Merge pull request #597 from shaderecker/terraform-aws

Update AWS Terraform

cloud/terraform/aws/main.tf

@@ -60,7 +60,7 @@ resource "aws_instance" "tpot" {
     volume_size           = 128
     delete_on_termination = true
   }
-  user_data              = "${file("../cloud-init.yaml")}    content: ${base64encode(file("../tpot.conf"))}"
+  user_data         = templatefile("../cloud-init.yaml", {timezone = var.timezone, password = var.linux_password, tpot_flavor = var.tpot_flavor, web_user = var.web_user, web_password = var.web_password})
   vpc_security_group_ids = [aws_security_group.tpot.id]
   associate_public_ip_address = true
 }

cloud/terraform/aws/variables.tf

@@ -52,3 +52,29 @@ variable "ec2_ami" {
     "us-west-2"      = "ami-023b7a69b9328e1f9"
   }
 }
+
+# cloud-init configuration
+variable "timezone" {
+  default = "UTC"
+}
+
+variable "linux_password" {
+  #default = "LiNuXuSeRPaSs#"
+  description = "Set a password for the default user"
+}
+
+# These will go in the generated tpot.conf file
+variable "tpot_flavor" {
+  default = "STANDARD"
+  description = "Specify your tpot flavor [STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN]"
+}
+
+variable "web_user" {
+  default = "webuser"
+  description = "Set a username for the web user"
+}
+
+variable "web_password" {
+  #default = "w3b$ecret"
+  description = "Set a password for the web user"
+}

cloud/terraform/cloud-init.yaml

@@ -1,9 +1,5 @@
 #cloud-config
-timezone: UTC
-
-package_update: true
-package_upgrade: true
-package_reboot_if_required: true
+timezone: ${timezone}
 
 packages:
   - git
@@ -12,14 +8,18 @@ runcmd:
   - git clone https://github.com/dtag-dev-sec/tpotce /root/tpot
   - /root/tpot/iso/installer/install.sh --type=auto --conf=/root/tpot.conf
   - rm /root/tpot.conf
-  - /sbin/shutdown -r +5
+  - /sbin/shutdown -r now
+
+password: ${password}
+chpasswd:
+  expire: false
 
-# The contents of tpot.conf will be base64 encoded and appended to this file
-# via the terraform configuration in main.tf
-#
-# Make sure there are no trailing new lines after "permissions" below
 write_files:
-  - encoding: b64
+  - content: |
+      # tpot configuration file
+      myCONF_TPOT_FLAVOR='${tpot_flavor}'
+      myCONF_WEB_USER='${web_user}'
+      myCONF_WEB_PW='${web_password}'
     owner: root:root
     path: /root/tpot.conf
     permissions: '0600'

cloud/terraform/tpot.conf

@@ -1,5 +0,0 @@
-# tpot configuration file
-# myCONF_TPOT_FLAVOR=[STANDARD, SENSOR, INDUSTRIAL, COLLECTOR, NEXTGEN]
-myCONF_TPOT_FLAVOR='STANDARD'
-myCONF_WEB_USER='webuser'
-myCONF_WEB_PW='w3b$ecret'