        src: ../secrets/genai.env
-        dest: "{{ project_dir }}/genai/.env"
+        src: ../secrets/secret.env
+        dest: "{{ project_dir }}/.env"
 
     - name: Stop any running containers
       command: docker compose down
diff --git a/ansible/playbooks/install_caddy.yml b/ansible/playbooks/install_caddy.yml
@@ -0,0 +1,52 @@
+---
+- name: Install and configure Caddy reverse proxy
+  hosts: all
+  become: yes
+
+  vars:
+    caddy_config_path: /etc/caddy/Caddyfile
+
+  tasks:
+    - name: Install dependencies
+      apt:
+        name: [debian-keyring, debian-archive-keyring, apt-transport-https]
+        state: present
+        update_cache: yes
+
+    - name: Add Caddy GPG key
+      apt_key:
+        url: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
+        state: present
+
+    - name: Add Caddy repository
+      apt_repository:
+        repo: deb [trusted=yes] https://dl.cloudsmith.io/public/caddy/stable/deb/debian any-version main
+        state: present
+
+    - name: Install Caddy
+      apt:
+        name: caddy
+        state: present
+        update_cache: yes
+
+    - name: Deploy Caddyfile
+      copy:
+        dest: "{{ caddy_config_path }}"
+        src: "../files/Caddyfile"
+        owner: root
+        group: root
+        mode: '0644'
+      notify:
+        - Reload Caddy
+
+    - name: Ensure Caddy is running and enabled
+      systemd:
+        name: caddy
+        enabled: yes
+        state: started
+
+  handlers:
+    - name: Reload Caddy
+      systemd:
+        name: caddy
+        state: restarted
diff --git a/ansible/secrets/client.env b/ansible/secrets/client.env
diff --git a/ansible/secrets/genai.env b/ansible/secrets/genai.env
diff --git a/ansible/secrets/secret.env b/ansible/secrets/secret.env
@@ -0,0 +1,27 @@
+$ANSIBLE_VAULT;1.1;AES256
+35626432643764626530666432623666633134366536323330346166396163643530393432646630
+3930653031393930396561633562353364613630656261370a386463386137353163656334643231
+39383563396431336561616433306536303633363437383737616131343535373539636135366531
+6135656130353065390a303734623062333361653766373635323634353566343336343034653934
+62313435316566383466376462653934656664306131646266353738616563643338663665326235
+34386335326361623837306633623330396137356639373763636231303238373031366265373231
+66623164373466326433303033643635373834396331343566343935323938326161343766323937
+65373431306631396631336335393835363964313965623131346662326161653165376566393236
+66346534383136326166623538303334633337306336353236613230303734386461333137616361
+61626336303533326430396238373863656531666531613161646235323565366361643965366362
+61356164623030616539356534643961643663626161333065333330653931343637643735333332
+39656639353263326463353163393665663534323963366265383063316132663966613565623834
+36646532353362663537326333323530383138643931626638653930366532663562313135313037
+66313434336462383833616333363165353834666432316537376664613337343465346338356362
+66613234346432373738633434393033376236656434613330336563666337353634313462616338
+63636430373732306132613436363539666630363334643531343435653335653737393634656339
+37363435353830313536326461376335643830383638633061636365316635363465323762323433
+30643433313932346138326237336266376330336265373331316235393032373465383665326532
+63366631623830386564383338626636623364646530343765623234633066393537373530373933
+62626462313433383062663331653931326364653666363936396431373130623862353135386432
+66316366346462373037663436393438323563626437303435626439383730383963316530313430
+65303963653763333864643534343632363637313733333536663438376138383362306663373138
+65303539353435346461653836656164636534663635623034303437666161623561336165383033
+62323039393037643834336232633832343766333037316336613163646536353965393130366166
+66313539396330663639633364656132373361646530663736353732663866353733613432666361
+3433626236366461333361333461616332633563303666646533
diff --git a/ansible/secrets/server.env b/ansible/secrets/server.env

-Original file line number
+Diff line change
@@ @@ -0,0 +1,4 @@ @@
 +{
 +  "redirectUri": "https://recipai.duckdns.org/",
 +  "clientId": "9c1befae9e56ca4e83629b18875b9b543692d19a2bb0e828ba4b5cbd3dc37627"
 +}