Drupal - CiviCRM Ansible Demo installation to AWS
- Cloud installation of Drupal 7 and CiviCRM in a secure fashion with SSL certificates from https://letsencrypt.org/ using Ansible.
- The target server is an EC2 instance configured with a new security group.
- A Route 53 Record Set is created in a registered domain so access to the app over the internet is possible (using SSL).
- The server uses Nginx on an AWS micro instance.
- CiviCRM and Drupal are installed in different databases as this is considered best practice.
- Nginx secure configurations made for both Drupal and CiviCRM.
- Drupal configured to have a private files folder. This is secure within the NGINX configuration.
- CiviCRM settings modified so that CiviCRM extension directory is set using settings files variables
- The playbook is to be aimed for use on a Debian based OS. It was tested running on Ubuntu 18.04 LTS.
- Drush is installed to the server for the appropriate user.
- Git is installed in the server for the appropriate user.
- python 2.7
- boto
- boto3
- ansible 2.6.4
To be able to use the AWS via Ansible we are going to use boto and boto3 libraries.
- Leverage your privileges
$ sudo su
- Install prerequisites
$ apt install -y python-pip
$ pip install boto
$ pip install boto3
$ apt install -y ansible
-
A keypair and a keypair path must be given as values for 'keypair' and 'keypair_path variables in site.yml.
-
AWS credentials need to be given. There are many different ways to do it, I suggest storing the creds in environment variables:
$ export AWS_ACCESS_KEY_ID="<Key_value_here>"
$ export AWS_SECRET_ACCESS_KEY="<key_value_here>"
-
Update
<key_value_here>
to match your credentials. -
Change to the directory containing the ansible files:
$ ansible-playbook site.yml
For verbose output, use -vvv
$ ansible-playbook -vvv site.yml
Wait for the deployment to be completed.
https://site.raolivei.net
site: Demo Site
account name: admin
account pass: admin
db name: drupal
db user: drupal_user
db pass: DrupalSecretPassword
db name: civicrm
user: civicrm_user
pass: CiviCrmSecretPassword
Thank you.
Rafael Oliveira
2 Oct 2018
https://docs.nginx.com/nginx/deployment-guides/amazon-ec2-instances-for-nginx/
https://letsencrypt.org/getting-started/
https://github.com/certbot/certbot
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/configuration.html
http://docs.pythonboto.org/en/latest/boto_config_tut.html#credentials
http://stackoverflow.com/