{ "Resources": { "WhatsCRMInstanceSG961931E3": { "Type": "AWS::EC2::SecurityGroup", "Properties": { "GroupDescription": "WhatsCRM Security Group Allow SSH and HTTP", "SecurityGroupEgress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow all outbound traffic by default", "IpProtocol": "-1" } ], "SecurityGroupIngress": [ { "CidrIp": "0.0.0.0/0", "Description": "Allow SSH", "FromPort": 22, "IpProtocol": "tcp", "ToPort": 22 }, { "CidrIp": "0.0.0.0/0", "Description": "Allow Node.js app", "FromPort": 3000, "IpProtocol": "tcp", "ToPort": 3000 }, { "CidrIp": "0.0.0.0/0", "Description": "Allow HTTP port 80", "FromPort": 80, "IpProtocol": "tcp", "ToPort": 80 } ], "VpcId": "vpc-06d9e98194dfc09ac" }, "Metadata": { "aws:cdk:path": "WhatsCRMStack/WhatsCRM Instance SG/Resource" } }, "WhatsCRMKeyPair": { "Type": "AWS::EC2::KeyPair", "Properties": { "KeyName": "whatscrm-key" }, "Metadata": { "aws:cdk:path": "WhatsCRMStack/WhatsCRMKeyPair" } }, "WhatsCRMInstanceInstanceRole0023A5B8": { "Type": "AWS::IAM::Role", "Properties": { "AssumeRolePolicyDocument": { "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "Service": "ec2.amazonaws.com" } } ], "Version": "2012-10-17" }, "Tags": [ { "Key": "Name", "Value": "WhatsCRMStack/WhatsCRMInstance" } ] }, "Metadata": { "aws:cdk:path": "WhatsCRMStack/WhatsCRMInstance/InstanceRole/Resource" } }, "WhatsCRMInstanceInstanceProfileA929630B": { "Type": "AWS::IAM::InstanceProfile", "Properties": { "Roles": [ { "Ref": "WhatsCRMInstanceInstanceRole0023A5B8" } ] }, "Metadata": { "aws:cdk:path": "WhatsCRMStack/WhatsCRMInstance/InstanceProfile" } }, "WhatsCRMInstance16BD72E3": { "Type": "AWS::EC2::Instance", "Properties": { "AvailabilityZone": "sa-east-1a", "IamInstanceProfile": { "Ref": "WhatsCRMInstanceInstanceProfileA929630B" }, "ImageId": { "Ref": "SsmParameterValueawsserviceamiamazonlinuxlatestal2023amikernel61x8664C96584B6F00A464EAD1953AFF4B05118Parameter" }, "InstanceType": "t3.micro", "KeyName": "whatscrm-key", "SecurityGroupIds": [ { "Fn::GetAtt": [ "WhatsCRMInstanceSG961931E3", "GroupId" ] } ], "SubnetId": "subnet-0d3f459fdf2f25b6f", "Tags": [ { "Key": "Name", "Value": "WhatsCRMStack/WhatsCRMInstance" } ], "UserData": { "Fn::Base64": "#!/bin/bash\nsudo dnf update -y\nsudo dnf groupinstall \"Development Tools\" -y\nsudo dnf install nftables -y\nsudo dnf install -y git mariadb105-server gcc-c++ make\nsudo systemctl enable --now mariadb\nsudo mysqladmin -u root password 'h3o9p7325rR!' || true\nsudo mysql -uroot -ph3o9p7325rR\\! -e \"CREATE DATABASE IF NOT EXISTS whatscrm;\"\nsudo mysql -uroot -ph3o9p7325rR\\! -e \"SELECT User FROM mysql.user WHERE User = 'whatscrmuser' AND Host = 'localhost';\" | grep -q 'whatscrmuser' || sudo mysql -uroot -ph3o9p7325rR\\! -e \"CREATE USER 'whatscrmuser'@'localhost' IDENTIFIED BY 'z31tg31stT\\!';\"\nsudo mysql -uroot -ph3o9p7325rR\\! -e \"GRANT ALL PRIVILEGES ON whatscrm.* TO 'whatscrmuser'@'localhost';\"\nsudo mysql -uroot -ph3o9p7325rR\\! -e \"FLUSH PRIVILEGES;\"\nsudo -u ec2-user git config --global user.name \"ccasanovas\"\nsudo -u ec2-user git config --global user.email \"ccasanovas.comex@gmail.com.com\"\nsudo -u ec2-user bash -c 'if [ ! -d /home/ec2-user/meta-crm ]; then git clone https://ccasanovas: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@github.com/ccasanovas/meta-crm.git /home/ec2-user/meta-crm; else cd /home/ec2-user/meta-crm && git pull; fi'\nif [ -f /home/ec2-user/meta-crm/export.sql ]; then sudo -u ec2-user mysql -u whatscrmuser -pz31tg31stT\\! whatscrm < /home/ec2-user/meta-crm/export.sql; fi\nTOKEN=$(curl -X PUT \"http://169.254.169.254/latest/api/token\" -H \"X-aws-ec2-metadata-token-ttl-seconds: 21600\")\nPUBLIC_DNS=$(curl -H \"X-aws-ec2-metadata-token: $TOKEN\" http://169.254.169.254/latest/meta-data/public-hostname)\nsudo -u ec2-user sed -i 's/^DB_USER=.*/DB_USER=whatscrmuser/' /home/ec2-user/meta-crm/.env\nsudo -u ec2-user sed -i 's/^DB_PASSWORD=.*/DB_PASSWORD=z31tg31stT!/' /home/ec2-user/meta-crm/.env\nsudo -u ec2-user sed -i 's/^DB_NAME=.*/DB_NAME=whatscrm/' /home/ec2-user/meta-crm/.env\nsudo -u ec2-user sed -i \"s|^FRONTENDURI=.*|FRONTENDURI=http://$PUBLIC_DNS|\" /home/ec2-user/meta-crm/.env || echo \"FRONTENDURI=http://$PUBLIC_DNS\" | sudo -u ec2-user tee -a /home/ec2-user/meta-crm/.env\nsudo -u ec2-user sed -i \"s|^BACKENDURI=.*|BACKENDURI=http://$PUBLIC_DNS:3000|\" /home/ec2-user/meta-crm/.env || echo \"BACKENDURI=http://$PUBLIC_DNS:3000\" | sudo -u ec2-user tee -a /home/ec2-user/meta-crm/.env\nsudo -u ec2-user bash -l -c \"curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.4/install.sh | bash && source /home/ec2-user/.nvm/nvm.sh && nvm install 21 && nvm alias default 21 && nvm use 21.7.3\"\"\ncd /home/ec2-user/meta-crm\nsudo fallocate -l 2G /swapfile\nsudo chmod 600 /swapfile\nsudo mkswap /swapfile\nsudo swapon /swapfile\nnpm install -g yarn\nyarn install --ignore-engines\nsudo tee /etc/systemd/system/meta-crm.service > /dev/null <", "Default": "/aws/service/ami-amazon-linux-latest/al2023-ami-kernel-6.1-x86_64" }, "BootstrapVersion": { "Type": "AWS::SSM::Parameter::Value", "Default": "/cdk-bootstrap/hnb659fds/version", "Description": "Version of the CDK Bootstrap resources in this environment, automatically retrieved from SSM Parameter Store. [cdk:skip]" } }, "Outputs": { "WhatsCRMInstancePublicIP": { "Description": "WhatsCRM Instance Public IP of EC2 instance", "Value": { "Fn::GetAtt": [ "WhatsCRMInstance16BD72E3", "PublicIp" ] } } }, "Rules": { "CheckBootstrapVersion": { "Assertions": [ { "Assert": { "Fn::Not": [ { "Fn::Contains": [ [ "1", "2", "3", "4", "5" ], { "Ref": "BootstrapVersion" } ] } ] }, "AssertDescription": "CDK bootstrap stack version 6 required. Please run 'cdk bootstrap' with a recent version of the CDK CLI." } ] } } }