Hello, Terraform

[dcmorse]

Port from Digital Ocean to an AWS EC2.
Automate Deployment using Terraform.

• ec2
• vpc
• dns
• rails -> postgres
• puma
• asset:precompile bug having to do with eslint webpack loader on prod
• puma systemd initscript - see https://www.linode.com/docs/guides/start-service-at-boot/
• nginx
• refactor
  • provisioned_env.* -> env & env.d
  • ec2-init.d scripts -> inline
• lets encrypt
• automatically snag the last db backup
• store terraform state in the cloud
• make git branch an input variable
• (optional) automate running certbot.sh by using terraform to configure namecheap (or transfer domain to amazon)
• doc
• make terraform/contradb.tfbackend as mentioned in the README
• change config.force_ssl = true in production.rb when $CONTRADB_DOMAIN is real
• deploy staging site
• ask Nedra to run regression on staging
• change default branch to master
• merge to master
• tf init with real s3
• build new packer instance
• terraform destroy staging site
• restore s3-backend from git and terraform init again with it
• deploy new contradb.com (but dns won't point to it, of course)
• power down old site
• backups - update script for fetching them. Maybe have it dump to s3?
• worry about migrations and blue-green stuff
• clean up ATC and morse amis
• delete https://s3.console.aws.amazon.com/s3/buckets/morsed-tf-state?region=us-east-2&tab=objects
• clean up ttls in dns records
• retire digital ocean );
• modify config/initializers/devise.rb:25 to not use [email protected] but instead use ubuntu@$CONTRADB_DOMAIN or even Rails.application.credentials.admin.username. I'm getting real emails with this as the reply-to, which is bad since it's not actually an email box.
• default to master branch instead of terraform branch
• add story to change default branch
• add story to get totally off rbenv, e.g. in gitlab, documentation.