feat: aws deployment with terraform

Author: EnricoBausenhart

.github/workflows/terraform-deploy.yml

@@ -0,0 +1,89 @@
+name: Terraform Deploy
+
+on:
+  workflow_dispatch:
+    inputs:
+      aws_access_key_id:
+        description: "AWS Access Key ID from Learner Lab"
+        required: true
+        type: string
+      aws_secret_access_key:
+        description: "AWS Secret Access Key from Learner Lab"
+        required: true
+        type: string
+      aws_session_token:
+        description: "AWS Session Token from Learner Lab (if required)"
+        required: false
+        type: string
+  push:
+    branches:
+      - feature/deploy-images-aws
+
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    environment: AWS
+
+    steps:
+      - name: Checkout Code
+        uses: actions/checkout@v4
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+
+      - name: Terraform Init
+        run: |
+          cd infrastructure/terraform
+          terraform init
+
+      - name: Terraform Apply
+        run: |
+          cd infrastructure/terraform
+          terraform apply -auto-approve
+        env:
+          AWS_ACCESS_KEY_ID: ${{ github.event.inputs.aws_access_key_id }}
+          AWS_SECRET_ACCESS_KEY: ${{ github.event.inputs.aws_secret_access_key }}
+          AWS_SESSION_TOKEN: ${{ github.event.inputs.aws_session_token }}
+
+      - name: Get EC2 Public IP
+        id: get-ip
+        run: |
+          cd infrastructure/terraform
+          echo "EC2_PUBLIC_IP=$(terraform output -raw public_ip)" >> $GITHUB_ENV
+
+      - name: Copy Docker Compose File From Repo to VM Host
+        uses: appleboy/scp-action@v0.1.7
+        with:
+          host: ${{ env.EC2_PUBLIC_IP }}
+          username: ubuntu
+          key: ${{ secrets.AWS_EC2_PRIVATE_KEY }}
+          source: "deployment/compose.aws.yml"
+          target: /home/ubuntu/deployment
+          strip_components: 1
+          overwrite: true
+
+      - name: SSH to VM and Create .env.prod
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ env.EC2_PUBLIC_IP }}
+          username: ubuntu
+          key: ${{ secrets.AWS_EC2_PRIVATE_KEY }}
+          script: |
+            cd /home/ubuntu
+            rm -f .env.prod
+            touch .env.prod
+            echo "EC2_PUBLIC_IP=${{ env.EC2_PUBLIC_IP }}" >> .env.prod
+            echo "CLIENT_HOST=client.${{ env.EC2_PUBLIC_IP }}.nip.io" >> .env.prod
+            echo "SERVER_HOST=api.${{ env.EC2_PUBLIC_IP }}.nip.io" >> .env.prod
+            echo "PUBLIC_API_URL=https://api.${{ env.EC2_PUBLIC_IP }}.nip.io" >> .env.prod
+
+      - name: SSH to VM and Execute Docker-Compose Up
+        uses: appleboy/ssh-action@v1.0.3
+        with:
+          host: ${{ env.EC2_PUBLIC_IP }}
+          username: ubuntu
+          key: ${{ secrets.AWS_EC2_PRIVATE_KEY }}
+          script: |
+            cd /home/ubuntu
+            echo ${{ secrets.GITHUB_TOKEN }} | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+            docker compose -f deployment/compose.aws.yml --env-file=/home/ubuntu/.env.prod up -d

infrastructure/terraform/.terraform.lock.hcl

@@ -0,0 +1 @@
+100.26.202.164 

infrastructure/terraform/ec2_public_ip.txt

@@ -0,0 +1,63 @@
+provider "aws" {
+  region = var.aws_region
+}
+
+# Create a security group
+resource "aws_security_group" "app" {
+  name        = "app-sg"
+  description = "Security group for application"
+
+  ingress {
+    from_port   = 22
+    to_port     = 22
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name = "app-sg"
+  }
+}
+
+# Create an EC2 instance
+resource "aws_instance" "app" {
+  ami           = var.ami_id
+  instance_type = var.instance_type
+
+  vpc_security_group_ids = [aws_security_group.app.id]
+
+  tags = {
+    Name = "app-instance"
+  }
+
+  # This will output the public IP after creation
+  provisioner "local-exec" {
+    command = "echo ${self.public_ip} > ec2_public_ip.txt"
+  }
+}
+
+# Output the public IP
+output "public_ip" {
+  value = aws_instance.app.public_ip
+} 

infrastructure/terraform/main.tf

@@ -0,0 +1,9 @@
+{
+  "version": 4,
+  "terraform_version": "1.12.2",
+  "serial": 6,
+  "lineage": "829d69c0-90b4-5caf-5f55-c55d57d83916",
+  "outputs": {},
+  "resources": [],
+  "check_results": null
+}