[default]
app=nodered
env=dev

[nodered-dev]
awsRegion=ap-southeast-2
awsAccount=
###### networking & dns config
vpcCidrBlock=10.0.0.0/16
natGatewayCount=1
# allowed admin IPs
adminIps=192.0.2.1
###### database
# if you want a database to be created, you can set this to either 'instance' or 'cluster'
# to delete a db you previously created, you can set this to 'none' and redeploy the stack
dbConfig=instance
dbSnapshot=
dbSecretName=
# you can specify mysql or postgres
dbEngine=mysql
dbMajorVersion=8.0
dbFullVersion=8.0.28
dbClusterSize=2
dbInstanceType=t4g.micro
# set to yes or no
preventDeletion=yes
###### config for the admin and fleet ASGs
minMaxAdminInstances=[1,1]
minMaxFleetInstances=[1,1]
adminInstanceType=t4g.nano
fleetInstanceType=t4g.nano
# the parameter store value with the AMI ID in it
amiParameter=/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-arm64-gp2
# EFS config
efsMountDir=/var/www/html
efsProvisionedThroughputMb=
# the port that the targets will communicate on
targetPort=1880
# user data commands in an array. efs_fs_id, efs_mount_dir, site_hostname and db_secret_command will be interpolated into the strings if requested
adminUserData=["sudo yum install amazon-efs-utils jq gcc-c++ make -y", "mkdir -p {efs_mount_dir}", "echo \"{efs_fs_id}:/ {efs_mount_dir} efs _netdev,noresvport,tls,iam 0 0\" >> /etc/fstab", "mount -a -t efs -o tls,iam {efs_fs_id} {efs_mount_dir}", "curl -sL https://rpm.nodesource.com/setup_16.x | sudo -E bash -", "yum install -y nodejs", "sudo npm install -g --unsafe-perm node-red", "node-red -u {efs_mount_dir}"]
fleetUserData=["sudo yum install amazon-efs-utils jq gcc-c++ make -y", "mkdir -p {efs_mount_dir}", "echo \"{efs_fs_id}:/ {efs_mount_dir} efs _netdev,noresvport,tls,iam 0 0\" >> /etc/fstab", "mount -a -t efs -o tls,iam {efs_fs_id} {efs_mount_dir}", "curl -sL https://rpm.nodesource.com/setup_16.x | sudo -E bash -", "yum install -y nodejs", "sudo npm install -g --unsafe-perm node-red", "sudo npm install -g nodemon", "cd {efs_mount_dir}", "nodemon -L -e json /bin/node-red -u {efs_mount_dir}"]
adminUserDataScript=
fleetUserDataScript=
adminBuildTime=10
fleetBuildTime=5
###### cloudfront/WAF parameters
hostedZone=example.com
# if you want to specify it, otherwise will be created from app name and env values
subdomain=
# these paths won't be cached by CloudFront
uncachedPaths=["/*"]
# these cookies will be forwarded in the origin request
forwardedCookies=["*"]
# allowed networks, can specify multiple ranges, comma-separated
# to disable the allowlist, set allowedIps=* 
allowedIps=192.0.2.0/24
managedWafRules=["AWSManagedRulesAmazonIpReputationList","AWSManagedRulesKnownBadInputsRuleSet","AWSManagedRulesCommonRuleSet","AWSManagedRulesAnonymousIpList","AWSManagedRulesLinuxRuleSet"]

[nodered-test]
awsRegion=ap-southeast-2
awsAccount=
###### networking & dns config
hostedZone=example.com
vpcCidrBlock=10.0.0.0/16
natGatewayCount=2
# allowed admin IPs
adminIps=192.0.2.1
# if you want to specify it, otherwise will be created from app name and env values
subdomain=
###### database
# if you want a database to be created, you can set this to either 'instance' or 'cluster'
# to delete a db you previously created, you can set this to 'none' and redeploy the stack
dbConfig=instance
dbSnapshot=
dbSecretName=
# you can specify mysql or postgres
dbEngine=postgres
dbMajorVersion=14
dbFullVersion=14.4
dbInstanceType=t4g.micro
dbClusterSize=2
# set to yes or no
preventDeletion=yes
###### config for the admin and fleet ASGs
minMaxAdminInstances=[1,1]
minMaxFleetInstances=[1,1]
adminInstanceType=t4g.nano
fleetInstanceType=t4g.nano
# the parameter store value with the AMI ID in it
amiParameter=/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-arm64-gp2
# EFS config
efsMountDir=/var/www/html
efsProvisionedThroughputMb=1
# the port that the targets will communicate on
targetPort=1880
# user data commands in an array. efs_fs_id, efs_mount_dir, site_hostname and db_secret_command will be interpolated into the strings if requested
adminUserData=["sudo yum install amazon-efs-utils jq gcc-c++ make -y", "mkdir -p {efs_mount_dir}", "echo \"{efs_fs_id}:/ {efs_mount_dir} efs _netdev,noresvport,tls,iam 0 0\" >> /etc/fstab", "mount -a -t efs -o tls,iam {efs_fs_id} {efs_mount_dir}", "curl -sL https://rpm.nodesource.com/setup_16.x | sudo -E bash -", "yum install -y nodejs", "sudo npm install -g --unsafe-perm node-red", "node-red -u {efs_mount_dir}"]
fleetUserData=["sudo yum install amazon-efs-utils jq gcc-c++ make -y", "mkdir -p {efs_mount_dir}", "echo \"{efs_fs_id}:/ {efs_mount_dir} efs _netdev,noresvport,tls,iam 0 0\" >> /etc/fstab", "mount -a -t efs -o tls,iam {efs_fs_id} {efs_mount_dir}", "curl -sL https://rpm.nodesource.com/setup_16.x | sudo -E bash -", "yum install -y nodejs", "sudo npm install -g --unsafe-perm node-red", "sudo npm install -g nodemon", "cd {efs_mount_dir}", "nodemon -L -e json /bin/node-red -u {efs_mount_dir}"]
adminUserDataScript=
fleetUserDataScript=
adminBuildTime=10
fleetBuildTime=5
###### cloudfront/WAF parameters
# these paths won't be cached by CloudFront
uncachedPaths=["/*"]
# these cookies will be forwarded in the origin request
forwardedCookies=["*"]
# allowed networks, can specify multiple ranges, comma-separated
# to disable the allowlist, set allowedIps=* 
allowedIps=192.0.2.0/24
managedWafRules=["AWSManagedRulesAmazonIpReputationList","AWSManagedRulesKnownBadInputsRuleSet","AWSManagedRulesCommonRuleSet","AWSManagedRulesAnonymousIpList","AWSManagedRulesLinuxRuleSet"]


[wp-dev]
appName=wordpress
awsRegion=ap-southeast-2
awsAccount=
###### networking & dns config
hostedZone=example.com
vpcCidrBlock=10.0.0.0/16
natGatewayCount=1
# allowed admin IPs
adminIps=192.0.2.1
# if you want to specify it, otherwise will be created from app name and env values
subdomain=
###### database
# if you want a database to be created, you can set this to either instance or cluster
dbConfig=instance
dbSnapshot=
dbSecretName=
dbEngine=mysql
dbMajorVersion=8.0
dbFullVersion=8.0.28
dbClusterSize=2
dbInstanceType=t4g.micro
# set to yes or no
preventDeletion=yes
# EFS config
efsMountDir=/var/www/html
efsProvisionedThroughputMb=
###### config for the admin and fleet ASGs
amiParameter=/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-arm64-gp2
minMaxAdminInstances=[1,1]
minMaxFleetInstances=[1,1]
adminInstanceType=t4g.micro
fleetInstanceType=t4g.micro
# the port that the targets will communicate on
targetPort=80
# user data commands in an array. efs_fs_id, efs_mount_dir, site_hostname and db_secret_command will be interpolated into the strings if requested
adminUserData=["sudo yum install -y amazon-linux-extras amazon-efs-utils jq", "sudo amazon-linux-extras enable php7.4", "sudo yum clean metadata", "sudo yum install php php-{{pear,cgi,common,curl,mbstring,gd,mysqlnd,gettext,bcmath,json,xml,fpm,intl,zip,imap}}", "sudo yum install php-cli php-gd php-imagick php-intl php-pdo php-mbstring php-fpm php-json php-xml php-mysqlnd php-opcache httpd mariadb -y", "sudo usermod -a -G apache ec2-user", "sudo systemctl enable httpd", "systemctl enable php-fpm", "sudo mkdir -p /etc/systemd/system/httpd.service.requires", "sudo ln -s /usr/lib/systemd/system/htcacheclean.service /etc/systemd/system/httpd.service.requires", "mkdir -p {efs_mount_dir}", "echo \"{efs_fs_id}:/ {efs_mount_dir} efs _netdev,noresvport,tls,iam 0 0\" >> /etc/fstab", "mount -a -t efs -o tls,iam {efs_fs_id} {efs_mount_dir}"]
fleetUserData=["sudo yum install -y amazon-linux-extras amazon-efs-utils jq", "sudo amazon-linux-extras enable php7.4", "sudo yum clean metadata", "sudo yum install php php-{{pear,cgi,common,curl,mbstring,gd,mysqlnd,gettext,bcmath,json,xml,fpm,intl,zip,imap}}", "sudo yum install php-cli php-gd php-imagick php-intl php-pdo php-mbstring php-fpm php-json php-xml php-mysqlnd php-opcache httpd mariadb -y", "sudo usermod -a -G apache ec2-user", "sudo systemctl enable httpd", "systemctl enable php-fpm", "sudo mkdir -p /etc/systemd/system/httpd.service.requires", "sudo ln -s /usr/lib/systemd/system/htcacheclean.service /etc/systemd/system/httpd.service.requires", "mkdir -p {efs_mount_dir}", "echo \"{efs_fs_id}:/ {efs_mount_dir} efs _netdev,noresvport,tls,iam 0 0\" >> /etc/fstab", "mount -a -t efs -o tls,iam {efs_fs_id} {efs_mount_dir}"]
adminUserDataScript=configure_apache_install_wordpress_and_config.sh
fleetUserDataScript=configure_apache.sh
adminBuildTime=10
fleetBuildTime=7
###### cloudfront/WAF parameters
uncachedPaths=["/wp-login.php","/wp-admin/*","/wp-json/*","/contact/","/.well-known/*","/wp-cron.php","/xmlrpc.php","/wp-trackback.php","/wp-signup.php","*rest_route*"]
forwardedCookies=["cookiescomment_author_*","comment_author_email_*","comment_author_url_*","wordpress_logged_in_*","wordpress_test_cookie","wp-settings-*","PHPSESSID","wordpress_*","wordpress_sec_*"]
# allowed networks, can specify multiple ranges, comma-separated
# to disable the allowlist, set allowedIps=* 
allowedIps=192.0.2.0/24
managedWafRules=["AWSManagedRulesAmazonIpReputationList","AWSManagedRulesKnownBadInputsRuleSet","AWSManagedRulesCommonRuleSet","AWSManagedRulesAnonymousIpList","AWSManagedRulesLinuxRuleSet","AWSManagedRulesWordPressRuleSet"]