Yopass ECS Task Definition
This document provides a sample AWS ECS (Elastic Container Service) task definition for deploying Yopass, a self-hosted secret sharing platform. The task definition outlines the necessary configurations for running Yopass containers within AWS ECS.
Yopass Container Definition
The primary container, yopass-ui, utilizes the official jhaals/yopass:latest Docker image. It is configured to expose port 1337 and depends on a linked yopass-cache container for its caching layer.
Memcached Cache Container
A separate container, yopass-cache, is defined to run Memcached using the memcached:latest Docker image. This container serves as the caching backend for the Yopass UI.
IAM Roles and Permissions
Ensure that the executionRoleArn and taskRoleArn are correctly set to IAM roles with the necessary permissions for your ECS tasks to interact with AWS services.
Command and Configuration
The command parameter for the yopass-ui container specifies how to connect to the Memcached instance, using the service discovery name yopass-cache and its default port 11211.
Essential Container Setup
Both containers are marked as essential: true, meaning that if either container stops, the entire task will be stopped. The privileged: true setting is used here for simplicity, but for production environments, it's recommended to configure more granular permissions.
{
"family": "yopass",
"executionRoleArn":"arn:aws:iam::000000000000:role/ecs-exec-role",
"taskRoleArn":"arn:aws:iam::000000000000:role/ecs-task-role",
"containerDefinitions": [
{
"name": "yopass-ui",
"image": "jhaals/yopass:latest",
"memoryReservation": 256,
"portMappings":[
{
"protocol":"tcp",
"containerPort":1337,
"hostPort":0
}
],
"essential": true,
"privileged": true,
"links": [
"yopass-cache"
],
"command": [
"--memcached=yopass-cache:11211"
]
},
{
"name": "yopass-cache",
"image": "memcached:latest",
"memoryReservation": 256,
"essential": true,
"privileged": true
}
]
}