Fly.io
Deploy Terrateam to Fly.io
Prerequisites
- Completed Step 1
- A private Terrateam GitHub application
- The Terrateam GitHub application settings file
- A Fly.io account
- Flyctl
New organization
- Set a random name for the Terrateam organization
export FLY_TERRATEAM_ORG="terrateam-$RANDOM"- Create the Fly organization
fly orgs create $FLY_TERRATEAM_ORGPostgreSQL
Create a new database
fly pg create -o $FLY_TERRATEAM_ORG -n $FLY_TERRATEAM_ORG-dbEnvironment variables
The Terrateam server expects the PostgreSQL database to use the md5 authentication method.
- Save the Fly.io application configuration
fly config save -a $FLY_TERRATEAM_ORG-db- Rename the
fly.toml
mv fly.toml fly-db.toml- Add the following to your local
fly-db.tomlin the[env]section:
POSTGRES_HOST_AUTH_METHOD = "md5"
POSTGRES_INITDB_ARGS = "--auth-host=md5"- Get the
IMAGEpath of your database
vagrant@vagrant:~$ fly status -a "$FLY_TERRATEAM_ORG-db"
ID STATE ROLE REGION CHECKS IMAGE CREATED UPDATED
3d8d9344a1e108 started primary ams 3 total, 3 passing flyio/postgres-flex:15.2 (v0.0.40) 2023-05-15T10:13:29Z 2023-05-15T10:13:44Z
vagrant@vagrant:~$ - Export the
IMAGEpath to an environment variable
export IMAGE="flyio/postgres-flex:15.2"- Update the application using your modified
fly-db.toml
fly deploy -a $FLY_TERRATEAM_ORG-db --config fly-db.toml -i "$IMAGE"Database setup
Create the Terrateam database, user and configure the password authentication method
- Connect to your database
fly postgres connect -a $FLY_TERRATEAM_ORG-db- Create the Terrateam database
postgres=# create database terrateam;
CREATE DATABASE
postgres=#- Set the password authentication method
postgres=# ALTER SYSTEM SET password_encryption = 'md5';
ALTER SYSTEM
postgres=# SELECT pg_reload_conf();
pg_reload_conf
----------------
t
(1 row)
postgres=# SHOW password_encryption;
password_encryption
---------------------
md5
(1 row)
postgres=# - Create the Terrateam user
CREATE USER terrateam WITH ENCRYPTED PASSWORD 'terrateam';
GRANT ALL PRIVILEGES ON DATABASE terrateam TO terrateam;
GRANT ALL ON SCHEMA public TO terrateam;
ALTER DATABASE terrateam OWNER TO terrateam;Terrateam Server
- Create the Terrateam application
flyctl apps create -o $FLY_TERRATEAM_ORG $FLY_TERRATEAM_ORG-server- Using your Terrateam GitHub application settings file, create the Fly.io secrets
flyctl secrets -a $FLY_TERRATEAM_ORG-server import < .env
flyctl secrets -a $FLY_TERRATEAM_ORG-server set DB_HOST="$FLY_TERRATEAM_ORG-db.internal"
flyctl secrets -a $FLY_TERRATEAM_ORG-server set DB_NAME="terrateam"
flyctl secrets -a $FLY_TERRATEAM_ORG-server set DB_PORT="5432"
flyctl secrets -a $FLY_TERRATEAM_ORG-server set DB_USER="terrateam"
flyctl secrets -a $FLY_TERRATEAM_ORG-server set DB_PASS="terrateam" # set to your strong password you used before- Create a local
fly-server.tomlfile
kill_signal = "SIGINT"
kill_timeout = 60
processes = []
[experimental]
allowed_public_ports = []
cmd = []
entrypoint = []
exec = []
[[services]]
internal_port = 8080
processes = []
protocol = "tcp"
[services.concurrency]
hard_limit = 100
soft_limit = 30
type = "connections"
[[services.http_checks]]
grace_period = "10s"
interval = "10s"
method = "get"
path = "/health"
protocol = "http"
restart_limit = 0
timeout = "2s"
tls_skip_verify = false
[services.http_checks.headers]
[[services.ports]]
force_https = true
handlers = ["http"]
port = 80
[[services.ports]]
handlers = ["tls", "http"]
port = 443
[deploy]
strategy = "rolling"
[metrics]
port = 8180
path = "/metrics"- Deploy the Terrateam server using your
fly-server.toml
fly deploy -a $FLY_TERRATEAM_ORG-server -i ghcr.io/terrateamio/terrateam:v1 -c fly-server.tomlGitHub application webhook URL
When the Terrateam server starts up, it will try to update the GitHub application Webhook URL if the following are true:
- The
TERRAT_API_BASEenvironment variable is unset - The
FLY_APP_NAMEenvironment variable is set - The
GITHUB_WEBHOOK_URL_UPDATEis set toTRUE(default isTRUE)
Install
Navigate to your private Terrateam GitHub application URL and Install
Next steps
Complete the Terrateam Self-Hosted Next Steps