mirror of
https://github.com/SyncrowIOT/web.git
synced 2025-07-09 14:47:23 +00:00
124 lines
3.9 KiB
TypeScript
124 lines
3.9 KiB
TypeScript
import * as cdk from "aws-cdk-lib";
|
|
import * as acm from "aws-cdk-lib/aws-certificatemanager";
|
|
import * as cloudfront from "aws-cdk-lib/aws-cloudfront";
|
|
import * as origins from "aws-cdk-lib/aws-cloudfront-origins";
|
|
import * as route53 from "aws-cdk-lib/aws-route53";
|
|
import * as targets from "aws-cdk-lib/aws-route53-targets";
|
|
import * as s3 from "aws-cdk-lib/aws-s3";
|
|
import * as s3deploy from "aws-cdk-lib/aws-s3-deployment";
|
|
import { Construct } from "constructs";
|
|
|
|
export interface WebStackProps extends cdk.StackProps {
|
|
certificateArn?: string;
|
|
}
|
|
|
|
export class WebStack extends cdk.Stack {
|
|
public readonly distributionUrl: string;
|
|
public readonly bucketName: string;
|
|
|
|
constructor(scope: Construct, id: string, props?: WebStackProps) {
|
|
super(scope, id, props);
|
|
|
|
const bucketName = `syncrow-web-${this.account}-${this.region}`;
|
|
|
|
const webBucket = new s3.Bucket(this, "SyncrowWebBucket", {
|
|
bucketName,
|
|
websiteIndexDocument: "index.html",
|
|
websiteErrorDocument: "index.html",
|
|
publicReadAccess: true,
|
|
blockPublicAccess: s3.BlockPublicAccess.BLOCK_ACLS,
|
|
removalPolicy: cdk.RemovalPolicy.DESTROY,
|
|
autoDeleteObjects: true,
|
|
});
|
|
|
|
// Use existing wildcard certificate in us-east-1 (required for CloudFront)
|
|
const webCertificate = props?.certificateArn
|
|
? acm.Certificate.fromCertificateArn(
|
|
this,
|
|
"WildcardCertificate",
|
|
props.certificateArn
|
|
)
|
|
: acm.Certificate.fromCertificateArn(
|
|
this,
|
|
"WildcardCertificate",
|
|
"arn:aws:acm:us-east-1:482311766496:certificate/b3ea57be-9bf0-4c66-8b01-9672ef1e8530"
|
|
);
|
|
|
|
// Get the hosted zone
|
|
const hostedZone = route53.HostedZone.fromLookup(this, "SyncrowZone", {
|
|
domainName: "syncrow.me",
|
|
});
|
|
|
|
const distribution = new cloudfront.Distribution(
|
|
this,
|
|
"SyncrowWebDistribution",
|
|
{
|
|
defaultBehavior: {
|
|
origin: new origins.S3Origin(webBucket),
|
|
viewerProtocolPolicy:
|
|
cloudfront.ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
|
|
cachePolicy: cloudfront.CachePolicy.CACHING_OPTIMIZED,
|
|
},
|
|
domainNames: ["app.syncrow.me"],
|
|
certificate: webCertificate,
|
|
defaultRootObject: "index.html",
|
|
errorResponses: [
|
|
{
|
|
httpStatus: 404,
|
|
responseHttpStatus: 200,
|
|
responsePagePath: "/index.html",
|
|
},
|
|
{
|
|
httpStatus: 403,
|
|
responseHttpStatus: 200,
|
|
responsePagePath: "/index.html",
|
|
},
|
|
],
|
|
}
|
|
);
|
|
|
|
// Create Route 53 record for app.syncrow.me
|
|
new route53.ARecord(this, "WebAliasRecord", {
|
|
zone: hostedZone,
|
|
recordName: "app",
|
|
target: route53.RecordTarget.fromAlias(
|
|
new targets.CloudFrontTarget(distribution)
|
|
),
|
|
});
|
|
|
|
new s3deploy.BucketDeployment(this, "SyncrowWebDeployment", {
|
|
sources: [s3deploy.Source.asset("./build/web")],
|
|
destinationBucket: webBucket,
|
|
distribution,
|
|
distributionPaths: ["/*"],
|
|
});
|
|
|
|
this.distributionUrl = "https://app.syncrow.me";
|
|
this.bucketName = bucketName;
|
|
|
|
new cdk.CfnOutput(this, "WebsiteUrl", {
|
|
value: this.distributionUrl,
|
|
description: "Web Application URL",
|
|
exportName: `${this.stackName}-WebsiteUrl`,
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "CloudFrontUrl", {
|
|
value: `https://${distribution.distributionDomainName}`,
|
|
description: "CloudFront Distribution URL",
|
|
exportName: `${this.stackName}-CloudFrontUrl`,
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "BucketName", {
|
|
value: this.bucketName,
|
|
description: "S3 Bucket Name",
|
|
exportName: `${this.stackName}-BucketName`,
|
|
});
|
|
|
|
new cdk.CfnOutput(this, "WildcardCertificateArn", {
|
|
value: webCertificate.certificateArn,
|
|
description: "Wildcard SSL Certificate ARN (us-east-1)",
|
|
exportName: `${this.stackName}-WildcardCertificateArn`,
|
|
});
|
|
}
|
|
}
|