sumomo 0.8.4 → 0.8.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. checksums.yaml +5 -5
  2. data/.rubocop.yml +1 -0
  3. data/.rubocop_todo.yml +169 -0
  4. data/Gemfile +2 -0
  5. data/Rakefile +5 -3
  6. data/bin/console +4 -3
  7. data/data/sumomo/api_modules/node_modules/.bin/uuid +1 -1
  8. data/data/sumomo/custom_resources/TempS3Bucket.js +208 -0
  9. data/exe/sumomo +42 -41
  10. data/lib/sumomo.rb +235 -233
  11. data/lib/sumomo/api.rb +148 -151
  12. data/lib/sumomo/cdn.rb +119 -113
  13. data/lib/sumomo/dns.rb +20 -20
  14. data/lib/sumomo/ec2.rb +490 -491
  15. data/lib/sumomo/ecs.rb +256 -262
  16. data/lib/sumomo/irregular.rb +9 -0
  17. data/lib/sumomo/momo_extensions/resource.rb +8 -7
  18. data/lib/sumomo/momo_extensions/stack.rb +4 -3
  19. data/lib/sumomo/network.rb +109 -106
  20. data/lib/sumomo/stack.rb +191 -189
  21. data/lib/sumomo/version.rb +3 -1
  22. data/sumomo.gemspec +23 -22
  23. metadata +25 -22
data/lib/sumomo/api.rb CHANGED
@@ -1,117 +1,118 @@
1
+ # frozen_string_literal: true
2
+
3
+ require 'sumomo/irregular'
1
4
 
2
5
  module Sumomo
3
6
  module Stack
4
-
5
7
  class APIGenerator
8
+ extend HasIrregularlyNamedFunctions
6
9
 
7
10
  class CorsInfo
11
+ extend HasIrregularlyNamedFunctions
8
12
  attr_accessor :allowed_origins, :allowed_headers
9
13
 
10
14
  def apply(&block)
11
- @allowed_origins = []
12
- @allowed_headers = []
13
- instance_eval(&block) if block
15
+ @allowed_origins = []
16
+ @allowed_headers = []
17
+ instance_eval(&block) if block
14
18
  end
15
19
 
16
- def AllowOrigin(value)
17
- @allowed_origins << value
20
+ defi :AllowOrigin do |value|
21
+ @allowed_origins << value
18
22
  end
19
23
 
20
- def AllowHeader(value)
21
- @allowed_headers << value
24
+ defi :AllowHeader do |value|
25
+ @allowed_headers << value
22
26
  end
23
27
  end
24
28
 
25
29
  def initialize(pretty_print: false, &block)
26
30
  @methods = {}
27
31
  @cors = CorsInfo.new
28
- @script = ""
32
+ @script = ''
29
33
  # defaults
30
34
  @cors.apply do
31
- AllowOrigin "*"
32
- AllowHeader 'origin'
33
- AllowHeader 'content-type'
34
- AllowHeader 'accept'
35
- AllowHeader 'cache-control'
36
- AllowHeader 'x-requested-with'
37
- AllowHeader 'if-modified-since'
35
+ AllowOrigin '*'
36
+ AllowHeader 'origin'
37
+ AllowHeader 'content-type'
38
+ AllowHeader 'accept'
39
+ AllowHeader 'cache-control'
40
+ AllowHeader 'x-requested-with'
41
+ AllowHeader 'if-modified-since'
38
42
  end
39
43
  @pretty_print = pretty_print
40
44
  instance_eval(&block)
41
45
  end
42
46
 
43
47
  def method_missing(name, *args, &block)
44
- "#{name}".split("_").each do |meth|
45
- valid_methods = ["GET", "PUT", "POST", "PATCH", "DELETE", "HEAD", "OPTIONS"]
46
- if valid_methods.include?("#{meth}")
48
+ name.to_s.split('_').each do |meth|
49
+ valid_methods = %w[GET PUT POST PATCH DELETE HEAD OPTIONS]
50
+ if valid_methods.include?(meth.to_s)
47
51
  path = args[0]
48
- @methods[path] = {} if !@methods.has_key?(path)
49
-
50
- @methods[path][meth] = { script: args.last, params: args.select{|arg| arg.is_a?(Symbol) && /\A[a-zA-Z\-0-9_]+\Z/.match("#{arg}") } }
52
+ @methods[path] = {} unless @methods.key?(path)
53
+
54
+ @methods[path][meth] = { script: args.last, params: args.select { |arg| arg.is_a?(Symbol) && /\A[a-zA-Z\-0-9_]+\Z/.match(arg.to_s) } }
51
55
  else
52
56
  super
53
57
  end
54
58
  end
55
59
  end
56
60
 
57
- def CORS(&block)
61
+ defi :CORS do |&block|
58
62
  @cors.apply(&block)
59
63
  end
60
64
 
61
- def SCRIPT(value)
65
+ defi :SCRIPT do |value|
62
66
  @script = value
63
67
  end
64
68
 
65
69
  def init_script
66
- @script
70
+ @script
67
71
  end
68
72
 
69
73
  def self.combine_modules(dest)
70
- orig_modules = File.join(Gem.loaded_specs['sumomo'].full_gem_path, "data", "sumomo", "api_modules", "node_modules")
74
+ orig_modules = File.join(Gem.loaded_specs['sumomo'].full_gem_path, 'data', 'sumomo', 'api_modules', 'node_modules')
71
75
 
72
- `cp -Ra #{orig_modules}/ #{dest}/`
73
- `cp -Ra node_modules/* #{dest}/`
76
+ `cp -Ra #{orig_modules}/ #{dest}/`
77
+ `cp -Ra node_modules/* #{dest}/`
74
78
  end
75
79
 
76
80
  def generate
81
+ pretty_print = if @pretty_print
82
+ ', null, 2'
83
+ else
84
+ ''
85
+ end
77
86
 
78
- if @pretty_print
79
- pretty_print = ", null, 2"
80
- else
81
- pretty_print = ""
82
- end
83
-
84
- result = ""
87
+ result = ''
85
88
 
86
89
  all_methods = @methods.clone
87
90
 
88
91
  # Generate appropriate options methods as well
89
92
 
90
93
  @methods.each do |path, resource|
91
- meths = resource.map{|meth,info| meth}
94
+ meths = resource.map { |meth, _info| meth }
92
95
 
93
- # Insert OPTIONS method if there isn't already one
94
- if !all_methods[path].has_key?("OPTIONS")
95
- all_methods[path]["OPTIONS"] = { script: <<-SCRIPT, params: [] }
96
+ # Insert OPTIONS method if there isn't already one
97
+ next if all_methods[path].key?('OPTIONS')
98
+
99
+ all_methods[path]['OPTIONS'] = { script: <<-SCRIPT, params: [] }
96
100
  var headers = {}
97
- headers["Access-Control-Allow-Origin"] = #{@cors.allowed_origins.join(",").inspect}
101
+ headers["Access-Control-Allow-Origin"] = #{@cors.allowed_origins.join(',').inspect}
98
102
  headers["Access-Control-Request-Method"] = '*'
99
103
  headers["Access-Control-Allow-Methods"] = '#{meths.join(', ')}'
100
- headers["Access-Control-Allow-Headers"] = #{@cors.allowed_headers.join(",").inspect}
104
+ headers["Access-Control-Allow-Headers"] = #{@cors.allowed_headers.join(',').inspect}
101
105
 
102
106
  respond_with({methods: #{meths.inspect}}, 200, headers)
103
- SCRIPT
104
- end
107
+ SCRIPT
105
108
  end
106
109
 
107
-
108
110
  all_methods.each do |path, resource|
109
- resource.each do |method, method_info|
111
+ resource.each do |method, method_info|
112
+ parameter_list = method_info[:params].join(', ')
113
+ parameter_call_list = method_info[:params].map { |parm| "params['#{parm}']" }.join(', ')
110
114
 
111
- parameter_list = method_info[:params].join(", ")
112
- parameter_call_list = method_info[:params].map{|parm| "params['#{parm}']"}.join(", ")
113
-
114
- result += <<-SCRIPT
115
+ result += <<-SCRIPT
115
116
 
116
117
  router.#{method.downcase}('#{path}', prepare(function (event, callback) {
117
118
 
@@ -126,7 +127,7 @@ module Sumomo
126
127
  {
127
128
  var headers = {}
128
129
  headers["Content-Type"] = "application/json; charset=utf-8"
129
- headers["Access-Control-Allow-Origin"] = #{@cors.allowed_origins.join(",").inspect}
130
+ headers["Access-Control-Allow-Origin"] = #{@cors.allowed_origins.join(',').inspect}
130
131
 
131
132
  if (response_headers)
132
133
  {
@@ -147,141 +148,137 @@ module Sumomo
147
148
 
148
149
  var retval = function (#{parameter_list}) {
149
150
  #{method_info[:script]}
150
- }( #{ parameter_call_list } );
151
+ }( #{parameter_call_list} );
151
152
 
152
153
  }));
153
154
 
154
- SCRIPT
155
- end
155
+ SCRIPT
156
156
  end
157
+ end
157
158
  result
158
159
  end
159
160
  end
160
161
 
162
+ def make_api(domain_name, name:, script: nil, dns: nil, cert: nil, with_statements: [], &block)
163
+ api = make 'AWS::ApiGateway::RestApi', name: name do
164
+ Name name
165
+ end
161
166
 
162
- def make_api(domain_name, name:, script:nil, dns:nil, cert:nil, with_statements:[], &block)
163
-
164
- api = make "AWS::ApiGateway::RestApi", name: name do
165
- Name name
166
- end
167
+ script ||= File.read(File.join(Gem.loaded_specs['sumomo'].full_gem_path, 'data', 'sumomo', 'api_modules', 'real_script.js'))
167
168
 
168
- script ||= File.read(File.join(Gem.loaded_specs['sumomo'].full_gem_path, "data", "sumomo", "api_modules", "real_script.js"))
169
+ apigen = APIGenerator.new(&block)
170
+ script.sub!('// {{ ROUTES }}', apigen.generate)
171
+ script.gsub!('{{ SCRIPT }}', apigen.init_script)
172
+ script.gsub!('{{ REGION }}', @region)
173
+ script.gsub!('{{ BUCKET }}', @bucket_name)
174
+ script.gsub!('{{ STORE_PREFIX }}', 'functions/' + name)
169
175
 
170
- apigen = APIGenerator.new(&block);
171
- script.sub!("// {{ ROUTES }}", apigen.generate);
172
- script.gsub!("{{ SCRIPT }}", apigen.init_script);
173
- script.gsub!("{{ REGION }}", @region);
174
- script.gsub!("{{ BUCKET }}", @bucket_name);
175
- script.gsub!("{{ STORE_PREFIX }}", "functions/" + name);
176
+ module_dir = '.build_modules'
176
177
 
177
- module_dir = ".build_modules"
178
+ APIGenerator.combine_modules(module_dir)
178
179
 
179
- APIGenerator.combine_modules(module_dir)
180
+ files = Dir[File.join(module_dir, '**/*')].select { |x| File.file?(x) }.map do |x|
181
+ { name: x.sub(%r{^#{module_dir}/}, ''), code: File.read(x) }
182
+ end
180
183
 
181
- files = Dir[File.join(module_dir, "**/*")].select{|x| File.file?(x)}.map do |x|
182
- { name: x.sub(/^#{module_dir}\//, ""), code: File.read(x) }
183
- end
184
+ files += [{ name: 'index.js', code: script }]
184
185
 
185
- files += [ {name:"index.js", code:script} ]
186
+ fun = make_lambda(name: "#{name}Lambda#{@version_number}", files: files, with_statements: with_statements)
186
187
 
187
- fun = make_lambda(name: "#{name}Lambda#{@version_number}", files:files, with_statements:with_statements)
188
+ resource = make 'AWS::ApiGateway::Resource', name: "#{name}Resource" do
189
+ ParentId api.RootResourceId
190
+ PathPart '{proxy+}'
191
+ RestApiId api
192
+ end
188
193
 
189
- resource = make "AWS::ApiGateway::Resource", name: "#{name}Resource" do
190
- ParentId api.RootResourceId
191
- PathPart "{proxy+}"
192
- RestApiId api
193
- end
194
+ meth = make 'AWS::ApiGateway::Method', name: "#{name}MethodOther" do
195
+ RestApiId api
196
+ ResourceId resource
197
+ HttpMethod 'ANY'
198
+ AuthorizationType 'NONE'
199
+ Integration ({
200
+ Type: 'AWS_PROXY',
201
+ IntegrationHttpMethod: 'POST',
202
+ Uri: call('Fn::Join', '', ['arn:aws:apigateway:', ref('AWS::Region'), ':lambda:path', '/2015-03-31/functions/', fun.Arn, '/invocations'])
203
+ })
204
+ end
194
205
 
195
- meth = make "AWS::ApiGateway::Method", name: "#{name}MethodOther" do
196
- RestApiId api
197
- ResourceId resource
198
- HttpMethod "ANY"
199
- AuthorizationType "NONE"
200
- Integration ({
201
- Type: "AWS_PROXY",
202
- IntegrationHttpMethod: "POST",
203
- Uri: call("Fn::Join", "", ["arn:aws:apigateway:" ,ref("AWS::Region") ,":lambda:path", "/2015-03-31/functions/", fun.Arn, "/invocations"])
204
- })
205
- end
206
+ meth2 = make 'AWS::ApiGateway::Method', name: "#{name}MethodRoot" do
207
+ RestApiId api
208
+ ResourceId api.RootResourceId
209
+ HttpMethod 'ANY'
210
+ AuthorizationType 'NONE'
211
+ Integration ({
212
+ Type: 'AWS_PROXY',
213
+ IntegrationHttpMethod: 'POST',
214
+ Uri: call('Fn::Join', '', ['arn:aws:apigateway:', ref('AWS::Region'), ':lambda:path', '/2015-03-31/functions/', fun.Arn, '/invocations'])
215
+ })
216
+ end
206
217
 
207
- meth2 = make "AWS::ApiGateway::Method", name: "#{name}MethodRoot" do
208
- RestApiId api
209
- ResourceId api.RootResourceId
210
- HttpMethod "ANY"
211
- AuthorizationType "NONE"
212
- Integration ({
213
- Type: "AWS_PROXY",
214
- IntegrationHttpMethod: "POST",
215
- Uri: call("Fn::Join", "", ["arn:aws:apigateway:" ,ref("AWS::Region") ,":lambda:path", "/2015-03-31/functions/", fun.Arn, "/invocations"])
216
- })
217
- end
218
+ make 'AWS::Lambda::Permission', name: "#{name}LambdaPermission" do
219
+ FunctionName fun.Arn
220
+ Action 'lambda:InvokeFunction'
221
+ Principal 'apigateway.amazonaws.com'
222
+ end
218
223
 
219
- make "AWS::Lambda::Permission", name: "#{name}LambdaPermission" do
220
- FunctionName fun.Arn
221
- Action "lambda:InvokeFunction"
222
- Principal "apigateway.amazonaws.com"
223
- end
224
+ deployment = make 'AWS::ApiGateway::Deployment', name: "#{name}Deployment#{@version_number}" do
225
+ depends_on meth
226
+ depends_on meth2
227
+ RestApiId api
228
+ end
224
229
 
225
- deployment = make "AWS::ApiGateway::Deployment", name: "#{name}Deployment#{@version_number}" do
226
- depends_on meth
227
- depends_on meth2
228
- RestApiId api
229
- end
230
+ stage = make 'AWS::ApiGateway::Stage', name: "#{name}Stage" do
231
+ RestApiId api
232
+ DeploymentId deployment
233
+ StageName 'test'
234
+ end
230
235
 
231
- stage = make "AWS::ApiGateway::Stage", name: "#{name}Stage" do
232
- RestApiId api
233
- DeploymentId deployment
234
- StageName "test"
235
- end
236
+ root_name = /(?<root_name>[^.]+\.[^.]+)$/.match(domain_name)[:root_name]
236
237
 
237
- root_name = /(?<root_name>[^.]+\.[^.]+)$/.match(domain_name)[:root_name]
238
+ cert ||= make 'Custom::USEastCertificate', name: "#{name}Certificate" do
239
+ DomainName domain_name
240
+ end
238
241
 
239
- cert ||= make "Custom::USEastCertificate", name: "#{name}Certificate" do
240
- DomainName domain_name
241
- end
242
+ domain = make 'Custom::APIDomainName', name: "#{name}DomainName" do
243
+ DomainName domain_name
244
+ CertificateArn cert
245
+ end
242
246
 
243
- domain = make "Custom::APIDomainName", name: "#{name}DomainName" do
244
- DomainName domain_name
245
- CertificateArn cert
246
- end
247
+ make 'AWS::ApiGateway::BasePathMapping', name: "#{name}BasePathMapping" do
248
+ BasePath '(none)'
249
+ DomainName domain
250
+ RestApiId api
251
+ Stage stage
252
+ end
247
253
 
248
- make "AWS::ApiGateway::BasePathMapping", name: "#{name}BasePathMapping" do
249
- BasePath "(none)"
250
- DomainName domain
251
- RestApiId api
252
- Stage stage
254
+ if dns[:type] == :cloudflare
255
+ make 'Custom::CloudflareDNSEntry', name: "#{name}CloudFlareEntry" do
256
+ Key dns[:key]
257
+ Email dns[:email]
258
+ Domain root_name
259
+ Entry domain_name.sub(/#{root_name}$/, '').chomp('.')
260
+ CNAME call('Fn::Join', '', [api, '.execute-api.', ref('AWS::Region'), '.amazonaws.com'])
253
261
  end
254
-
255
- if dns[:type] == :cloudflare
256
- make "Custom::CloudflareDNSEntry", name: "#{name}CloudFlareEntry" do
257
- Key dns[:key]
258
- Email dns[:email]
259
- Domain root_name
260
- Entry domain_name.sub(/#{root_name}$/, "").chomp(".")
261
- CNAME call("Fn::Join", "", [api, ".execute-api.", ref("AWS::Region"), ".amazonaws.com"])
262
- end
263
- domain_name
264
- elsif dns[:type] == :route53
265
- make "AWS::Route53::RecordSet", name: "#{name}Route53Entry" do
266
- HostedZoneId dns[:hosted_zone]
267
- Name domain_name
268
- Type "CNAME"
269
- ResourceRecords [ call("Fn::Join", "", [api, ".execute-api.", ref("AWS::Region"), ".amazonaws.com"]) ]
270
- end
271
- domain_name
272
- else
273
- call("Fn::Join", "", [api, ".execute-api.", ref("AWS::Region"), ".amazonaws.com"])
262
+ domain_name
263
+ elsif dns[:type] == :route53
264
+ make 'AWS::Route53::RecordSet', name: "#{name}Route53Entry" do
265
+ HostedZoneId dns[:hosted_zone]
266
+ Name domain_name
267
+ Type 'CNAME'
268
+ ResourceRecords [call('Fn::Join', '', [api, '.execute-api.', ref('AWS::Region'), '.amazonaws.com'])]
274
269
  end
275
-
270
+ domain_name
271
+ else
272
+ call('Fn::Join', '', [api, '.execute-api.', ref('AWS::Region'), '.amazonaws.com'])
273
+ end
276
274
  end
277
275
 
278
276
  def cloudflare_dns(key:, email:)
279
- {type: :cloudflare, key: key, email: email}
277
+ { type: :cloudflare, key: key, email: email }
280
278
  end
281
279
 
282
280
  def route53_dns(hosted_zone:)
283
- {type: :route53, hosted_zone: hosted_zone}
281
+ { type: :route53, hosted_zone: hosted_zone }
284
282
  end
285
-
286
283
  end
287
284
  end
data/lib/sumomo/cdn.rb CHANGED
@@ -1,128 +1,134 @@
1
+ # frozen_string_literal: true
1
2
 
2
3
  module Sumomo
3
4
  module Stack
4
- def make_cdn_from_dir(domain:, cert:nil, dns:nil, name:nil, dir:, low_ttl: [], lambda_assocs:{})
5
-
6
- bucket_name = @bucket_name
7
-
8
- name ||= make_default_resource_name("CDN")
9
-
10
- puts "Uploading files..."
11
- `aws --version`
12
- `aws s3 --region #{@region} sync #{dir} "s3://#{bucket_name}/uploads/#{domain}" --size-only --delete`
13
- puts "Done."
14
-
15
- oai = make "Custom::OriginAccessIdentity"
16
-
17
- make "AWS::S3::BucketPolicy" do
18
- Bucket "#{bucket_name}"
19
- PolicyDocument({
20
- Version: "2008-10-17",
21
- Id: "PolicyForCloudFrontPrivateContent",
22
- Statement: [
23
- {
24
- Effect: "Allow",
25
- Principal: {
26
- CanonicalUser: oai.S3CanonicalUserId
27
- },
28
- Action: "s3:GetObject",
29
- Resource: "arn:aws:s3:::#{bucket_name}/uploads/#{domain}/*"
30
- }
31
- ]
32
- })
33
- end
5
+ def copy_to_uploads!(from_directory, to_directory)
6
+ bucket_name = @bucket_name
7
+ location = "s3://#{bucket_name}/uploads/#{to_directory}"
34
8
 
35
- viewer_policy = "allow-all"
36
- if cert
37
- viewer_policy = "redirect-to-https"
38
- end
9
+ puts 'Uploading files...'
10
+ `aws --version`
11
+ `aws s3 --region #{@region} sync #{from_directory} "#{location}" --size-only --delete`
12
+ puts 'Done.'
39
13
 
40
- cdn = make "AWS::CloudFront::Distribution", name: name do
41
- DistributionConfig do
42
- Origins [{
43
- Id: "originBucket",
44
- DomainName: "#{bucket_name}.s3.amazonaws.com",
45
- OriginPath: "/uploads/#{domain}",
46
- S3OriginConfig: {
47
- OriginAccessIdentity: oai
48
- }
49
- }]
50
-
51
- CacheBehaviors low_ttl.map{ |pattern|
52
- {
53
- PathPattern: pattern,
54
- ForwardedValues: {
55
- QueryString: "false",
56
- Cookies: { Forward: "none" }
57
- },
58
- TargetOriginId: "originBucket",
59
- ViewerProtocolPolicy: viewer_policy,
60
- DefaultTTL: 60,
61
- MaxTTL: 60,
62
- MinTTL: 60
63
- }
64
- }.to_a
65
-
66
- Enabled "true"
67
- DefaultRootObject "index.html"
68
- Aliases [ domain ]
69
-
70
- if cert
71
- ViewerCertificate {
72
- AcmCertificateArn cert
73
- SslSupportMethod "sni-only"
74
- }
75
- else
76
- ViewerCertificate { CloudFrontDefaultCertificate "true" }
77
- end
78
-
79
- DefaultCacheBehavior do
80
- AllowedMethods ["GET", "HEAD", "OPTIONS"]
81
- TargetOriginId "originBucket"
82
- ViewerProtocolPolicy viewer_policy
83
- ForwardedValues {
84
- QueryString "false"
85
- Cookies { Forward "none" }
86
- }
87
-
88
- LambdaFunctionAssociations (lambda_assocs.map do |event_type,arns|
89
- arns.map do |arn|
90
- {EventType: event_type, LambdaFunctionARN: arn}
91
- end.to_a
92
- end.flatten)
93
- end
94
-
95
- Logging do
96
- IncludeCookies "false"
97
- Bucket "#{bucket_name}.s3.amazonaws.com"
98
- Prefix "logs/#{domain}/"
99
- end
14
+ location
15
+ end
16
+
17
+ def make_cdn_from_dir(domain:, cert: nil, dns: nil, name: nil, dir:, low_ttl: [], lambda_assocs: {})
18
+ bucket_name = @bucket_name
19
+
20
+ name ||= make_default_resource_name('CDN')
21
+
22
+ copy_to_uploads!(dir, domain)
23
+
24
+ oai = make 'Custom::OriginAccessIdentity'
25
+
26
+ make 'AWS::S3::BucketPolicy' do
27
+ Bucket bucket_name.to_s
28
+ PolicyDocument(
29
+ Version: '2008-10-17',
30
+ Id: 'PolicyForCloudFrontPrivateContent',
31
+ Statement: [
32
+ {
33
+ Effect: 'Allow',
34
+ Principal: {
35
+ CanonicalUser: oai.S3CanonicalUserId
36
+ },
37
+ Action: 's3:GetObject',
38
+ Resource: "arn:aws:s3:::#{bucket_name}/uploads/#{domain}/*"
39
+ }
40
+ ]
41
+ )
42
+ end
43
+
44
+ viewer_policy = 'allow-all'
45
+ viewer_policy = 'redirect-to-https' if cert
46
+
47
+ cdn = make 'AWS::CloudFront::Distribution', name: name do
48
+ DistributionConfig do
49
+ Origins [{
50
+ Id: 'originBucket',
51
+ DomainName: "#{bucket_name}.s3.amazonaws.com",
52
+ OriginPath: "/uploads/#{domain}",
53
+ S3OriginConfig: {
54
+ OriginAccessIdentity: oai
55
+ }
56
+ }]
57
+
58
+ CacheBehaviors low_ttl.map { |pattern|
59
+ {
60
+ PathPattern: pattern,
61
+ ForwardedValues: {
62
+ QueryString: 'false',
63
+ Cookies: { Forward: 'none' }
64
+ },
65
+ TargetOriginId: 'originBucket',
66
+ ViewerProtocolPolicy: viewer_policy,
67
+ DefaultTTL: 60,
68
+ MaxTTL: 60,
69
+ MinTTL: 60
70
+ }
71
+ }.to_a
72
+
73
+ Enabled 'true'
74
+ DefaultRootObject 'index.html'
75
+ Aliases [domain]
76
+
77
+ if cert
78
+ ViewerCertificate do
79
+ AcmCertificateArn cert
80
+ SslSupportMethod 'sni-only'
81
+ end
82
+ else
83
+ ViewerCertificate { CloudFrontDefaultCertificate 'true' }
84
+ end
85
+
86
+ DefaultCacheBehavior do
87
+ AllowedMethods %w[GET HEAD OPTIONS]
88
+ TargetOriginId 'originBucket'
89
+ ViewerProtocolPolicy viewer_policy
90
+ ForwardedValues do
91
+ QueryString 'false'
92
+ Cookies { Forward 'none' }
100
93
  end
94
+
95
+ LambdaFunctionAssociations lambda_assocs.map do |event_type, arns|
96
+ arns.map do |arn|
97
+ { EventType: event_type, LambdaFunctionARN: arn }
98
+ end.to_a
99
+ end.flatten
100
+ end
101
+
102
+ Logging do
103
+ IncludeCookies 'false'
104
+ Bucket "#{bucket_name}.s3.amazonaws.com"
105
+ Prefix "logs/#{domain}/"
106
+ end
101
107
  end
108
+ end
102
109
 
103
- root_name = /(?<root_name>[^.]+\.[^.]+)$/.match(domain)[:root_name]
110
+ root_name = /(?<root_name>[^.]+\.[^.]+)$/.match(domain)[:root_name]
104
111
 
105
- if !dns
112
+ if !dns
106
113
 
107
- elsif dns[:type] == :cloudflare
108
- make "Custom::CloudflareDNSEntry", name: "#{name}CloudFlareEntry" do
109
- Key dns[:key]
110
- Email dns[:email]
111
- Domain root_name
112
- Entry domain.sub(/#{root_name}$/, "").chomp(".")
113
- CNAME cdn.DomainName
114
- end
115
- elsif dns[:type] == :route53
116
- make "AWS::Route53::RecordSet", name: "#{name}Route53Entry" do
117
- HostedZoneId dns[:hosted_zone]
118
- Name domain
119
- Type "CNAME"
120
- ResourceRecords [ cdn.DomainName ]
121
- end
114
+ elsif dns[:type] == :cloudflare
115
+ make 'Custom::CloudflareDNSEntry', name: "#{name}CloudFlareEntry" do
116
+ Key dns[:key]
117
+ Email dns[:email]
118
+ Domain root_name
119
+ Entry domain.sub(/#{root_name}$/, '').chomp('.')
120
+ CNAME cdn.DomainName
122
121
  end
122
+ elsif dns[:type] == :route53
123
+ make 'AWS::Route53::RecordSet', name: "#{name}Route53Entry" do
124
+ HostedZoneId dns[:hosted_zone]
125
+ Name domain
126
+ Type 'CNAME'
127
+ ResourceRecords [cdn.DomainName]
128
+ end
129
+ end
123
130
 
124
- cdn
125
-
131
+ cdn
126
132
  end
127
133
  end
128
134
  end