-
Notifications
You must be signed in to change notification settings - Fork 3
/
config.example.yml
219 lines (215 loc) · 8.22 KB
/
config.example.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
vpc:
name: bawsVpc
numPublicSubnets: 2
baseAddress: "10.0.0.0"
baseCidrSize: "24"
s3:
# configDir: config/s3
buckets:
# You may make as many buckets as you like but you must create at least one of each.
# One assets, one artifacts, and one logs. The first of each created will be used for
# corresponding parts of baws stacks, as they're created.
- name: baws-pipeline
# assets | logs | artifacts
type: artifacts
addUniqueId: true
# cdnReference:
- name: baws-assets
type: assets
addUniqueId: true
- name: baws-logs
type: logs
addUniqueId: true
cdn:
distributions:
- name: baws cdn
enabled: true
# If 'global' is used for certificateArn, the `cloudFrontSSLCert` value from cdk.json
# will be used.
# When a valid value for certificateArn is provided, SSL redirect will automatically be enabled.
# To disable https for the distribution comment out the certificateArn variable.
# Certificates must be created in the us-east-1 region.
certificateArn: arn:aws:acm:us-east-1:12345679:certificate/5295d80a-3498-464b-8261-8695afd2adb4
# https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html
# PriceClass_100 | PriceClass_200 | PriceClass_ALL
priceClass: PriceClass_100
enableCookielessAssets: true
enablePostRequests: true
# Must be unique per account. You cannot have domains listed here which also belong to
# other distributions
cnames:
- example.com
- '*.example.com'
alb:
name: baws-alb
# certifcates:
# - arn:aws:acm:us-east-1:12345679:certificate/5295d80a-3498-464b-8261-8695afd2adb4
efs:
name: baws efs
encrypted: false
launchTemplates:
# @todo implement bastion server creation.
# Launch template creation for ecs has moved into scaling.
- name: baws-bastion-instance
instanceName: baws bastion
type: bastion
instanceType: t3a.nano
storageSize: 20
efs: false
scaling:
desiredSize: "2"
maxSize: "7"
minSize: "1"
# This is paired with scaling, instead of pulling from the template config,
# because dependent stacks cannot be updated, which prevents
# changes to the launch template after autoscaling has been setup. This is bad.
# It appears to be a known issue with CDK, detailed here: https://github.com/aws/aws-cdk/issues/3414
# Once the issue is resolved, the launch template will be separated again.
launchTemplate:
name: baws-ecs-template
instanceName: baws auto
type: ecs
# Available types here:
# https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html
instanceType: t3a.small
storageSize: 50
efs: true
rds:
# configDir: config/ecs
clusterName: baws-cluster
# `aurora` is the most compatible and feature complete version of Aurora.
# Other available options detailed here:
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html
auroraEngine: aurora
# This must correlate to the option above. Details here:
# https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbclusterparametergroup.html
paramFamily: aurora5.6
# aws rds create-db-cluster-parameter-group --db-cluster-parameter-group-name baws-57 --db-parameter-group-family aurora-mysql5.7 --description "Created for baws."
# wait 5 minutes after running command.
paramGroupName: baws-57
backupRetention: 7
# This is the parameter name stored in the parameter store.
# Create these either by using the command line from below (only from a secure terminal)
# Or by creating the parameter manually through the console.
masterUsernameSSM: db-master-user
masterPasswordSSM: db-master-pass
masterPasswordVersion: 1
# `dbHostParamName` and `dbROHostParamName` will set SSM values upon creation.
# The value listed under each key can be used by services which need the database host value.
dbHostParamName: db-host
dbROHostParamName: db-ro-host
instanceType: db.t3.small
clusterSize: 1
cache:
# configDir: ./config/cache
clusters:
- name: baws-cache
hostParamName: cache-host
instanceType: cache.t2.micro
# memcached | redis
engine: memcached
clusterSize: 1
commitRepo:
# configDir: config/code-commit
repos:
- name: baws-app
description: baws cdk app
# - name: baws-app-static
# description: Static app hosted and deployed on s3.
ecs:
clusterName: baws-cluster
# Example files included in the corresponding directories below. Uncomment to use them.
# If task path is uncommented, both tasks defined in the directory files, and the tasks
# defined below will be created. Either comment the `tasksDir` or delete the tasks object below,
# if you don't want corresponding tasks or servics to be created.
configDir: config/ecs
tasks:
- name: baws-app
# If create ecr is set to true the URI for that repo will automatically be used, and override
#
imageURI: nginx:alpine
createECR: true
# To disable the service, set this to 0.
desiredCount: 4
listeners:
# Only one forward rule is currently supported
- type: forward
priority: 100
hosts:
- "*.example.com"
- example.com
# Uncomment below to create domain redirects.
# - type: redirect
# priority: 110
# from:
# - "*.olddomain.com"
# - "olddomain.com"
# to: www.newdomain.com
type: ec2
# The amount reserved for your app. If this is too big, and your server doesn't have enough space,
# it will not be deployed. Ideally, make as small as possible, and deploy more instances with autoscaling.
softMemoryLimit: 256
# Your container is allowed to go over its soft limit, if avaialble. If it hits hard limit, though,
# the container will be terminated and replaced.
hardMemoryLimit: 1024
cpuUnits: 256
hostPort: 0
containerPort: 80
logRegion: us-east-1
# Values passed directly to the container
variables:
# NGINX_ENABLED and WEBROOT are applicable if you're using baws-nginx-* containers.
# drupal | wordpress | default
# NGINX_ENABLED: drupal
# WEBROOT: web
# params are values retreived from the parameter store
# Underscored values listed here, for instance db_name, db_user, db_host must be created
# in the parameter store before using them. (Future baws tools will simplify this process)
# Uncomment values according to usage.
# DB_HOST and DB_HOST_RO values can match the value created `rds.dbHostParamName` if you're
# creating an RDS with this CDK.
params:
# DB_HOST: db-host
# DB_HOST_RO: db-host-ro
# DB_NAME: db_name
# DB_USER: db_user
# DB_PASS: db_pass
# VERSION: 1
# REDIS_HOST: redis_host
# REDIS_PREFIX: redis_prefix
# Host volumes. Names here will be available as mount points in the bind section
# The key below `mounts` must have a corresponding `volumes` key.
# `volumes` are the paths found in ec2 instances. `mounts` are the paths inside containers.
volumes:
# EFS: /mnt/efs/website-name/assets
# PRIVATE: /mnt/efs/website-name/private
# TMP: /mnt/efs/tmp/website-name
mounts:
# Drupal
# EFS: /var/www/html/web/sites/default/files
# TMP: /var/www/html/tmp
# PRIVATE: /var/www/html/private
# WordPress
# EFS: /var/www/html/web/sites/plugins/uploads
codepipeline:
configDir: config/code-pipelines
pipelines:
- name: baws-pipeline
type: ecs
#must match repo name used in codecommit.
repoNameReference: baws-app
branchToWatch: master
# Must match `name` under ecs.tasks.name
taskNameReference: baws-app
# must match `name` under ecs.service.name
serviceNameReference: baws-service
# must match `name` under service.name
clusterNameReference: baws-cluster
notifications:
codepipeline:
functionName: baws-notifications
pipelineNameReference: baws-pipeline
# Info on setting up a slack hook here:
# https://api.slack.com/slack-apps
# slackChannel: aws
# slackURL: