alrf
diff --git a/‎.gitignore
+8 b/‎.gitignore
+8
diff --git a/‎Dockerfile
+29 b/‎Dockerfile
+29
diff --git a/‎README.md
+59 b/‎README.md
+59
diff --git a/‎app/.editorconfig
+16 b/‎app/.editorconfig
+16
diff --git a/‎app/.env.example
+39 b/‎app/.env.example
+39
diff --git a/‎app/.gitattributes
+5 b/‎app/.gitattributes
+5
diff --git a/‎app/.gitignore
+14 b/‎app/.gitignore
+14
diff --git a/‎app/app/Console/Kernel.php
+42 b/‎app/app/Console/Kernel.php
+42
diff --git a/‎app/app/Exceptions/Handler.php
+51 b/‎app/app/Exceptions/Handler.php
+51
diff --git a/‎app/app/Http/Controllers/Auth/ForgotPasswordController.php
+32 b/‎app/app/Http/Controllers/Auth/ForgotPasswordController.php
+32
diff --git a/‎app/app/Http/Controllers/Auth/LoginController.php
+39 b/‎app/app/Http/Controllers/Auth/LoginController.php
+39
@@ -0,0 +1,8 @@
+*.tfstate
+*.tfstate.backup
+*.info
+.terraform
+*.svg
+
+
+
@@ -0,0 +1,29 @@
+FROM alpine:3.10
+
+RUN apk --no-cache add php7 php7-fpm php7-mysqli php7-dba php7-snmp php7-soap php7-bcmath php7-pdo php7-json php7-openssl php7-curl \
+	php7-zlib php7-xml php7-phar php7-intl php7-dom php7-xmlreader php7-ctype php7-session \
+	php7-mbstring php7-gd php7-tokenizer php7-pdo_mysql nginx supervisor curl && \
+	chown -R nobody.nobody /run && \
+	chown -R nobody.nobody /var/lib/nginx && \
+	chown -R nobody.nobody /var/tmp/nginx && \
+	chown -R nobody.nobody /var/log/nginx && \
+	mkdir -p /var/www/html
+
+COPY config/nginx.conf /etc/nginx/nginx.conf
+COPY config/fpm-pool.conf /etc/php7/php-fpm.d/www.conf
+COPY config/php.ini /etc/php7/conf.d/zzz_custom.ini
+COPY config/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+
+VOLUME /var/www/html
+
+USER nobody
+
+WORKDIR /var/www/html
+COPY --chown=nobody app/ /var/www/html/
+RUN chmod 755 /var/www/html/storage
+
+EXPOSE 8080
+
+CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
+
+HEALTHCHECK --timeout=10s CMD curl --silent --fail http://127.0.0.1:8080/fpm-ping
@@ -0,0 +1,59 @@
+# Simple Laravel (PHP framework) based application managed by Terraform and AWS.
+
+It uses EC2, ECS, RDS, CloudFront, S3 AWS services and was tested by Terraform v0.11.14 on us-east-2 AWS region.
+
+Directories description:
+
+`app` - Laravel application which uses RDS and CloudFront+S3 as content storage.
+
+`config` - Nginx and PHP-fpm configs for building the Docker image.
+
+`modules` - Terraform modules.
+
+Deployed application will be available as: http://YOUR_EC2_IP and DB connection check: http://YOUR_EC2_IP/dbcheck (or CHECK DB CONNECTION link on main page).
+
+
+## How to deploy
+
+Replace `CHANGE_ME` in terraform.tfvars file to proper values.
+
+The Docker image (`docker_image = "alrf/laravel:12345"` in terraform.tfvars) with configured Nginx, PHP and application code is already prepared and pushed, can be rebuilt by:
+
+`docker build -t alrf/laravel:12345 -f Dockerfile . --network=host`
+
+It doesn't contain any private data (like DB/AWS-creds, etc..) - application uses ENV-variables which are passed from terraform.tfvars as ENV-variables in ecs terraform module.
+
+Deploying to AWS:
+
+`terraform init`
+
+Terraform modules for VPC don't resolve dependancies correctly, so explictly build VPC first:
+
+`terraform apply -target=module.network`
+
+and now:
+
+`terraform apply`
+
+
+## Extra
+
+# Monitoring/Alerting
+
+CloudWatch Metrics (EC2, ECS metrics are available), CloudWatch Alarms can be used.
+
+# Security
+
+Different Security Groups for application and RDS are used.
+
+# Automation
+
+All variables for deployment are mananged by terraform.tfvars. 
+
+Further automation process can use Jenkins for building Docker images with updated application code and for building different AWS environments - scaled vertically (changing EC2 instance types) and horizontally (changing amount of instances).
+
+# Network diagrams
+
+Can be built by:
+
+`terraform graph modules/network | dot -Tsvg > graph.svg`
@@ -0,0 +1,16 @@
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+insert_final_newline = true
+indent_style = space
+indent_size = 4
+trim_trailing_whitespace = true
+
+[*.md]
+trim_trailing_whitespace = false
+
+[*.yml]
+indent_style = space
+indent_size = 2
@@ -0,0 +1,39 @@
+APP_NAME=Laravel
+APP_ENV=local
+APP_KEY=
+APP_DEBUG=true
+APP_URL=http://localhost
+
+LOG_CHANNEL=stack
+
+DB_CONNECTION=mysql
+DB_HOST=127.0.0.1
+DB_PORT=3306
+DB_DATABASE=homestead
+DB_USERNAME=homestead
+DB_PASSWORD=secret
+
+BROADCAST_DRIVER=log
+CACHE_DRIVER=file
+SESSION_DRIVER=file
+SESSION_LIFETIME=120
+QUEUE_DRIVER=sync
+
+REDIS_HOST=127.0.0.1
+REDIS_PASSWORD=null
+REDIS_PORT=6379
+
+MAIL_DRIVER=smtp
+MAIL_HOST=smtp.mailtrap.io
+MAIL_PORT=2525
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+
+PUSHER_APP_ID=
+PUSHER_APP_KEY=
+PUSHER_APP_SECRET=
+PUSHER_APP_CLUSTER=mt1
+
+MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
+MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
@@ -0,0 +1,5 @@
+* text=auto
+*.css linguist-vendored
+*.scss linguist-vendored
+*.js linguist-vendored
+CHANGELOG.md export-ignore
@@ -0,0 +1,14 @@
+/node_modules
+/public/hot
+/public/storage
+/storage/*.key
+/vendor
+/.idea
+/.vscode
+/.vagrant
+Homestead.json
+Homestead.yaml
+npm-debug.log
+yarn-error.log
+.env
+.phpunit.result.cache
@@ -0,0 +1,42 @@
+<?php
+
+namespace App\Console;
+
+use Illuminate\Console\Scheduling\Schedule;
+use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
+
+class Kernel extends ConsoleKernel
+{
+    /**
+     * The Artisan commands provided by your application.
+     *
+     * @var array
+     */
+    protected $commands = [
+        //
+    ];
+
+    /**
+     * Define the application's command schedule.
+     *
+     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
+     * @return void
+     */
+    protected function schedule(Schedule $schedule)
+    {
+        // $schedule->command('inspire')
+        //          ->hourly();
+    }
+
+    /**
+     * Register the commands for the application.
+     *
+     * @return void
+     */
+    protected function commands()
+    {
+        $this->load(__DIR__.'/Commands');
+
+        require base_path('routes/console.php');
+    }
+}
@@ -0,0 +1,51 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+
+class Handler extends ExceptionHandler
+{
+    /**
+     * A list of the exception types that are not reported.
+     *
+     * @var array
+     */
+    protected $dontReport = [
+        //
+    ];
+
+    /**
+     * A list of the inputs that are never flashed for validation exceptions.
+     *
+     * @var array
+     */
+    protected $dontFlash = [
+        'password',
+        'password_confirmation',
+    ];
+
+    /**
+     * Report or log an exception.
+     *
+     * @param  \Exception  $exception
+     * @return void
+     */
+    public function report(Exception $exception)
+    {
+        parent::report($exception);
+    }
+
+    /**
+     * Render an exception into an HTTP response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Exception  $exception
+     * @return \Illuminate\Http\Response
+     */
+    public function render($request, Exception $exception)
+    {
+        return parent::render($request, $exception);
+    }
+}
@@ -0,0 +1,32 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\SendsPasswordResetEmails;
+
+class ForgotPasswordController extends Controller
+{
+    /*
+    |--------------------------------------------------------------------------
+    | Password Reset Controller
+    |--------------------------------------------------------------------------
+    |
+    | This controller is responsible for handling password reset emails and
+    | includes a trait which assists in sending these notifications from
+    | your application to your users. Feel free to explore this trait.
+    |
+    */
+
+    use SendsPasswordResetEmails;
+
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest');
+    }
+}
@@ -0,0 +1,39 @@
+<?php
+
+namespace App\Http\Controllers\Auth;
+
+use App\Http\Controllers\Controller;
+use Illuminate\Foundation\Auth\AuthenticatesUsers;
+
+class LoginController extends Controller
+{
+    /*
+    |--------------------------------------------------------------------------
+    | Login Controller
+    |--------------------------------------------------------------------------
+    |
+    | This controller handles authenticating users for the application and
+    | redirecting them to your home screen. The controller uses a trait
+    | to conveniently provide its functionality to your applications.
+    |
+    */
+
+    use AuthenticatesUsers;
+
+    /**
+     * Where to redirect users after login.
+     *
+     * @var string
+     */
+    protected $redirectTo = '/home';
+
+    /**
+     * Create a new controller instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        $this->middleware('guest')->except('logout');
+    }
+}