Terraform: deploy a website via Nginx in an EC2
In your AWS console, create a new key pair. You can use an existing one if you wish, but it’s better to be in the clear. You can find it in the EC2 service, under Network & Security:
In the top-right, click the Create key pair button.
Provide a name for your key pair, select the key pair type and private key file format, and click Create key pair.
Once that is done, AWS will automatically download the private key to your local machine.
Move it to your project folder (mine is aptly named terraform_nginx).
mv ~/Downloads/terraform-nginx.pem terraform_nginx
Change the permissions of the private key so that only the user can read it.
sudo chmod 400 terraform-nginx.pem
In your project folder, add the following files:
terraform.tfvars
touch main.tf variables.tf terraform.tfvars
In the main.tf file, paste the following (replace custom values such as names with your own where needed):
provider "aws" {
region = "${var.region}"
access_key = "${var.access_key}"
secret_key ="${var.secret_key}"
}
resource "aws_security_group" "tf-nginx-ssh-http" {
name = "tf-nginx-ssh-http"
description = "Allows HTTP and SSH traffic"
ingress {
from_port = 22
to_port = 22
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}
egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}
resource "aws_instance" "karens_project" {
ami = "${var.ami_id}"
instance_type = "${var.instance_type}"
security_groups = [ "${aws_security_group.tf-nginx-ssh-http.name}" ]
key_name ="${var.key_name}"
provisioner "remote-exec" {
inline = [
"sudo apt-get install nginx -y",
"git clone https://github.com/KarenNgugi/KarenNgugi.github.io.git html",
"sudo rm -r /var/www/html/",
"sudo mv html /var/www/",
]
}
connection {
type = "ssh"
user = "ubuntu"
host = self.public_ip
private_key = file("terraform-nginx.pem")
}
tags = {
Name = "Terraform_Nginx"
}
}
In the variables.tf file, paste the following:
variable "region" {
description ="AWS region"
default = "us-east-1"
}
variable "access_key" {
description = "Access key to AWS console"
}
variable "secret_key" {
description = "Secret key to AWS console"
}
variable "key_name" {
description = "Key pair to use to enable access via SSH"
}
variable "ami_id" {
description ="Amazon Machine Image to use"
default = "ami-0b93ce03dcbcb10f6"
}
variable "instance_type" {
description = "Type of EC2 to launch"
default = "t2.micro"
}
In the terraform.tfvars file, paste the following:
access_key = "insert your access key here"
secret_key = "insert your secret key here"
key_name = "terraform-nginx"
Once done, run terraform init and apply to apply your changes
terraform init
terraform apply --auto-approve
NOTE: if you are new to Terraform, make sure to run terraform plan after terraform init but before terraform apply to be sure that the resources that Terraform intends to create are exactly what you want.
When the application has been successful, you’ll see the green confirmation message like this:
Go to the EC2 service on AWS Console and go to Instances.
You will see that your instance has been created. Click on your instance’s ID.
Copy your instance’s public IPv4 address.
Open a new browser tab and paste the IP address. But before you hit ENTER, add the Nginx port number at the end:
Your_ec2_instance_public_ip_address:80
Voila!
Once you're done admiring the masterpiece you have just created, don’t forget to destroy the instance so as not to incur charges.
terraform destroy --auto-approve
Important Notice
Should you choose to upload your code to a version control platform such as GitHub, GitLab, BitBucket, etc., make sure that you add the following files to .gitignore in order to protect confidential data:
**/.terraform/*
*.tfvars
*.tfstate
.tfstate.
I have listed just the files that I have produced. You can find more examples here: https://github.com/github/gitignore/blob/main/Terraform.gitignore