Last active
February 1, 2018 18:56
-
-
Save hac-madkudu/fd1463c6b45e19ccfa3c0e52f50aa8c7 to your computer and use it in GitHub Desktop.
Redash CloudFormation Stack
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| AWSTemplateFormatVersion: '2010-09-09' | |
| Description: EC2 Instance Redash. See https://redash.io/help-onpremise/setup/setting-up-redash-instance.html | |
| Parameters: | |
| RedashPass: | |
| Description: The password for the redash user in RDS | |
| Type: String | |
| NoEcho: true | |
| # Help for CloudFormation Mappings | |
| # http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/mappings-section-structure.html | |
| # See https://redash.io/help-onpremise/setup/setting-up-redash-instance.html | |
| Mappings: | |
| RegionMap: | |
| us-east-1: | |
| AMI: ami-2d3c0a56 | |
| us-west-1: | |
| AMI: ami-5a1d373a | |
| us-west-2: | |
| AMI: ami-2325c85b | |
| Conditions: | |
| IsProd: !Equals [ !Ref 'AWS::AccountId', 1234567890 ] | |
| IsDev: !Not [ !Equals [ !Ref 'AWS::AccountId', 1234567890 ] ] | |
| Resources: | |
| # Set up an Elastic IP for this instance to make it publicly accessible | |
| EIPRedash: | |
| Type: AWS::EC2::EIP | |
| DependsOn: EC2InstanceRedash | |
| Properties: | |
| Domain: !ImportValue vpc-VpcID | |
| InstanceId: !Ref EC2InstanceRedash | |
| # Set up the Redis for Redash | |
| ElastiCacheReplicationGroup: | |
| Type: AWS::ElastiCache::ReplicationGroup | |
| Properties: | |
| ReplicationGroupDescription: redash | |
| AtRestEncryptionEnabled: true | |
| AutoMinorVersionUpgrade: true | |
| CacheNodeType: cache.t2.micro | |
| Engine: redis | |
| EngineVersion: 3.2.6 | |
| AutomaticFailoverEnabled: false | |
| NumNodeGroups: 1 | |
| ReplicasPerNodeGroup: !If [IsProd, 0, 0] | |
| CacheSubnetGroupName: !ImportValue vpc-ElastiCacheSubnetGroup # Update based on your configuration | |
| SecurityGroupIds: | |
| - !ImportValue vpc-SecurityGroupElastiCacheID # Update based on your configuration | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-redis' | |
| DBInstance: | |
| Type: AWS::RDS::DBInstance | |
| Properties: | |
| AllocatedStorage: 20 | |
| AllowMajorVersionUpgrade: true | |
| AutoMinorVersionUpgrade: true | |
| BackupRetentionPeriod: 7 | |
| DBInstanceClass: db.t2.micro | |
| DBInstanceIdentifier: redash | |
| DBName: redash | |
| DBSubnetGroupName: !ImportValue vpc-SubnetGroupRDS # Update based on your configuration | |
| Engine: postgres | |
| EngineVersion: 9.6.5 | |
| MasterUsername: redash | |
| MasterUserPassword: !Ref RedashPass | |
| MultiAZ: false | |
| PubliclyAccessible: false | |
| StorageType: gp2 | |
| VPCSecurityGroups: | |
| - !ImportValue vpc-SecurityGroupRDSID # Update based on your configuration | |
| Tags: | |
| - Key: Name | |
| Value: !Sub '${AWS::StackName}-RDS' | |
| EC2InstanceRedash: | |
| Type: AWS::EC2::Instance | |
| Properties: | |
| InstanceType: t2.micro | |
| IamInstanceProfile: ec2-instance-profile # Update based on your configuration | |
| SourceDestCheck: false | |
| ImageId: !FindInMap [ RegionMap, !Ref 'AWS::Region', AMI ] | |
| SecurityGroupIds: | |
| - !ImportValue vpc-SecurityGroupID # Update based on your configuration | |
| SubnetId: !ImportValue vpc-Subnet # Update based on your configuration | |
| Tags: | |
| - Key: Name | |
| Value: redash | |
| # This is the huge script to set up all the things we need on the machine | |
| # The most important file is the /opt/redash/.env file, which defines the Redis and PostgreSQL databases | |
| UserData: | |
| Fn::Base64: | |
| Fn::Join: | |
| - "" | |
| - | |
| - "#!/bin/bash" | |
| - "\n" | |
| - "apt-get update -y" | |
| - "\n" | |
| - "apt-get -y install python-pip ntp" | |
| - "\n" | |
| - "pip install awscli --upgrade" | |
| - "\n" | |
| - "cp /opt/redash/.env /opt/redash/.env.bak" | |
| - "\n" | |
| - "sed -i '/URL/d' /opt/redash/.env" # Remove the existing REDIS_URL and REDASH_DATABASE_URL environment variables | |
| - "\n" | |
| - "echo 'export REDASH_REDIS_URL=redis://" | |
| - !If [ IsProd, redash-redis.prod.com, redash-redis.stage.com ] | |
| - ":6379/0' >> /opt/redash/.env" # Point to the Redis database | |
| - "\n" | |
| - "echo 'export REDASH_DATABASE_URL=postgresql://redash:" | |
| - !Ref RedashPass | |
| - "@" | |
| - !If [ IsProd, redash-rds.prod.com , redash-rds.stage.com ] | |
| - ":5432/redash' >> /opt/redash/.env" # Point to the PostgreSQL database | |
| - "\n" | |
| - "( cd /opt/redash/current ; su redash bin/run ./manage.py database create_tables )" # Gotta set up the database | |
| - "\n" | |
| - "pip uninstall -y pyOpenSSL" # For whatever reason, the AMI doesn't have the right pyOpenSSL | |
| - "\n" | |
| - "pip install pyOpenSSL" | |
| - "\n" | |
| - "yes | /opt/redash/current/bin/upgrade" # Latest and greatest | |
| - "\n" | |
| - "supervisorctl restart all" | |
| - "\n" | |
| - "touch /tmp/done" # So that we know it worked | |
| RecordSetGroupRedash: | |
| Type: AWS::Route53::RecordSetGroup | |
| DependsOn: EIPRedash | |
| Properties: | |
| HostedZoneId: !ImportValue HostedZoneID # Update based on your configuration | |
| RecordSets: | |
| - Name: !If [ IsProd, redash.prod.com , redash.stage.com ] # Update based on your configuration | |
| Type: A | |
| TTL: 300 | |
| ResourceRecords: | |
| - !Ref EIPRedash | |
| - Name: !If [ IsProd, redash-redis.prod.com , redash-redis.stage.com ] # Update based on your configuration | |
| Type: CNAME | |
| TTL: 300 | |
| ResourceRecords: | |
| - !GetAtt ElastiCacheReplicationGroup.PrimaryEndPoint.Address | |
| - Name: !If [ IsProd, redash-rds.prod.com , redash-rds.stage.com ] # Update based on your configuration | |
| Type: CNAME | |
| TTL: 300 | |
| ResourceRecords: | |
| - !GetAtt DBInstance.Endpoint.Address |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment