Introduce Pulumi - Modern Infrastructure as Code 🎉

[ikovac]

This PR

• [x] Install Pulumi
• [x] Create custom VPC
• [x] Create an S3 bucket
• [x] Create a user with S3 access permission
• [x] Create Postgres instance
• [x] Create EC2 instance
• [x] Create and manage security groups for EC2 and Postgres
• [x] Generate RSA key pair for SSH access
• [x] Create an elastic IP address and associate it with the EC2 instance
• [x] Install the required software (Nginx, Nodejs, Certbot) and generate an SSL certificate for HTTPS connection
• [ ] Set up env variables after resources are deployed

Steps to reproduce and test

1. Sign in to the Pulumi
2. Do all Get started steps: https://www.pulumi.com/docs/get-started/aws/begin/ (Install Pulumi, configure AWS credentials...) A good practice is to create a new non-root AWS user for Pulumi deployment with restricted access. List of permissions which are required for this PR are listed below:
   • AmazonRDSFullAccess
   • AmazonEC2FullAccess
   • IAMFullAccess
   • AmazonS3FullAccess
3. Run npm install to install Pulumi packages
4. Navigate to the pulumi/eip folder
5. Run pulumi stack init stack_name for example pulumi stack init dev
6. Configure stack config. Run: pulumi config set aws:region us-east-1
7. Finally, create an elastic IP address by running pulumi up command. As the result, the output should be something like this: where ip stands for the elastic IP address which is created for us.
8. Ping DNS admin and ask for test extnsn.com subdomain with A record set to the newly created elastic IP address.
9. Now, when we have our elastic IP address we can navigate to the pulumi/infrastructure folder
10. Init your stack (Same as step 5), run: pulumi stack init dev
11. For SSH access to the EC2 instance we will need to generate RSA keypair by running: ssh-keygen -t rsa -f rsa -m PEM. Tutorial: https://github.com/pulumi/examples/tree/master/aws-ts-ec2-provisioners
12. Change RSA private key permission to 400 by running: chmod 400 rsa
13. Set all config variables listed in Pulumi.yaml under the config section by running: pulumi config set CONFIG_NAME CONFIG_VALUE and for secrets run: pulumi config set CONFIG_NAME CONFIG_VALUE --secret. For example, let's add RSA private and public keys to the pulumi config.
    • Public key: cat rsa.pub | pulumi config set publicKey --
    • Private key: cat rsa | pulumi config set privateKey --secret --
14. Rename Nginx config file found in scripts/ivo.extnsn.com to your domain name
15. Run pulumi up 🚀
16. SSH to your EC2 instance by running: ssh -i privateKey ubuntu@DOMAIN_NAME

❗❗ Feel free to ping me if you have any questions!

[ikovac]

I will close this PR for now due to inactivity. Hope to reopen it soon 🤞