へっぽこエンジニアの覚え書き

主に、バッチとTeraTermマクロのことについて書きます。

AWS EC2+RDSでWordpressを公開できる直前までのCloudFormationテンプレートを公開する

ドメイン登録とhttps化までやろうと思いましたが思ったより時間がないのでテンプレートの公開までにしておきます。
インストールページでRDSのエンドポイントを使います。
出力欄に表示されています。
出力されたIPに/wp-admin/install.phpでアクセスすればWordPressのインストール画面が表示されるはずです。
ドメイン登録とhttps化は時間があればいつかやるかもしれません。
RDSのエンドポイントを取得してmysqlコマンドと組み合わせて[mysql -h {endpoint}(←ここ) -u root -p] userdata内でRDSにログインできれば完璧なんですが日々勉強です。

AWSTemplateFormatVersion: 2010-09-09
Parameters:
  KeyPair:
    Type: AWS::EC2::KeyPair::KeyName

  LinuxLatestAmi:
    Type: AWS::SSM::Parameter::Value<String>
    Default: "/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2"

  InstanceType:
    Type: String
    AllowedValues: ["t2.nano", "t2.micro", "t2.small", "t2.medium", "t2.large", "t2.xlarge", "t2.2xlarge"]
    Default: "t2.micro"

  Prefix:
    Type: String

  DBInstanceName:
    Type: String
    Default: "rds"
    
  MySQLMajorVersion:
    Type: String
    Default: "5.7"
    AllowedValues: [ "5.6", "5.7" , "8.0" ]
    
  MySQLMinorVersion:
    Type: String
    Default: "22"
    
  DBInstanceClass:
    Type: String
    AllowedValues: ["db.t2.micro", "db.t2.small", "db.t2.medium", "db.t2.large", "db.t2.xlarge", "db.t2.2xlarge", "db.t3.micro", "db.t3.small", "db.t3.medium", "db.t3.large", "db.t3.xlarge", "db.t3.2xlarge"]
    Default: "db.t2.micro" 
    
  DBInstanceStorageSize:
    Type: String
    Default: "10"
    
  DBInstanceStorageType:
    Type: String
    Default: "gp2"
    
  DBName:
    Type: String
    Default: "wordpressdb"
    
  DBMasterUserName:
    Type: String
    Default: "root"
    MinLength: 1
    MaxLength: 16
    AllowedPattern: "[a-zA-Z][a-zA-Z0-9]*"
    ConstraintDescription: "must begin with a letter and contain only alphanumeric characters."
    
  DBPassword: 
    Default: "rdspassword"
    NoEcho: true
    Type: String
    MinLength: 8
    MaxLength: 41
    AllowedPattern: "[a-zA-Z0-9]*"
    ConstraintDescription: "must contain only alphanumeric characters."
    
  MultiAZ: 
    Default: "false"
    Type: String
    AllowedValues: [ "true", "false" ]
    
  VPCCIDR:
    Type: String
    Default: "10.0.0.0/16"

  PublicSubnetACIDR:
    Type: String
    Default: "10.0.1.0/24"

  PrivateSubnetACIDR:
    Type: String
    Default: "10.0.10.0/24"

  PrivateSubnetDCIDR:
    Type: String
    Default: "10.0.20.0/24"

  MainAvailabilityZone:
    Type: String
    AllowedValues: [ "ap-northeast-1a", "ap-northeast-1c" ,"ap-northeast-1d" ]
    Default: "ap-northeast-1a"
    ConstraintDescription: "EC2 Instance and RDS location"

  SubAvailabilityZone:
    Type: String
    AllowedValues: [ "ap-northeast-1a", "ap-northeast-1c" ,"ap-northeast-1d" ]
    Default: "ap-northeast-1d"
    ConstraintDescription: "Subnets that make up the DBSubnetGroup. Specify an MainAvailability Zone that is different from EC2 Instance."

Resources:
  VPC:
    Type: AWS::EC2::VPC
    Properties:
      CidrBlock: !Sub ${VPCCIDR}
      EnableDnsSupport: true
      Tags:
        - Key: Name
          Value: !Sub "VPC-${Prefix}"
  InternetGateway:
    Type: AWS::EC2::InternetGateway
    Properties:
      Tags:
        - Key: Name
          Value: !Sub "InternetGateway-${Prefix}"
  AttachGateway:
    Type: AWS::EC2::VPCGatewayAttachment
    Properties:
      VpcId: !Ref VPC
      InternetGatewayId: !Ref InternetGateway
  Route:
    Type: AWS::EC2::Route
    Properties:
      RouteTableId: !Ref RouteTable
      DestinationCidrBlock: 0.0.0.0/0
      GatewayId: !Ref InternetGateway
  RouteTable:
    Type: AWS::EC2::RouteTable
    Properties:
      VpcId: !Ref VPC
      Tags:
        - Key: Name
          Value: !Sub "RouteTable-${Prefix}"
  routeTableAssocName:
    Type: AWS::EC2::SubnetRouteTableAssociation
    Properties:
      SubnetId: !Ref PublicSubnetA
      RouteTableId: !Ref RouteTable
  PublicSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Sub ${MainAvailabilityZone}
      VpcId: !Ref VPC
      CidrBlock: !Sub ${PublicSubnetACIDR}
      MapPublicIpOnLaunch: 'true'
      Tags:
        - Key: Name
          Value: !Sub "PublicSubnetA-${Prefix}"
  PrivateSubnetA:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Sub ${MainAvailabilityZone}
      VpcId: !Ref VPC
      CidrBlock: !Sub ${PrivateSubnetACIDR}
      MapPublicIpOnLaunch: 'false'
      Tags:
        - Key: Name
          Value: !Sub "PrivateSubnetA-${Prefix}"
  PrivateSubnetD:
    Type: AWS::EC2::Subnet
    Properties:
      AvailabilityZone: !Sub ${SubAvailabilityZone}
      VpcId: !Ref VPC
      CidrBlock:  !Sub ${PrivateSubnetDCIDR}
      MapPublicIpOnLaunch: 'false'
      Tags:
        - Key: Name
          Value: !Sub "PrivateSubnetD-${Prefix}"
  EC2Linux:
    Type: AWS::EC2::Instance
    Properties:
      ImageId: !Ref LinuxLatestAmi
      AvailabilityZone: !Sub ${MainAvailabilityZone}
      InstanceType: !Ref InstanceType
      KeyName: !Ref KeyPair
      SubnetId: !Ref PublicSubnetA
      SecurityGroupIds:
        -  !GetAtt SecurityGroupLinux.GroupId
      UserData: !Base64 |
          #!/bin/bash
              sudo yum -y update
              sudo yum -y install httpd
              sudo systemctl start httpd
              sudo systemctl enable httpd
              chkconfig httpd on
              sudo yum -y install mysql
              sudo amazon-linux-extras install php7.3
              sudo yum -y install php-mbstring php-gd
              sudo systemctl restart httpd
              sudo timedatectl set-timezone Asia/Tokyo
              sudo localectl set-locale LANG=ja_JP.utf8
              mkdir /home/wordpress
              cd /home/wordpress
              wget https://wordpress.org/latest.tar.gz
              tar xzvf latest.tar.gz
              mv wordpress/* /var/www/html
              chown apache.apache -R /var/www/html
              chmod +w -R /var/www/html
      Tags:
      - Key: Name
        Value: !Sub "EC2Linux-${Prefix}"
  eipName:
    Type: AWS::EC2::EIP
    Properties:
      Domain: vpc
      InstanceId: !Ref EC2Linux
  SecurityGroupLinux:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: SGlinux
      VpcId: !Ref VPC
      SecurityGroupIngress:
      - IpProtocol: tcp
        FromPort: '22'
        ToPort: '22'
        CidrIp: 0.0.0.0/0
      - IpProtocol: tcp
        FromPort: '80'
        ToPort: '80'
        CidrIp: 0.0.0.0/0
      - IpProtocol: tcp
        FromPort: '443'
        ToPort: '443'
        CidrIp: 0.0.0.0/0
      Tags:
        - Key: Name
          Value: !Sub "SecurityGroupLinux-${Prefix}"
  rdsdbinstance:
    Type: AWS::RDS::DBInstance
    Properties: 
      AllocatedStorage: !Sub ${DBInstanceStorageSize}
      AllowMajorVersionUpgrade: false
      AutoMinorVersionUpgrade: false
      AvailabilityZone: !Sub ${MainAvailabilityZone}
      BackupRetentionPeriod: 1
      DBInstanceClass: !Sub ${DBInstanceClass}
      DBInstanceIdentifier: !Sub ${DBName}
      DBName: !Sub ${DBName}
      Engine: mysql
      EngineVersion: !Sub ${MySQLMajorVersion}
      MasterUsername: !Sub ${DBMasterUserName}
      MasterUserPassword: !Sub ${DBPassword}
      PubliclyAccessible: false
      StorageType: standard
      DBSubnetGroupName: !Ref DBSubnetGroup
      DBParameterGroupName: !Ref DBParameterGroup
      VPCSecurityGroups:
        - !Ref SecurityGroupRDS
      Tags: 
        - Key: Name
          Value: !Sub "RDS-${Prefix}"
  SecurityGroupRDS:
    Type: AWS::EC2::SecurityGroup
    Properties:
      GroupDescription: SGRDS
      VpcId: !Ref VPC
      SecurityGroupIngress:
      - IpProtocol: tcp
        FromPort: '3306'
        ToPort: '3306'
        SourceSecurityGroupId: !Ref SecurityGroupLinux
      Tags:
        - Key: Name
          Value: !Sub "SecurityGroupRDS-${Prefix}"
  DBSubnetGroup: 
    Type: "AWS::RDS::DBSubnetGroup"
    Properties: 
      DBSubnetGroupName: !Sub "rds-subnet-${Prefix}"
      DBSubnetGroupDescription: "-"
      SubnetIds: 
        - !Ref 'PrivateSubnetA'
        - !Ref 'PrivateSubnetD'
  DBParameterGroup:
    Type: "AWS::RDS::DBParameterGroup"
    Properties:
      Family: !Sub "MySQL${MySQLMajorVersion}"
      Description: !Sub "rds-parm-${Prefix}"

Outputs:
  DBInstanceEndpoint:
    Description: RDS Endpoint Address
    Value: !GetAtt rdsdbinstance.Endpoint.Address
    Export:
      Name: !Sub "endpoint"
  EIP:
    Description: Elastic IP Address
    Value: !Ref eipName
    Export:
      Name: !Sub "EIP"
  ReplicaJDBCConnectionString:
    Description: JDBC connection string for the replica database
    Value: !Join 
      - ''
      - - 'http://'
        - !GetAtt 
          - rdsdbinstance
          - Endpoint.Address