ammar/backend
1
0
Fork 0
mirror of https://github.com/SyncrowIOT/backend.git synced 2025-07-10 15:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

import db

Browse Source
This commit is contained in:
Ammar Qaffaf
2025-07-08 13:25:23 +03:00
parent a269f833bc
commit 13064296a7
1 changed files with 17 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
infrastructure/stack.ts
View File

@ -100,23 +100,24 @@ export class BackendStack extends cdk.Stack {
'Allow HTTPS traffic' 'Allow HTTPS traffic'
); );
// RDS Aurora Serverless v2 PostgreSQL const dbCluster = rds.DatabaseCluster.fromDatabaseClusterAttributes(this, 'SyncrowDatabase', {
const dbCluster = new rds.DatabaseCluster(this, 'SyncrowDatabase', { clusterIdentifier: 'syncrow-backend',
instanceIdentifiers: ['syncrowdatabase-instance-1'],
engine: rds.DatabaseClusterEngine.auroraPostgres({ engine: rds.DatabaseClusterEngine.auroraPostgres({
version: rds.AuroraPostgresEngineVersion.VER_15_4, version: rds.AuroraPostgresEngineVersion.VER_16_6,
}), }),
vpc: this.vpc, port: 5432,
securityGroups: [dbSecurityGroup], securityGroups: [
serverlessV2MinCapacity: 0.5, ec2.SecurityGroup.fromSecurityGroupId(this, 'ImportedDbSecurityGroup', 'sg-07e163f588b2bac25')
serverlessV2MaxCapacity: 4, ],
writer: rds.ClusterInstance.serverlessV2('writer'), clusterEndpointAddress: 'syncrowdatabase.cluster-criskv1sdkq4.me-central-1.rds.amazonaws.com',
defaultDatabaseName: props?.databaseName || 'syncrow',
credentials: rds.Credentials.fromGeneratedSecret('syncrowadmin', {
secretName: 'syncrow-db-credentials',
}),
removalPolicy: cdk.RemovalPolicy.DESTROY,
}); });
// Import the existing database secret separately
const dbSecret = rds.DatabaseSecret.fromSecretCompleteArn(this, 'ImportedDbSecret',
'arn:aws:secretsmanager:me-central-1:482311766496:secret:rds!cluster-43ec14cd-9301-43e2-aa79-d330a429a126-v0JDQN'
);
// ECR Repository for Docker images - import existing repository // ECR Repository for Docker images - import existing repository
const ecrRepository = ecr.Repository.fromRepositoryName(this, 'SyncrowBackendRepo', 'syncrow-backend'); const ecrRepository = ecr.Repository.fromRepositoryName(this, 'SyncrowBackendRepo', 'syncrow-backend');
@ -175,7 +176,7 @@ export class BackendStack extends cdk.Stack {
AZURE_POSTGRESQL_HOST: dbCluster.clusterEndpoint.hostname, AZURE_POSTGRESQL_HOST: dbCluster.clusterEndpoint.hostname,
AZURE_POSTGRESQL_PORT: '5432', AZURE_POSTGRESQL_PORT: '5432',
AZURE_POSTGRESQL_DATABASE: props?.databaseName || 'syncrow', AZURE_POSTGRESQL_DATABASE: props?.databaseName || 'syncrow',
AZURE_POSTGRESQL_USER: 'syncrowadmin', AZURE_POSTGRESQL_USER: 'postgres',
AZURE_POSTGRESQL_SSL: process.env.AZURE_POSTGRESQL_SSL || 'false', AZURE_POSTGRESQL_SSL: process.env.AZURE_POSTGRESQL_SSL || 'false',
AZURE_POSTGRESQL_SYNC: process.env.AZURE_POSTGRESQL_SYNC || 'false', AZURE_POSTGRESQL_SYNC: process.env.AZURE_POSTGRESQL_SYNC || 'false',
@ -252,7 +253,7 @@ export class BackendStack extends cdk.Stack {
}, },
secrets: { secrets: {
AZURE_POSTGRESQL_PASSWORD: ecs.Secret.fromSecretsManager( AZURE_POSTGRESQL_PASSWORD: ecs.Secret.fromSecretsManager(
dbCluster.secret!, dbSecret,
'password' 'password'
), ),
}, },
@ -297,9 +298,7 @@ export class BackendStack extends cdk.Stack {
}); });
// Grant ECS task access to RDS credentials // Grant ECS task access to RDS credentials
if (dbCluster.secret) { dbSecret.grantRead(fargateService.taskDefinition.taskRole);
dbCluster.secret.grantRead(fargateService.taskDefinition.taskRole);
}
this.apiUrl = 'https://api.syncrow.me'; this.apiUrl = 'https://api.syncrow.me';
this.databaseEndpoint = dbCluster.clusterEndpoint.hostname; this.databaseEndpoint = dbCluster.clusterEndpoint.hostname;