Notify on setup-complete, add condition for broadcast server

.gitlab-ci.yml

@@ -55,7 +55,7 @@ tf-apply-public:
     - chmod 600 jamulus.pem
   script:
     - terraform init
-    - terraform apply plan.tfplan
+    - terraform apply plan.tfplan -var="broadcast_enabled=true"
   environment:
     name: Public Jammin
     url: https://ejam.vereto.net

broadcast.tf

@@ -1,21 +1,12 @@
 resource "aws_instance" "broadcast" {
+  count           = var.broadcast_enabled ? 1 : 0
   ami             = "${data.aws_ami.image.id}"
   instance_type   = "t3.medium"
   key_name        = "jamulus"
   security_groups = [aws_security_group.ssh.name, aws_security_group.broadcast.name, aws_security_group.node-exporter.name] # Add your own IP to this group
 
-  provisioner "remote-exec" {
-    inline = ["sudo apt update", "sudo apt install python3 -y", "echo Done!"]
-    connection {
-      type        = "ssh"
-      user        = "ubuntu"
-      host        = self.public_ip
-      private_key = file("${path.module}/jamulus.pem")
-    }
-  }
-
   provisioner "local-exec" {
-    command = "ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu -i '${self.public_ip},' --private-key ${"${path.module}/jamulus.pem"} broadcast-install.yml"
+    command = "sleep 30 && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu -i '${self.public_ip},' --private-key ${"${path.module}/jamulus.pem"} broadcast-install.yml"
   }
 
   tags = {

dns.tf

@@ -25,5 +25,5 @@ resource "digitalocean_record" "icecast" {
   type   = "A"
   name   = "icecast"
   ttl    = 30
-  value  = "${aws_instance.broadcast.public_ip}"
+  value  = "${aws_instance.broadcast.*.public_ip}"
 }

jamulus-install.yml

@@ -1,11 +1,14 @@
 - become: yes
   hosts: all
   name: jamulus-install
+  vars:
+    aws_access_key: "{{ lookup('env','AWS_ACCESS_KEY_ID') }}"
+    aws_secret_key: "{{ lookup('env','AWS_SECRET_ACCESS_KEY') }}"  
   tasks:
     - name: Add jam user
       user:
         name: jam
-        
+
     - name: Wait for apt to unlock
       become: yes
       shell:  while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep 5; done;
@@ -37,4 +40,6 @@
       systemd:
         state: started
         name: jamulus.service
-    
+
+    - name: Run cloudwatch notification SETUP COMPLETE
+      script: send-setup-finished.py '{{aws_access_key}}' '{{aws_secret_key}}' eu-west-2 '{{ ec2_id }}'

main.tf

@@ -17,7 +17,7 @@ resource "aws_instance" "jamulus" {
   security_groups = [aws_security_group.ssh.name, aws_security_group.jamulus.name, aws_security_group.node-exporter.name] # Add your own IP to this group
 
   provisioner "local-exec" {
-    command = "sleep 30 && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu -i '${self.public_ip},' --private-key ${"${path.module}/jamulus.pem"} jamulus-install.yml"
+    command = "sleep 30 && ANSIBLE_HOST_KEY_CHECKING=False ansible-playbook -u ubuntu -i '${self.public_ip},' --private-key ${"${path.module}/jamulus.pem"} jamulus-install.yml --extra-vars 'ec2_id=${self.id}'"
   }
 
   tags = {
@@ -96,5 +96,5 @@ output "jamulus_ip" {
 }
 
 output "broadcast_ip" {
-  value = "${aws_instance.broadcast.public_ip}"
+  value = "${aws_instance.broadcast.*.public_ip}"
 }

send-setup-finished.py

@@ -0,0 +1,21 @@
+#!/usr/bin/python3
+
+import boto3
+from datetime import datetime
+import sys
+
+client = boto3.client('events',
+                      aws_access_key_id= sys.argv[1],
+                      aws_secret_access_key=sys.argv[2],
+                      region_name=sys.argv[3])
+                      
+response = client.put_events(
+    Entries=[
+        {
+            "DetailType": "EC2 Instance State-change Notification",
+            "Source": "net.vereto",
+            "Detail": f'{{ "instance-id": "{sys.argv[4]}", "state": "Setup-finished"}}'
+        }
+    ]
+)
+

variables.tf

@@ -1 +1,6 @@
-variable "do_token" {}
+variable "do_token" {}
+
+variable "broadcast_enabled" {
+  type = bool
+  default = false
+}