This repository contains terraform files that builds an instance of
crates.io for experimentation with the
https://github.com/caeg-industries/crates.io subcrates branch.
Install the aws cli package for your platform.
On MacOS:
brew install awscliCurrently these files are tested with a Amazon Root User. Create an access key by navigating to:
Account -> Security Credentials -> Access keys
Then run the following to configure the aws cli to use the credentials provided:
aws configureYou can update any of the values in the variables.tf before you run terraform in order to customize items such as the AWS region to use.
Derived from https://github.com/rust-lang/crates.io/blob/master/docs/CONTRIBUTING.md
In order to publish a crate, you need an API token. In order to get an API
token, you need to be able to log in with GitHub OAuth. In order to be able to
log in with GitHub, you need to create an application with GitHub and specify
the gh_client_id and gh_client_secret variables in your aws.tfvars file below.
To create an application with GitHub, go to Settings -> Developer Settings -> OAuth Applications and click on the "Register a new application" button. Fill in the form as follows:
- Application name: name your application whatever you'd like.
- Homepage URL:
https://<SAME AS site_fqdn BELOW>/ - Authorization callback URL:
https://<SAME AS site_fqdn BELOW>/authorize/github
Create a aws.tfvars file, note that all of the values in the file
need to be replaced by you (my_*).
site_fqdn = "crates.my_site.example"
git_repo_url = "https://github.com/my_organization/crates.io-namespace-fork-index"
git_ssh_repo_url = "ssh://[email protected]:22/my_organization/crates.io-namespace-fork-index.git"
gh_client_secret = "my_gh_client_secret"
gh_client_id = "my_gh_client_id"
s3_access_key = "my_s3_access_key"
s3_secret_key = "my_s3_secret_key"
Install terraform using the Install
Terraform
instructions provided by Hashicorp.
Then run:
terraform init
terraform plan -var-file aws.tfvars
terraform apply -var-file aws.tfvarsWhen the script completes you will need to do two things:
Please check the output of the terraform run and update your DNS accordingly.
Once you are able to resolve the DNS host (in site_fqdn above), proceed to the next step.
Hint: Use
ping,digornslookupto test
IMPORTANT Do NOT proceed beyond this point until DNS is set up correctly and confirmed to work.
This step secures access to the instance through the use of TLS, courtesy of Let’s Encrypt.
Shell into the instance using the output of ssh, then run the
following command, completing the prompts as appropriate.
sudo sh secure.shRun this command:
cat ~/.ssh/authorized_keysAdd the output to the Git Deploy keys of the Git Repository specified
above (git_repo_url)
(ie. https://github.com/my_organization/crates.io-namespace-fork-index/settings/keys).
Be sure to enable Allow write access.
Connect to your sever on https://site_fqdn <- Use the value you chose above.
Further instructions can be found on the homepage.
Destroy the aws infrastructure:
terraform refresh
terraform destroy-
Delete the
sshkey in your github repo's Deploy Keys -
Detete the GitHub OAuth credentials you created