Terraform: run script on new server
July 22, 2018
I'm provisioning a new machine on AWS using terraform, and I want to use puppet to configure it. I don't need to have a puppet server, I just want to put a puppet file onto the machine and then execute it with puppet.
Terraform
The initial terraform script installs puppet, and copies a file from the local machine onto the new server. It then creates a new user and copies the ssh keys, before executing puppet apply on the newly copied file.
resource "aws_instance" "bbr-web" {
ami = "${lookup(var.ec2ami, var.region)}"
instance_type = "t2.micro"
key_name = "${lookup(var.keypair, var.region)}"
security_groups = [
"${aws_security_group.web_traffic.name}",
"${aws_security_group.admin_access.name}"
]
tags {
Name = "bbr-web"
}
provisioner "file" {
source = "../web/puppet/bootstrap.pp"
destination = "bootstrap.pp"
}
provisioner "remote-exec" {
inline = [
"sudo apt-get update",
"sudo apt-get upgrade",
"sudo addgroup ${var.prefix}",
"sudo adduser ${var.prefix} --ingroup ${var.prefix} --disabled-password --gecos \"\"",
"sudo bash -c echo ${var.prefix}:${var.web_ssh_password} | chpasswd",
"sudo mkdir /home/${var.prefix}/.ssh",
"sudo cp ~/.ssh/authorized_keys /home/${var.prefix}/.ssh",
"sudo chown -R bbr:bbr /home/${var.prefix}/.ssh",
"sudo apt-get install puppet -y",
"sudo puppet apply ~/bootstrap.pp",
]
}
connection {
type = "ssh"
agent = false
private_key = "${file("${var.ec2_private_key}")}"
user = "admin"
}
}
