Feature/aitokenteam

.github/workflows/call-swarms.yml

@@ -0,0 +1,27 @@
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - "feature/docker"
+#  pull_request:
+#    branches:
+#      - "main" 
+#    paths:
+#      - ".github/workflows/call-swarms.yaml"
+
+name: CallSwarms
+jobs:
+  caller-identity:    
+    name: Return the IAM user
+    permissions:
+      contents: read
+      id-token: write
+    runs-on: ubuntu-latest
+    steps:
+    - name: Configure AWS credentials
+      uses: aws-actions/configure-aws-credentials@v4
+      with:
+        aws-region: ${{ secrets.AWS_REGION }}
+        role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/github
+    - uses: actions/checkout@v2
+    - run: bash -x -e      ./actions/call_swarms.sh

.gitignore

@@ -88,3 +88,5 @@ flycheck_*.el
 # network security
 /network-security.data
 
+/logs/logs/
+.aider*

Makefile

@@ -0,0 +1,2 @@
+test:
+	find -name \*.tf -exec grep -r provider {} \; -print

README.md

@@ -1,17 +1,151 @@
 # terraform-template
 
+```
+git clone https://github.com/aitokenteam/ai-agent-terraform.git
+cd ai-agent-terraform/accounts/AI_Token_Team/
+git checkout feature/aitokenteam
+
+tofu init
+
+aws ecr create-repository --repository-name agent/eliza
+
+aws ssm put-parameter     --name "agent_openai_key"  --value "${OPENAI_API_KEY}" --type String
+
+tofu apply --target module.ssm_observer.aws_ssm_parameter.cw_agent_config --target module.ssm_observer.aws_ssm_parameter.cw_agent_config_details
+tofu apply 
+```
+
 Terraform project template for deploying infrastructure across multiple environments and regions, following best practices with modular structure and automated syntax checks (GitHub Actions)
 
+## Installation
+
+1. setup aws account
+2. create user with administrator privledges for terraform/tofu
+
+Directly attach Policy name 	`AdministratorAccess` to user 
+replace <USERNAME> in the following url
+`https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-2#/users/details/<USERNAME>?section=permissions`
+
+create access key
+https://us-east-1.console.aws.amazon.com/iam/home?region=us-east-2#/users/details/mdupont/create-access-key
+
+~/.aws/credentials
+
+aws cli install 
+https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
+
+`aws configure`
+
+opentofu install
+https://opentofu.org/docs/intro/install/
+
+Go to ami catalog in your region:
+https://us-west-1.console.aws.amazon.com/ec2/home?region=us-west-1#AMICatalog:
+
+Search for "ubuntu-noble-24.04-amd64-minimal" in the third tab "aws marketplace amis"
+
+Accept license.
+
+## Status report
+
+Currently we are building out a dev infrastructure using our existing code
+and adding in a docker target, this has the advantage that we can build and test
+the docker outside of aws and then deploy it easily.
+
 ## Repo structure
 
 ```
 terraform-template/                   # Root directory of the Terraform template repository
 ├── README.md                         # Project documentation and overview
-├── environments                      
+├── accounts
+│   ├── swarms                        # the main swarms account
+├── environments
 │   ├── swarms-aws-agent-api
 │   │   ├── dev                       # Development environment configuration for the demo-azure-vm setup
 │   │   │   └── us-east-1
 ├── modules                           # Directory containing reusable Terraform modules
 │   ├── swarms
 ```
 
+to ss to the server 
+`aws ssm start-session --target i-0e156165e86473c93 --profile mdupont --region us-east-2`
+
+to install secret
+`aws ssm put-parameter     --name "agent_openai_key"  --value "${OPENAI_API_KEY}" --type String`
+
+If you get this error:
+```
+│ Error: reading SSM Parameter (arn:aws:ssm:us-east-1:AKIA4SYAMCQ5MMLC6NU3:parameter/cloudwatch-agent/config/details): operation error SSM: GetParameter, https response error StatusCode: 400, RequestID: 159177cb-91f0-4c2e-a354-07cdc2e64041, api error ValidationException: Invalid Account Id in: arn:aws:ssm:us-east-1:AKIA4SYAMCQ5MMLC6NU3:parameter/cloudwatch-agent/config/details
+│   with module.eliza_server.module.eliza.module.lt_docker["t3a.small"].data.aws_ssm_parameter.cw_agent_config,
+│   on ../../environments/eliza-agent-api/components/launch_template_docker_mcs/main.tf line 77, in data "aws_ssm_parameter" "cw_agent_config":
+│   77: data "aws_ssm_parameter" "cw_agent_config" {
+```
+we need to apply this first:
+`tofu apply --target module.ssm_observer.aws_ssm_parameter.cw_agent_config --target module.ssm_observer.aws_ssm_parameter.cw_agent_config_details`
+
+check the ECR images 
+`aws ecr list-images --region us-east-2 --repository-name swarms/mcs`
+
+To login from docker to ecr
+`docker login -u AWS -p $(aws ecr get-login-password --region us-east-2) 767503528736.dkr.ecr.us-east-2.amazonaws.com'       767503528736.dkr.ecr.us-east-2.amazonaws.com/agent/eliza:latest`
+
+# setup 
+we dont use terraform for the ecr or the secrets because they will change so often here are the simple aws scripts for them.
+
+`aws ecr create-repository --repository-name agent/eliza`
+
+`set_secrets.sh` calls
+`aws ssm put-parameter     --name "agent_openai_key"  --value "${OPENAI_API_KEY}" --type String`
+
+## connecting with server
+`ssh-ssm.py` to find the server
+
+for example:
+`aws ssm start-session --target i-0e156165e86473c93 --profile mdupont --region us-east-2`
+
+## terraform-aws-oidc-github
+https://github.com/jmikedupont2/terraform-aws-oidc-github
+
+in my time 2024/12/18/terraform-aws-oidc-github on branch
+run the tofu apply in the example after editing the variables and files.
+
+# debug
+`pnpm start:debug --characters=./characters/eliza.character.json`
+start direct client here 
+
+# set the az 
+	 #~/terraform/accounts/AI_Token_Team/main.tf
+edit 
+   aws_availability_zones = ["us-west-1a","us-west-1b","us-west-1c"]
+
+if you ge the errro :
+00000003]
+module.ssm_setup.module.ssm.aws_s3_bucket_lifecycle_configuration.access_log_bucket: Creation complete after 32s [id=ai-token-team-session-access-logs-20250113203757298300000002]
+╷
+│ Error: creating EC2 Subnet: operation error EC2: CreateSubnet, https response error StatusCode: 400, RequestID: 05eeaa25-0855-4d71-8945-04b0d6233520, api error InvalidParameterValue: Value (us-west-1b) for parameter availabilityZone is invalid. Subnets can currently only be created in the following availability zones: us-east-1a, us-east-1b, us-east-1c, us-east-1d, us-east-1e, us-east-1f.
+│ 
+│   with module.eliza_server.module.vpc.module.vpc.aws_subnet.public[1],
+│   on .terraform/modules/eliza_server.vpc.vpc/main.tf line 98, in resource "aws_subnet" "public":
+│   98: resource "aws_subnet" "public" {
+│ 
+
+
+nter a value: yes
+
+# key pair
+module.eliza_server.module.eliza.module.asg["t3a.small"].module.autoscaling.aws_autoscaling_group.this[0]: Creating...
+╷
+│ Error: creating Auto Scaling Group (docker-agent-ami-t3a.small-20250113205357496400000001): operation error Auto Scaling: CreateAutoScalingGroup, https response error StatusCode: 400, RequestID: 380d0f57-bf60-40fd-ace6-d86563107c85, api error ValidationError: You must use a valid fully-formed launch template. The key pair  does not exist
+│ 
+│   with module.eliza_server.module.eliza.module.asg["t3a.small"].module.autoscaling.aws_autoscaling_group.this[0],
+│   on .terraform/modules/eliza_server.eliza.asg.autoscaling/main.tf line 347, in resource "aws_autoscaling_group" "this":
+│  347: resource "aws_autoscaling_group" "this" {
+│
+edit 
+~/terraform/environments/eliza-agent-api/components/keypairs/main.tf
+
+resource "aws_key_pair" "deployer" {
+   key_name   = "ai-token-deployer-key"
+   public_key = "<insert your personal cat ~/.ssh/id_pub.rsa"
+}
+

accounts/AI_Token_Team/main.tf

@@ -0,0 +1,58 @@
+provider "aws" {
+  region  = "us-west-1"
+  #profile = "ai-token-team"
+  profile = "default"
+}
+
+locals {
+  dns      = "aitokenteam.com" # fixme
+  region   = "us-west-1"
+  project  = "ai-token-team" # dont change
+}
+
+module "ssm_observer" {
+  source = "../../modules/aws/ssm/observability"
+  ami_id = data.aws_ami.ami.id
+}
+
+module "ssm_setup" {
+  source = "../../modules/aws/ssm/setup"
+  bucket_name = "${local.project}-session-logs"
+  access_log_bucket_name = "${local.project}-ssm-access-logs"
+  project = local.project
+ }
+
+ locals {
+   ami_name = "ubuntu-minimal/images/hvm-ssd-gp3/ubuntu-noble-24.04-amd64-minimal-*"
+ }
+ data "aws_ami" "ami" { # slow
+   most_recent      = true
+   owners       = ["679593333241"]
+   name_regex       = "^${local.ami_name}"
+  }
+
+ module "eliza_server" {
+   #count = 0
+   #aws_account_id = local.account
+   aws_account_id  =var.aws_account_id
+   region         = local.region
+   source         = "../../environments/eliza-agent-api/" # FIXME rename
+   domain         = local.dns
+   ami_id = data.aws_ami.ami.id
+   name = local.project
+   project = local.project
+   key_name =  "ai-token-deployer-key"
+   tags = { project = local.project }
+
+   branch = "feature/AI_Token_Team"
+   spot_max_price  = 0.028
+   instance_types = [
+    "t3a.small",
+#    "t3.small",
+#    "t2.small", 
+#    "t3.medium"  # works for sure
+
+ ]
+
+   aws_availability_zones = ["us-west-1a","us-west-1b","us-west-1c"]
+ }

accounts/AI_Token_Team/variables.tf

@@ -0,0 +1,54 @@
+variable "project_name" {
+  type    = string
+  default = "ai-token-team"
+}
+
+variable "profile" {
+  type    = string
+  default = "ai-token-team"
+}
+
+variable "aws_region" {
+  type    = string
+  default = "us-west-1"
+}
+
+variable "aws_account_id" {
+  type    = string
+  default = "699475930706"
+}
+
+variable "iam_user" {
+  type    = string
+  default = "aitokenteam"
+}
+
+variable "lock_resource" {
+  type    = string
+  default = "terraform/state/lock"
+}
+
+variable "partition" {
+  type    = string
+  default = "aws"
+}
+
+variable "logs_resource" {
+  type    = string
+  default = "aws_logs"
+}
+
+variable "permissions_check" {
+  type    = string
+  default = "config-permissions-check"
+}
+
+variable "delivery_service" {
+  type    = string
+  default = "delivery.logs.amazonaws.com"
+}
+
+variable "logging_service" {
+  type    = string
+  default = "logging.s3.amazonaws.com"
+}

accounts/mdupont/Makefile

@@ -1,3 +1,4 @@
 make :
-	#tofu init
+	tofu init
 	tofu plan
+	tofu apply

accounts/mdupont/custom_style.css

@@ -0,0 +1 @@
+.label-customizable {font-weight: 400;}

accounts/mdupont/data.tf

@@ -1,27 +1,23 @@
 # task create an output file for this module to expose all interesting data, include the ids of each resource.
-provider "aws" {
-  region = var.aws_region
-}
 
 data "aws_iam_user" "example_user" {
   user_name = var.iam_user
 }
 
-data "aws_dynamodb_table" "terraform_dynamo_table" {
-  name = var.table_name
-}
+#data "aws_dynamodb_table" "terraform_dynamo_table" {
+#  name = var.table_name
+#}
 
 
 # Data resource for AWS call identity
 data "aws_caller_identity" "current" {}
 
-data "aws_s3_bucket" "terraform_logging" {
-  bucket = "${var.project_name}-tf-state-log-${var.aws_region}"
-}
-
-data "aws_s3_bucket" "terraform_state" {
-  bucket = "${var.project_name}-tf-state-${var.aws_region}"
-}
+#data "aws_s3_bucket" "terraform_logging" {
+#  bucket = "${var.project_name}-tf-state-log-${var.aws_region}"
+#}
 
+#data "aws_s3_bucket" "terraform_state" {
+#  bucket = "${var.project_name}-tf-state-${var.aws_region}"
+#}
 
-data "aws_cloudtrail_service_account" "main" {}
+#data "aws_cloudtrail_service_account" "main" {}