From eaef7aadfe2ac8cfc2e29ec181c1ecaa1e517972 Mon Sep 17 00:00:00 2001 From: Alexander Hosking Date: Tue, 14 May 2019 08:08:45 -0400 Subject: [PATCH] Add logging dns --- ahoskingit/terraform/dns_ahoskingit.tf | 8 +++ ahoskingit/terraform/terraform.tfstate | 29 +++++++- ahoskingit/terraform/terraform.tfstate.backup | 60 +++++++++++++++- ahoskingit/terraform/terrarist.py | 70 +++++++++++++++---- 4 files changed, 152 insertions(+), 15 deletions(-) diff --git a/ahoskingit/terraform/dns_ahoskingit.tf b/ahoskingit/terraform/dns_ahoskingit.tf index e69f142..edc2222 100644 --- a/ahoskingit/terraform/dns_ahoskingit.tf +++ b/ahoskingit/terraform/dns_ahoskingit.tf @@ -53,6 +53,14 @@ resource "aws_route53_record" "lab_ahoskingit" { records = ["${aws_route53_record.kfa_ahoskingit.name}"] } +resource "aws_route53_record" "logs_ahoskingit" { + zone_id = "${aws_route53_zone.ahoskingit.zone_id}" + name = "logs.ahoskingit.com" + type = "CNAME" + ttl = "5" + records = ["${var.home_ip}"] +} + resource "aws_route53_record" "inventory_ahoskingit" { zone_id = "${aws_route53_zone.ahoskingit.zone_id}" name = "inventory.ahoskingit.com" diff --git a/ahoskingit/terraform/terraform.tfstate b/ahoskingit/terraform/terraform.tfstate index a8dd960..dcf0976 100644 --- a/ahoskingit/terraform/terraform.tfstate +++ b/ahoskingit/terraform/terraform.tfstate @@ -1,7 +1,7 @@ { "version": 3, "terraform_version": "0.11.11", - "serial": 24, + "serial": 25, "lineage": "db7d87ff-3078-47ed-a0a9-91749a2dbba5", "modules": [ { @@ -847,6 +847,33 @@ "deposed": [], "provider": "provider.aws" }, + "aws_route53_record.logs_ahoskingit": { + "type": "aws_route53_record", + "depends_on": [ + "aws_route53_zone.ahoskingit" + ], + "primary": { + "id": "Z2HTSYFXB5HXD9_logs.ahoskingit.com_CNAME", + "attributes": { + "fqdn": "logs.ahoskingit.com", + "health_check_id": "", + "id": "Z2HTSYFXB5HXD9_logs.ahoskingit.com_CNAME", + "name": "logs.ahoskingit.com", + "records.#": "1", + "records.1816504638": "99.240.201.161", + "set_identifier": "", + "ttl": "5", + "type": "CNAME", + "zone_id": "Z2HTSYFXB5HXD9" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, "aws_route53_record.monitors_ahoskingit": { "type": "aws_route53_record", "depends_on": [ diff --git a/ahoskingit/terraform/terraform.tfstate.backup b/ahoskingit/terraform/terraform.tfstate.backup index d9ff596..9006fc3 100755 --- a/ahoskingit/terraform/terraform.tfstate.backup +++ b/ahoskingit/terraform/terraform.tfstate.backup @@ -1,7 +1,7 @@ { "version": 3, - "terraform_version": "0.11.7", - "serial": 24, + "terraform_version": "0.11.11", + "serial": 25, "lineage": "db7d87ff-3078-47ed-a0a9-91749a2dbba5", "modules": [ { @@ -627,6 +627,34 @@ "deposed": [], "provider": "provider.aws" }, + "aws_route53_record.goals_ahoskingit": { + "type": "aws_route53_record", + "depends_on": [ + "aws_route53_record.home_ahoskingit", + "aws_route53_zone.ahoskingit" + ], + "primary": { + "id": "Z2HTSYFXB5HXD9_goals.ahoskingit.com_CNAME", + "attributes": { + "fqdn": "goals.ahoskingit.com", + "health_check_id": "", + "id": "Z2HTSYFXB5HXD9_goals.ahoskingit.com_CNAME", + "name": "goals.ahoskingit.com", + "records.#": "1", + "records.1011144593": "home.ahoskingit.com", + "set_identifier": "", + "ttl": "5", + "type": "CNAME", + "zone_id": "Z2HTSYFXB5HXD9" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, "aws_route53_record.home_ahoskingit": { "type": "aws_route53_record", "depends_on": [ @@ -819,6 +847,34 @@ "deposed": [], "provider": "provider.aws" }, + "aws_route53_record.monitors_ahoskingit": { + "type": "aws_route53_record", + "depends_on": [ + "aws_route53_record.home_ahoskingit", + "aws_route53_zone.ahoskingit" + ], + "primary": { + "id": "Z2HTSYFXB5HXD9_monitors.ahoskingit.com_CNAME", + "attributes": { + "fqdn": "monitors.ahoskingit.com", + "health_check_id": "", + "id": "Z2HTSYFXB5HXD9_monitors.ahoskingit.com_CNAME", + "name": "monitors.ahoskingit.com", + "records.#": "1", + "records.1011144593": "home.ahoskingit.com", + "set_identifier": "", + "ttl": "5", + "type": "CNAME", + "zone_id": "Z2HTSYFXB5HXD9" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "provider.aws" + }, "aws_route53_record.mx_automatedbytes": { "type": "aws_route53_record", "depends_on": [ diff --git a/ahoskingit/terraform/terrarist.py b/ahoskingit/terraform/terrarist.py index 49b584a..eaf9beb 100755 --- a/ahoskingit/terraform/terrarist.py +++ b/ahoskingit/terraform/terrarist.py @@ -1,16 +1,44 @@ +#!/usr/bin/env python + import argparse import os +import subprocess import string -import sys +import sys +import shutil from ansible_vault import Vault +def create_credentials(): + print("Creating Terraform Credentials") + creds_file = os.path.expanduser("~/.aws/credentials") + backup_file = os.path.expanduser("~/.aws/credentials.terrarist.bak") + + if os.path.exists(backup_file): + os.remove(backup_file) + if os.path.exists(creds_file): + shutil.copy(creds_file, backup_file) + + f = open(creds_file, "w+") + f.write("[default]\n") + writer = "aws_access_key_id=" + data["aws_access_key"] + "\n" + f.write(writer) + writer = "aws_secret_access_key=" + data["aws_secret_key"] + "\n" + f.write(writer) + if __name__ == "__main__": - parser = argparse.ArgumentParser(description='Securely wrap terraform like a terrarist!') - parser.add_argument('action', choices=['plan', 'apply', 'import', 'init'], help='Terraform action to execute') - parser.add_argument('--vault', '--ansible-vault', dest='vault_file', required=True, help='Ansible Vault File') - parser.add_argument('--vault-password-file', dest='vault_password', required=True, help='Ansible Vault Password File') - parser.add_argument('--environment', dest='environment', required=True, help='Production, Staging, etc...') + parser = argparse.ArgumentParser( + description='Securely wrap terraform like a terrarist!') + parser.add_argument('action', choices=[ + 'plan', 'apply', 'import', 'init', 'destroy'], help='Terraform action to execute') + parser.add_argument('--vault', '--ansible-vault', dest='vault_file', + default='terraform.vault', required=False, help='Ansible Vault File') + parser.add_argument('--vault-password-file', dest='vault_password', + required=True, help='Ansible Vault Password File') + parser.add_argument('--environment', dest='environment', default='dev', + required=False, help='Production, Staging, etc...') + parser.add_argument('--no-landscape', action="store_true", dest="pretty_output", + required=False, help='Only define this if you do not want pretty output.') args, options = parser.parse_known_args() @@ -27,13 +55,31 @@ if __name__ == "__main__": vault = Vault(password) data = vault.load(open(args.vault_file).read()) - cmd = ["terraform", args.action, "--var", "environment=%s" %args.environment, '--var-file=var_homeip.tfvar' ] + create_credentials() + + cmd = ["terraform", args.action, "--var", + "environment=%s" % args.environment] for key, value in data.items(): cmd.append("--var") - cmd.append("'%s=%s'" %(key, value)) + cmd.append("'%s=%s'" % (key, value)) - cmd += string.join(options) - - x = os.system(string.join(cmd)) - sys.exit(x) + for option in options: + cmd.append(option) + + if args.action == 'plan': + try: + landscape = shutil.which('landscape') # Pretty terraform output + if landscape is not None and not args.pretty_output: + cmd.append(" | landscape") + except: + landscape = os.system('which landscape') + if landscape != 256 and not args.pretty_output: + cmd.append(" | landscape") + + if sys.version_info[0] < 3: # Python 2 + x = os.system(string.join(cmd)) + sys.exit(x) + else: # Python 3 + x = os.system(' '.join(cmd)) + sys.exit(x) \ No newline at end of file