thehelvetian

# Add an ALIAS record to ELB URL
aws route53 change-resource-record-sets 
    --hosted-zone-id /hostedzone/YOUR_HOSTED_ZONE_ID
    --change-batch '{
   "Changes":[
      {
         "Action":"CREATE",
         "ResourceRecordSet":{
            "Name":"laravelaws.com.",
            "Type":"A",

thehelvetian

# create a hosted zone for AWS to select NS servers for your domain
aws route53 create-hosted-zone
    --name laravelaws.com
    --caller-reference random_string_here
    
# wait for the hosted zone to be created

# retrieve NS records
aws route53 get-hosted-zone
        --id /hostedzone/YOUR_HOSTED_ZONE_ID

thehelvetian

# create a SSH tunnel to RDS through your bastion:
ssh -L 54320:your_rds_database_endpoint_here.your_region_here.rds.amazonaws.com:5432 
    ec2-user@<bastion_public_ip> 
    -i ./laravelaws.pem

# Your remote database is now accessible from port 54320 on your local machine
# I strongly recommend to create first thing a read-only user in your database
psql -h localhost -p 54320 -U postgres -W db_name_here
> CREATE ROLE lionel LOGIN PASSWORD 'a_unique_password_here';
> GRANT CONNECT ON DATABASE crvs TO lionel;

thehelvetian

# Use the Docker exec command to execute the Artisan commands inside the application container
docker exec -it CONTAINER_ID php artisan session:table
docker exec -it CONTAINER_ID php artisan migrate --force

thehelvetian

# Add your key to your SSH agent
ssh-add -K laravelaws.pem

# Verify that your private key is successfully loaded in your local SSH agent
ssh-add –L

# Use the -A option to enable forwarding of the authentication agent connection
ssh –A ec2-user@<bastion-public-IP-address>

# Once you are connected to the bastion, you can SSH into a private subnet instance

thehelvetian

aws ec2 run-instances 
    --image-id ami-c1a6bda2 
    --key-name laravelaws            # the SSH key pair we created earlier
    --security-group-ids sg-xxxxxxxx # our previous SG allowing access to the DB
    --subnet-id subnet-xxxxxxxx      # one of our public subnets
    --count 1 
    --instance-type t2.micro         # the smallest instance type allowed
    --tag-specifications 'ResourceType=instance,Tags=[{Key=Name,Value=bastion}]'

thehelvetian

# Building our Nginx Docker image and tagging it with the ECR URL
docker build -f Dockerfile-nginx -t YOUR_ECR_REGISTRY_URL_HERE:nginx .
docker push YOUR_ECR_REGISTRY_URL_HERE:nginx

# Building our Laravel Docker image and tagging it with the ECR URL
docker build -t YOUR_ECR_REGISTRY_URL_HERE:laravel .
docker push YOUR_ECR_REGISTRY_URL_HERE:laravel

thehelvetian

FROM nginx

ADD deploy/nginx/nginx.conf /etc/nginx/
ADD deploy/nginx/default.conf /etc/nginx/conf.d/

ADD public /usr/share/nginx/html

WORKDIR /usr/share/nginx/html

thehelvetian

FROM php:7.1-fpm

# Update packages and install composer and PHP dependencies.
RUN apt-get update && \
  DEBIAN_FRONTEND=noninteractive apt-get install -y \
    postgresql-client \
    libpq-dev \
    libfreetype6-dev \
    libjpeg62-turbo-dev \
    libmcrypt-dev \

thehelvetian

# This file is a template, and might need editing before it works on your project.
# Select image from https://hub.docker.com/_/php/
stages:
  - build_npm
  - build_and_test

# Select what we should cache between builds
cache:
  paths:
  - vendor/