ami-vault/ami.json at master · vghn/ami-vault · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
{
  "variables": {
    "ami_version": "2020-05-18",
    "vault_version": "1.4.2",
    "vault_installer_version": "master",
    "acme_installer_version": "master"
  },
  "builders": [
    {
      "name": "Vault",
      "type": "amazon-ebs",
      "ami_name": "Vault_{{timestamp}}",
      "ami_description": "Vault AMI",
      "source_ami_filter": {
        "filters": {
          "architecture": "x86_64",
          "root-device-type": "ebs",
          "virtualization-type": "hvm",
          "block-device-mapping.volume-type": "gp2",
          "name": "ubuntu/images/hvm-ssd/ubuntu-focal-20.04-amd64-server-*"
        },
        "owners": ["099720109477"],
        "most_recent": true
      },
      "instance_type": "t3.micro",
      "region": "us-east-1",
      "ssh_username": "ubuntu",
      "run_tags": {
        "Name": "Vault AMI",
        "Group": "vgh",
        "Project": "vgh",
        "Packer": "true"
      },
      "tags": {
        "Name": "Vault AMI",
        "Group": "vgh",
        "Project": "vgh",
        "Packer": "true"
      }
    }
  ],
  "provisioners": [
    {
      "type": "shell",
      "inline": "while [ ! -f /var/lib/cloud/instance/boot-finished ]; do echo 'Waiting for cloud-init...'; sleep 5; done"
    },{
      "type": "ansible",
      "playbook_file": "playbook.yml",
      "galaxy_file": "requirements.yml"
    },{
      "type": "shell",
      "inline": [
        "git clone --single-branch --branch {{user `vault_installer_version`}} https://github.com/hashicorp/terraform-aws-vault.git /tmp/terraform-aws-vault",
        "cd /tmp/terraform-aws-vault/modules/install-vault && ./install-vault --version {{user `vault_version`}}"
      ]
    },{
      "type": "shell",
      "inline": [
        "export DEBIAN_FRONTEND=noninteractive",
        "sudo -E apt-get -qy install socat",
        "git clone --single-branch --branch {{user `acme_installer_version`}} https://github.com/acmesh-official/acme.sh /tmp/acme.sh",
        "cd /tmp/acme.sh && sudo su -c './acme.sh --install --config-home /data/acme'"
      ]
    }
  ]
}