This project is an example of:
- Developing applications in a docker container
- Repeatably deploying lambda infrastructure using terraform, jinja, and serverless
- Interacting with SSM parameters using Lambda for secrets
- Applying least priviledge IAM policies per lambda function
- Backing up files on remote servers and docker containers using Lambda functions (doesn't have to be minecraft servers, I just use it for my own)
docker-compose run --rm dev
The exported environment variables below will be configured to the terraform AWS provider when you apply. There is no need to specify it in the provider.
On terraform apply
, the resources required to deploy a lambda function (s3, iam, lambda) are created and the zip file is uploaded to s3 and deployed to lambda.
# Step 1: Run the development container locally. This container has all the dependencies needed
# to build, package, and deploy the infrastructure.
# Note: If you rather deveop on your own machine, ensure python, virtualenv, terraform, and serverless
# are installed
docker-compose run --rm dev
# Step 2: Export the AWS keys required to deploy to AWS
# https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html
export AWS_ACCESS_KEY_ID=XXXXXX
export AWS_SECRET_ACCESS_KEY=XXXXXX
# Step 3: Export the private key that will be used to ssh into the server by the lambda function
# The public key must have been added to the server prior
export TF_VAR_PRIVATE_KEY=XXXXXX
# Step 4: Run these make commands individually, or simply run `make all`:
# Builds the terraform code to deploy from the jinja templates and serverless.yml
make build
# Individually packages each function defined in the serverless.yml
make package
# Deploys the terraform code
make deploy
- The server host has ssh enabled
- The server or docker container you are backing up files on has zip installed
- Permissions to create directories on root if backing up a container
{
/* required parameters */
"host": "x", // minecraft server url
"source": ["/x/x.txt", "/x/x_dir"], // absolute path of files and folders to backup
"dest": "/x/dir", // absolute path to store the zip on the host server
/* optional parameters */
"port": 22,// (default: 22) ssh port to use when connecting
"user": "x", // (default: root) ssh user to use when connecting
"upload": false, // (default: false) uploads to the bucket under /backups
"container": "x" // specify the container name if you are backing up files from a docker container running on the server
}
Example request if you deployed the minecraft server from the minecraft-server-docker
repository here:
{
"host": "minecraft.towerofswole.com",
"source": ["/server/tos_world", "/server/whitelist.txt"],
"dest": "/tmp",
"upload": true,
"container": "minecraft"
}
Notes:
- Specify directories without the trailing forward slash, e.g.
/tmp
and not/tmp/
- Destination directory must not be a directory you are backing up
- When backing up a container, the backup zip will exist in the root directory of the container, and the destination directory of the host
To be created
To be created
- For
Backup
lambda, upload to bucket - For
Backup
lambda, include logging and error handling if container does not exist - For
Backup
lambda, include info logging for files attempting to be zipped that do not exist or are not found