mirror of
https://github.com/cdr/code-server.git
synced 2025-12-07 17:02:27 +01:00
b8094ac6a0
This commit adds complete Terraform infrastructure as code for deploying code-server on both EC2 and EKS platforms with enterprise-grade security and SAML/OIDC authentication. Features: - EC2 deployment with Auto Scaling Groups and Application Load Balancer - EKS deployment with managed node groups and AWS Load Balancer Controller - Private network setup with VPC, private subnets, and NAT gateways - SAML/OIDC authentication using OAuth2 Proxy - Security hardening: - KMS encryption for data at rest - TLS encryption in transit - IAM roles with least privilege - Security groups with minimal access - VPC Flow Logs - IMDSv2 enforcement - Auto-scaling capabilities for both EC2 and EKS - CloudWatch logging and monitoring - Automated deployment scripts Terraform Modules: - modules/vpc: VPC with public/private subnets, NAT, and VPC endpoints - modules/security: Security groups, IAM roles, and KMS keys - modules/ec2: EC2 Auto Scaling deployment with ALB - modules/eks: EKS cluster with managed node groups and addons Deployments: - deployments/ec2: EC2 deployment configuration - deployments/eks: EKS deployment configuration with Kubernetes manifests Documentation: - README.md: Comprehensive deployment and operations guide - QUICK-START.md: Quick reference for fast deployment - SAML-SETUP-GUIDE.md: Step-by-step IdP configuration guide Scripts: - scripts/deploy-ec2.sh: Automated EC2 deployment - scripts/deploy-eks.sh: Automated EKS deployment - scripts/destroy-ec2.sh: EC2 cleanup - scripts/destroy-eks.sh: EKS cleanup
62 lines
1.4 KiB
Bash
Executable file
62 lines
1.4 KiB
Bash
Executable file
#!/bin/bash
|
|
# Destroy script for Code-Server EKS deployment
|
|
|
|
set -e
|
|
|
|
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
|
|
DEPLOYMENT_DIR="${SCRIPT_DIR}/../deployments/eks"
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m' # No Color
|
|
|
|
echo_info() {
|
|
echo -e "${GREEN}[INFO]${NC} $1"
|
|
}
|
|
|
|
echo_warn() {
|
|
echo -e "${YELLOW}[WARN]${NC} $1"
|
|
}
|
|
|
|
echo_error() {
|
|
echo -e "${RED}[ERROR]${NC} $1"
|
|
}
|
|
|
|
cleanup_k8s_resources() {
|
|
echo_info "Cleaning up Kubernetes resources..."
|
|
|
|
# Delete Code-Server Helm release
|
|
helm uninstall code-server -n code-server 2>/dev/null || true
|
|
|
|
# Delete OAuth2 Proxy
|
|
kubectl delete -f "${DEPLOYMENT_DIR}/k8s/oauth2-proxy.yaml" 2>/dev/null || true
|
|
|
|
# Delete namespace
|
|
kubectl delete namespace code-server 2>/dev/null || true
|
|
|
|
echo_info "Kubernetes resources cleaned up!"
|
|
}
|
|
|
|
main() {
|
|
echo_warn "WARNING: This will destroy all Code-Server EKS infrastructure!"
|
|
echo_warn "This action cannot be undone!"
|
|
echo ""
|
|
|
|
read -p "Are you sure you want to continue? (type 'yes' to confirm): " response
|
|
if [ "$response" != "yes" ]; then
|
|
echo_info "Destruction cancelled."
|
|
exit 0
|
|
fi
|
|
|
|
cleanup_k8s_resources
|
|
|
|
echo_info "Destroying Code-Server EKS infrastructure..."
|
|
cd "${DEPLOYMENT_DIR}"
|
|
terraform destroy
|
|
|
|
echo_info "Destruction completed!"
|
|
}
|
|
|
|
main "$@"
|