Boilerplate for running Mastodon on AWS using Terraform and CircleCI.
┌---------------┐
| Web Browser |
└---------------┘
▲ ▲
| |
(HTTPS) (WebSocket)
| |
▼ |
┌------------┐ |
| CloudFront | |
└------------┘ |
▲ |
| |
(HTTP) |
| |
▼ ▼
┌---------------┐
| ALB |
└---------------┘
▲ ▲
| |
(HTTP) (WebSocket)
| |
▼ ▼
┌------------------------┐
| ┌-Docker-┐ ┌-Docker--┐ |
| | Puma | | Express | |
| └--------┘ └---------┘ |
| ┌-Docker--┐ |
| | Sidekiq | EC2 |
| └---------┘ |
└------------------------┘
▲ ▲
| |
▼ ▼
┌----------------┐ ┌-------------┐
| ┌------------┐ | | ┌-------┐ |
| | PostgreSQL | | | | Redis | |
| └------------┘ | | └-------┘ |
| RDS | | Elasticache |
└----------------┘ └-------------┘
- Fork this repository
- Enable CircleCI integration
- Set environment variables on CircleCI
- Run CircleCI job to create resources on AWS
- Build and push mastodon docker image via mastodon-docker
- Run
rails db:setupby running custom ECS task on AWS console
AWS IAM User access key ID for Terraform.
e.g. ABCDEFGHIJKLMNOPQRST
AWS region that the resources will be located in.
e.g. ap-northeast-1
AWS IAM User secret access key for Terraform.
e.g. abcdefghijklmnopqrstuvwxyz0123456789/+AB
Database password.
e.g. Generate a long random value like this:
ruby -r securerandom -e "puts SecureRandom.hex(64)"Mastodon Docker image tag to detect which image to be deployed on ECS. If you are using mastodon-docker to build and push it to ECR, the CircleCI build number will be the Docker image tag.
e.g. 123
Note: this variable is not required at the 1st time because we need to create ECR repository before building Mastodon Docker image.
One-time password secret
e.g. Generate a long random value like this:
ruby -r securerandom -e "puts SecureRandom.hex(64)"The secret key base.
e.g. Generate a long random value like this:
ruby -r securerandom -e "puts SecureRandom.hex(64)"Memory size for node_streaming ECS task.
default: 300
Memory size for rails_db_migration ECS task.
default: 300
Memory size for rails_db_set_up ECS task.
default: 300
Memory size for rails_puma ECS task.
default: 300
Memory size for rails_sidekiq ECS task.
default: 300
AWS IAM user access key ID for Rails to access to AWS API.
AWS IAM user secret access key for Rails to access to AWS API.
DB name.
default: mastodon
DB user name.
default: root
Default locale.
default: en
TF_VAR_mastodon_email_domain_blacklistTF_VAR_mastodon_email_domain_whitelistTF_VAR_mastodon_local_domainTF_VAR_mastodon_local_httpsTF_VAR_mastodon_node_envTF_VAR_mastodon_node_streaming_api_base_urlTF_VAR_mastodon_node_streaming_cluster_numTF_VAR_mastodon_node_streaming_log_levelTF_VAR_mastodon_node_streaming_portTF_VAR_mastodon_paperclip_root_pathTF_VAR_mastodon_paperclip_root_urlTF_VAR_mastodon_paperclip_secretTF_VAR_mastodon_prepared_statementsTF_VAR_mastodon_s3_bucketTF_VAR_mastodon_s3_cloudfront_hostTF_VAR_mastodon_s3_enabledTF_VAR_mastodon_s3_endpointTF_VAR_mastodon_s3_hostnameTF_VAR_mastodon_s3_protocolTF_VAR_mastodon_s3_regionTF_VAR_mastodon_single_user_modeTF_VAR_mastodon_smtp_auth_methodTF_VAR_mastodon_smtp_delivery_methodTF_VAR_mastodon_smtp_domainTF_VAR_mastodon_smtp_enable_starttls_autoTF_VAR_mastodon_smtp_from_addressTF_VAR_mastodon_smtp_loginTF_VAR_mastodon_smtp_openssl_verify_modeTF_VAR_mastodon_smtp_passwordTF_VAR_mastodon_smtp_portTF_VAR_mastodon_smtp_server
This boilerplate will create the following resources:
- module.mastodon.aws_alb_listener.mastodon_node_streaming:
- module.mastodon.aws_alb_listener.mastodon_rails_puma:
- module.mastodon.aws_alb_target_group.mastodon_node_streaming:
- module.mastodon.aws_alb_target_group.mastodon_rails_puma:
- module.mastodon.aws_alb.mastodon:
- module.mastodon.aws_autoscaling_group.mastodon:
- module.mastodon.aws_cloudfront_distribution.mastodon:
- module.mastodon.aws_cloudwatch_log_group.mastodon:
- module.mastodon.aws_db_instance.mastodon:
- module.mastodon.aws_db_parameter_group.mastodon:
- module.mastodon.aws_db_subnet_group.mastodon:
- module.mastodon.aws_ecr_repository.mastodon:
- module.mastodon.aws_ecs_cluster.mastodon:
- module.mastodon.aws_ecs_service.mastodon_node_streaming:
- module.mastodon.aws_ecs_service.mastodon_rails_puma:
- module.mastodon.aws_ecs_service.mastodon_rails_sidekiq:
- module.mastodon.aws_ecs_task_definition.mastodon_node_streaming:
- module.mastodon.aws_ecs_task_definition.mastodon_rails_db_migration:
- module.mastodon.aws_ecs_task_definition.mastodon_rails_db_set_up:
- module.mastodon.aws_ecs_task_definition.mastodon_rails_puma:
- module.mastodon.aws_ecs_task_definition.mastodon_rails_sidekiq:
- module.mastodon.aws_elasticache_cluster.mastodon:
- module.mastodon.aws_elasticache_subnet_group.mastodon:
- module.mastodon.aws_iam_instance_profile.mastodon:
- module.mastodon.aws_iam_policy_attachment.mastodon_ecs_ec2_instance:
- module.mastodon.aws_iam_policy_attachment.mastodon_ecs_service:
- module.mastodon.aws_iam_role.mastodon_ec2:
- module.mastodon.aws_iam_role.mastodon_ecs:
- module.mastodon.aws_internet_gateway.mastodon:
- module.mastodon.aws_launch_configuration.mastodon:
- module.mastodon.aws_route_table_association.mastodon_a:
- module.mastodon.aws_route_table_association.mastodon_c:
- module.mastodon.aws_route_table.mastodon:
- module.mastodon.aws_security_group.mastodon_alb:
- module.mastodon.aws_security_group.mastodon_db:
- module.mastodon.aws_security_group.mastodon_elasticache:
- module.mastodon.aws_security_group.mastodon_web:
- module.mastodon.aws_subnet.mastodon_private_a:
- module.mastodon.aws_subnet.mastodon_private_c:
- module.mastodon.aws_subnet.mastodon_public_a:
- module.mastodon.aws_subnet.mastodon_public_c:
- module.mastodon.aws_vpc.mastodon:
Pull Requests are welcome if you found bugs or features you think are missing.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent