-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcloudformation.yaml
248 lines (243 loc) · 7.52 KB
/
cloudformation.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
AWSTemplateFormatVersion: "2010-09-09"
Description: Deploy GeyseMC proxy in any region
Parameters:
CIDR:
Description: Subnet IP range
Type: String
Default: 10.0.0.0/28
ClientIP:
Description: Client IP
Type: String
GeyserPort:
Description: Proxy port
Type: Number
Default: 19132
InstanceType:
Description: EC2 instance type
Type: String
Default: t2.micro
ServerDomain:
Description: Server domain
Type: String
ServerPort:
Description: Server port
Type: Number
Default: 25565
Mappings:
AMI:
ap-northeast-1:
Ubuntu2004LTS: ami-02a56e430b32bc0ba
ap-northeast-2:
Ubuntu2004LTS: ami-0cceb8e71553d73f0
ap-northeast-3:
Ubuntu2004LTS: ami-0c2a318a1451b5e04
ap-south-1:
Ubuntu2004LTS: ami-01ad2fc4607cc742e
ap-southeast-1:
Ubuntu2004LTS: ami-072466d111bc68d81
ap-southeast-2:
Ubuntu2004LTS: ami-0606a3915440b2b72
ca-central-1:
Ubuntu2004LTS: ami-07e39d7bd85085b96
eu-central-1:
Ubuntu2004LTS: ami-0afc0414aefc9eaa7
eu-north-1:
Ubuntu2004LTS: ami-0aacae1c06b3c30a0
eu-west-1:
Ubuntu2004LTS: ami-0c1aea1d6f3bdd76b
eu-west-2:
Ubuntu2004LTS: ami-00f314baca4922fe3
eu-west-3:
Ubuntu2004LTS: ami-021a18be6333356c7
sa-east-1:
Ubuntu2004LTS: ami-0a62c6929da4659cb
us-east-1:
Ubuntu2004LTS: ami-089b5711e63812c2a
us-east-2:
Ubuntu2004LTS: ami-0ac4906b9504bec77
us-west-1:
Ubuntu2004LTS: ami-04b8a53b12fd66ba7
us-west-2:
Ubuntu2004LTS: ami-0f6970790b38613ef
Resources:
VPC:
Type: AWS::EC2::VPC
Properties:
CidrBlock: !Ref CIDR
Tags:
- Key: Application
Value: !Ref AWS::StackName
- Key: Name
Value: !Sub ${AWS::StackName}-VPC
InternetGateway:
Type: AWS::EC2::InternetGateway
Properties:
Tags:
- Key: Application
Value: !Ref AWS::StackName
- Key: Name
Value: !Sub ${AWS::StackName}-InternetGateway
VPCGatewayAttachment:
Type: AWS::EC2::VPCGatewayAttachment
Properties:
VpcId: !Ref VPC
InternetGatewayId: !Ref InternetGateway
PublicSubnet:
Type: AWS::EC2::Subnet
Properties:
VpcId: !Ref VPC
CidrBlock: !Ref CIDR
MapPublicIpOnLaunch: true
Tags:
- Key: Application
Value: !Ref AWS::StackName
- Key: Name
Value: !Sub ${AWS::StackName}-PublicSubnet
PublicRouteTable:
Type: AWS::EC2::RouteTable
Properties:
VpcId: !Ref VPC
Tags:
- Key: Application
Value: !Ref AWS::StackName
- Key: Name
Value: !Sub ${AWS::StackName}-PublicRouteTable
PublicRoute:
Type: AWS::EC2::Route
DependsOn: VPCGatewayAttachment
Properties:
RouteTableId: !Ref PublicRouteTable
DestinationCidrBlock: 0.0.0.0/0
GatewayId: !Ref InternetGateway
PublicSubnetRouteTableAssociation:
Type: AWS::EC2::SubnetRouteTableAssociation
Properties:
SubnetId: !Ref PublicSubnet
RouteTableId: !Ref PublicRouteTable
InstanceRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- ec2.amazonaws.com
Action:
- sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
InstanceProfile:
Type: AWS::IAM::InstanceProfile
Properties:
InstanceProfileName: !Sub ${AWS::StackName}-InstanceProfile
Roles:
- !Ref InstanceRole
GeyserSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
GroupName: !Sub ${AWS::StackName}-GeyserSecurityGroup
GroupDescription: Allow incoming connections to Geyser proxy from given ClientIP
VpcId: !Ref VPC
SecurityGroupIngress:
- Description: Geyser proxy
IpProtocol: udp
FromPort: !Ref GeyserPort
ToPort: !Ref GeyserPort
CidrIp: !Sub ${ClientIP}/32
Instance:
Type: AWS::EC2::Instance
Properties:
ImageId: !FindInMap [ AMI, !Ref AWS::Region, Ubuntu2004LTS ]
InstanceType: !Ref InstanceType
IamInstanceProfile: !Ref InstanceProfile
SubnetId: !Ref PublicSubnet
SecurityGroupIds:
- !GetAtt GeyserSecurityGroup.GroupId
UserData:
Fn::Base64: !Sub |
#!/bin/bash -xe
apt-get --yes update
apt-get --yes upgrade
wget https://s3.amazonaws.com/cloudformation-examples/aws-cfn-bootstrap-py3-latest.tar.gz
mkdir -p /opt/aws/bin
python3 -m easy_install --script-dir /opt/aws/bin aws-cfn-bootstrap-py3-latest.tar.gz
/opt/aws/bin/cfn-init --verbose --region ${AWS::Region} --stack ${AWS::StackName} --resource Instance
/opt/aws/bin/cfn-signal --exit-code $? --region ${AWS::Region} --stack ${AWS::StackName} --resource Instance
Tags:
- Key: Application
Value: !Ref AWS::StackName
- Key: Name
Value: !Sub ${AWS::StackName}-Instance
CreationPolicy:
ResourceSignal:
Count: 1
Timeout: PT15M
Metadata:
AWS::CloudFormation::Init:
config:
commands:
01_enable_cfn_hup:
command: systemctl enable cfn-hup.service
02_start_cfn_hup:
command: systemctl start cfn-hup.service
03_install_java:
command: apt-get --yes install openjdk-16-jre-headless
04_download_geyser:
command: wget https://ci.opencollab.dev/job/GeyserMC/job/Geyser/job/master/lastSuccessfulBuild/artifact/bootstrap/standalone/target/Geyser.jar -O /opt/geyser/Geyser.jar
05_enable_geyser:
command: systemctl enable geyser.service
06_start_geyser:
command: systemctl start geyser.service
files:
/etc/cfn/cfn-hup.conf:
content: !Sub |
[main]
stack=${AWS::StackId}
region=${AWS::Region}
interval=1
mode: '000400'
owner: root
group: root
/lib/systemd/system/cfn-hup.service:
content: !Sub |
[Unit]
Description=cfn-hup daemon
[Service]
Type=simple
ExecStart=/opt/aws/bin/cfn-hup
Restart=always
[Install]
WantedBy=multi-user.target
mode: '000644'
owner: root
group: root
/lib/systemd/system/geyser.service:
content: !Sub |
[Unit]
Description=GeyserMC daemon
[Service]
Type=simple
ExecStart=/opt/geyser/run.sh
Restart=always
[Install]
WantedBy=multi-user.target
mode: '000644'
owner: root
group: root
/opt/geyser/run.sh:
content: !Sub |
#!/bin/sh
cd "$( dirname "$0" )"
java -Xms1024M -jar Geyser.jar --bedrock.port=${GeyserPort} --remote.address=${ServerDomain} --remote.port=${ServerPort}
mode: '000744'
owner: root
group: root
Outputs:
DirectGeyser:
Description: Ip:Port of the newly created Geyser proxy
Value: !Sub ${Instance.PublicIp}:${GeyserPort}
AWSInstanceId:
Description: InstanceId of the newly created EC2 instance
Value: !Ref Instance