ephemeral-jamulus/broadcast.tf

resource "aws_instance" "broadcast" {
  count           = var.broadcast_enabled ? 1 : 0
  ami             = "${data.aws_ami.image.id}"
  instance_type   = "t3.medium"
  key_name        = "${aws_key_pair.generated_key.key_name}"
  security_groups = [aws_security_group.ssh.name, aws_security_group.broadcast.name, aws_security_group.node-exporter.name] # Add your own IP to this group

  provisioner "local-exec" {
    command = <<-EOT
      echo '${tls_private_key.jamulus.private_key_openssh}' > ${aws_key_pair.generated_key.key_name} &&
      chmod 600 ${aws_key_pair.generated_key.key_name} &&
      sleep 30
    EOT
  }

  provisioner "local-exec" {
    command = <<-EOT
      ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu \
      -i '${self.public_ip},' \
      --private-key "${path.module}/${aws_key_pair.generated_key.key_name}" \
      broadcast-install.yml --extra-vars 'ec2_id=${self.id}'
    EOT
  }

  tags = {
    Name = "broadcast.vereto.net"
  }
}

resource "aws_security_group" "broadcast" {
  name        = "broadcast-port-access"
  description = "Allow broadcast inbound traffic"
}

resource "aws_security_group_rule" "icecast" {
  type              = "ingress"
  to_port           = 8000
  from_port         = 8000
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.broadcast.id
}

resource "aws_security_group_rule" "rtmp-1" {
  type              = "ingress"
  to_port           = 8554
  from_port         = 8554
  protocol          = "udp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.broadcast.id
}

resource "aws_security_group_rule" "rtmp-2" {
  type              = "ingress"
  to_port           = 1935
  from_port         = 1935
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.broadcast.id
}

resource "aws_security_group_rule" "rtmp-3" {
  type              = "ingress"
  to_port           = 8888
  from_port         = 8888
  protocol          = "tcp"
  cidr_blocks       = ["0.0.0.0/0"]
  security_group_id = aws_security_group.broadcast.id
}
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`resource "aws_instance" "broadcast" {`
Notify on setup-complete, add condition for broadcast server 2023-01-23 20:51:28 +01:00			`count = var.broadcast_enabled ? 1 : 0`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`ami = "${data.aws_ami.image.id}"`
			`instance_type = "t3.medium"`
Use generated keypair for broadcast side-car 2023-08-08 16:12:36 +02:00			`key_name = "${aws_key_pair.generated_key.key_name}"`
Open ssh port for all 2023-01-05 14:36:42 +01:00			`security_groups = [aws_security_group.ssh.name, aws_security_group.broadcast.name, aws_security_group.node-exporter.name] # Add your own IP to this group`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00
			`provisioner "local-exec" {`
Use generated keypair for broadcast side-car 2023-08-08 16:12:36 +02:00			`command = <<-EOT`
			`echo '${tls_private_key.jamulus.private_key_openssh}' > ${aws_key_pair.generated_key.key_name} &&`
			`chmod 600 ${aws_key_pair.generated_key.key_name} &&`
			`sleep 30`
			`EOT`
			`}`

			`provisioner "local-exec" {`
			`command = <<-EOT`
			`ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu \`
			`-i '${self.public_ip},' \`
			`--private-key "${path.module}/${aws_key_pair.generated_key.key_name}" \`
			`broadcast-install.yml --extra-vars 'ec2_id=${self.id}'`
			`EOT`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`}`

			`tags = {`
			`Name = "broadcast.vereto.net"`
			`}`
			`}`

			`resource "aws_security_group" "broadcast" {`
			`name = "broadcast-port-access"`
			`description = "Allow broadcast inbound traffic"`
			`}`

			`resource "aws_security_group_rule" "icecast" {`
			`type = "ingress"`
			`to_port = 8000`
			`from_port = 8000`
			`protocol = "tcp"`
Open ssh port for all 2023-01-05 14:36:42 +01:00			`cidr_blocks = ["0.0.0.0/0"]`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`security_group_id = aws_security_group.broadcast.id`
			`}`

			`resource "aws_security_group_rule" "rtmp-1" {`
			`type = "ingress"`
			`to_port = 8554`
			`from_port = 8554`
			`protocol = "udp"`
Open ssh port for all 2023-01-05 14:36:42 +01:00			`cidr_blocks = ["0.0.0.0/0"]`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`security_group_id = aws_security_group.broadcast.id`
			`}`

			`resource "aws_security_group_rule" "rtmp-2" {`
			`type = "ingress"`
			`to_port = 1935`
			`from_port = 1935`
			`protocol = "tcp"`
Open ssh port for all 2023-01-05 14:36:42 +01:00			`cidr_blocks = ["0.0.0.0/0"]`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`security_group_id = aws_security_group.broadcast.id`
			`}`

			`resource "aws_security_group_rule" "rtmp-3" {`
			`type = "ingress"`
			`to_port = 8888`
			`from_port = 8888`
			`protocol = "tcp"`
Open ssh port for all 2023-01-05 14:36:42 +01:00			`cidr_blocks = ["0.0.0.0/0"]`
Add icecast and rtsp-simple-server along side jamulus 2022-09-27 20:25:44 +02:00			`security_group_id = aws_security_group.broadcast.id`
			`}`