kybernus 2.1.1 → 2.2.1

package/templates/nestjs/mvc/infra/modules/vpc/main.tf.hbs

@@ -10,81 +10,213 @@ variable "environment" {
 
 # VPC
 resource "aws_vpc" "main" {
-  cidr_block = "10.0.0.0/16"
+  cidr_block           = "10.0.0.0/16"
   enable_dns_hostnames = true
-  enable_dns_support = true
+  enable_dns_support   = true
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-vpc"
+    Name        = "${var.app_name}-${var.environment}-vpc"
     Environment = var.environment
   }
 }
 
+# Internet Gateway
+resource "aws_internet_gateway" "main" {
+  vpc_id = aws_vpc.main.id
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-igw"
+    Environment = var.environment
+  }
+}
+
+# Data source for AZs
+data "aws_availability_zones" "available" {
+  state = "available"
+}
+
 # Public Subnets
 resource "aws_subnet" "public" {
-  count = 2
+  count                   = 2
+  vpc_id                  = aws_vpc.main.id
+  cidr_block              = "10.0.${count.index + 1}.0/24"
+  availability_zone       = data.aws_availability_zones.available.names[count.index]
+  map_public_ip_on_launch = true
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-public-${count.index + 1}"
+    Environment = var.environment
+  }
+}
+
+# Route Table for Public Subnets
+resource "aws_route_table" "public" {
   vpc_id = aws_vpc.main.id
-  cidr_block = "10.0.${count.index + 1}.0/24"
-  availability_zone = data.aws_availability_zones.available.names[count.index]
 
-  map_public_ip_on_launch = true
+  route {
+    cidr_block = "0.0.0.0/0"
+    gateway_id = aws_internet_gateway.main.id
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-public-rt"
+    Environment = var.environment
+  }
+}
+
+# Association for Public Subnets
+resource "aws_route_table_association" "public" {
+  count          = 2
+  subnet_id      = aws_subnet.public[count.index].id
+  route_table_id = aws_route_table.public.id
+}
+
+# Elastic IP for NAT Gateway
+resource "aws_eip" "nat" {
+  count  = 1
+  domain = "vpc"
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-public-${count.index + 1}"
+    Name        = "${var.app_name}-${var.environment}-nat-eip"
+    Environment = var.environment
+  }
+}
+
+# NAT Gateway (single NAT for cost savings, can change to 1 per AZ for production if needed)
+resource "aws_nat_gateway" "main" {
+  count         = 1
+  allocation_id = aws_eip.nat[0].id
+  subnet_id     = aws_subnet.public[0].id
+
+  depends_on = [aws_internet_gateway.main]
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-nat"
     Environment = var.environment
   }
 }
 
 # Private Subnets
 resource "aws_subnet" "private" {
-  count = 2
-  vpc_id = aws_vpc.main.id
-  cidr_block = "10.0.${count.index + 10}.0/24"
+  count             = 2
+  vpc_id            = aws_vpc.main.id
+  cidr_block        = "10.0.${count.index + 10}.0/24"
   availability_zone = data.aws_availability_zones.available.names[count.index]
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-private-${count.index + 1}"
+    Name        = "${var.app_name}-${var.environment}-private-${count.index + 1}"
     Environment = var.environment
   }
 }
 
-# Internet Gateway
-resource "aws_internet_gateway" "main" {
+# Route Table for Private Subnets
+resource "aws_route_table" "private" {
   vpc_id = aws_vpc.main.id
 
+  route {
+    cidr_block     = "0.0.0.0/0"
+    nat_gateway_id = aws_nat_gateway.main[0].id
+  }
+
   tags = {
-    Name = "${var.app_name}-${var.environment}-igw"
+    Name        = "${var.app_name}-${var.environment}-private-rt"
     Environment = var.environment
   }
 }
 
-# Data source for AZs
-data "aws_availability_zones" "available" {
-  state = "available"
+# Association for Private Subnets
+resource "aws_route_table_association" "private" {
+  count          = 2
+  subnet_id      = aws_subnet.private[count.index].id
+  route_table_id = aws_route_table.private.id
+}
+
+# Security Group for Load Balancer (ALB)
+resource "aws_security_group" "alb" {
+  name        = "${var.app_name}-${var.environment}-alb-sg"
+  description = "Security group for ALB"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port   = 80
+    to_port     = 80
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow HTTP from anywhere"
+  }
+
+  ingress {
+    from_port   = 443
+    to_port     = 443
+    protocol    = "tcp"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow HTTPS from anywhere"
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-alb-sg"
+    Environment = var.environment
+  }
 }
 
-# Security Group for DB
+# Security Group for ECS Tasks
+resource "aws_security_group" "ecs_tasks" {
+  name        = "${var.app_name}-${var.environment}-ecs-tasks-sg"
+  description = "Security group for ECS tasks"
+  vpc_id      = aws_vpc.main.id
+
+  ingress {
+    from_port       = 0
+    to_port         = 0
+    protocol        = "-1"
+    security_groups = [aws_security_group.alb.id]
+    description     = "Allow all traffic from ALB"
+  }
+
+  egress {
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
+    cidr_blocks = ["0.0.0.0/0"]
+    description = "Allow all outbound traffic"
+  }
+
+  tags = {
+    Name        = "${var.app_name}-${var.environment}-ecs-tasks-sg"
+    Environment = var.environment
+  }
+}
+
+# Security Group for Database (RDS)
 resource "aws_security_group" "db" {
-  name = "${var.app_name}-${var.environment}-db-sg"
+  name        = "${var.app_name}-${var.environment}-db-sg"
   description = "Security group for database"
-  vpc_id = aws_vpc.main.id
+  vpc_id      = aws_vpc.main.id
 
   ingress {
-    from_port = 5432
-    to_port = 5432
-    protocol = "tcp"
-    cidr_blocks = ["10.0.0.0/16"]
+    from_port       = 5432
+    to_port         = 5432
+    protocol        = "tcp"
+    security_groups = [aws_security_group.ecs_tasks.id]
+    description     = "Allow PostgreSQL access from ECS tasks"
   }
 
   egress {
-    from_port = 0
-    to_port = 0
-    protocol = "-1"
+    from_port   = 0
+    to_port     = 0
+    protocol    = "-1"
     cidr_blocks = ["0.0.0.0/0"]
   }
 
   tags = {
-    Name = "${var.app_name}-${var.environment}-db-sg"
+    Name        = "${var.app_name}-${var.environment}-db-sg"
     Environment = var.environment
   }
 }
@@ -104,4 +236,12 @@ output "private_subnet_ids" {
 
 output "db_security_group_id" {
   value = aws_security_group.db.id
-}
+}
+
+output "alb_security_group_id" {
+  value = aws_security_group.alb.id
+}
+
+output "ecs_tasks_security_group_id" {
+  value = aws_security_group.ecs_tasks.id
+}

package/templates/nestjs/mvc/package.json.hbs

@@ -7,7 +7,9 @@
     "build": "nest build",
     "start": "node dist/main.js",
     "lint": "eslint \"{src,test}/**/*.ts\"",
-    "test": "jest"
+    "test": "jest",
+    "db:generate": "prisma generate",
+    "db:push": "prisma db push"
   },
   "dependencies": {
     "@nestjs/common": "^10.3.0",
@@ -16,6 +18,7 @@
     "@nestjs/jwt": "^10.2.0",
     "@nestjs/passport": "^10.0.3",
     "@nestjs/platform-express": "^10.3.0",
+    "@prisma/client": "^5.10.2",
     "bcryptjs": "^2.4.3",
     "class-transformer": "^0.5.1",
     "class-validator": "^0.14.1",
@@ -32,6 +35,7 @@
     "@types/node": "^20.11.0",
     "@types/passport-jwt": "^4.0.0",
     "@types/uuid": "^9.0.7",
+    "prisma": "^5.10.2",
     "typescript": "^5.3.3"
   }
-}
+}

package/templates/nestjs/mvc/prisma/schema.prisma.hbs

@@ -0,0 +1,31 @@
+generator client {
+  provider = "prisma-client-js"
+}
+
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+
+model User {
+  id               String   @id @default(uuid())
+  email            String   @unique
+  name             String?
+  password         String
+  stripeCustomerId String?  @map("stripe_customer_id")
+  createdAt        DateTime @default(now()) @map("created_at")
+  updatedAt        DateTime @updatedAt @map("updated_at")
+
+  @@map("users")
+}
+
+model Item {
+  id          String   @id @default(uuid())
+  name        String
+  description String?
+  price       Float?
+  createdAt   DateTime @default(now()) @map("created_at")
+  updatedAt   DateTime @updatedAt @map("updated_at")
+
+  @@map("items")
+}

package/templates/nestjs/mvc/src/app.module.ts.hbs

@@ -4,14 +4,16 @@ import { ItemsModule } from './modules/items.module';
 import { AuthModule } from './auth/auth.module';
 import { PaymentsModule } from './payments/payments.module';
 import { HealthController } from './controllers/health.controller';
+import { PrismaModule } from './prisma/prisma.module';
 
 @Module({
     imports: [
         ConfigModule.forRoot({ isGlobal: true }),
+        PrismaModule,
         AuthModule,
         PaymentsModule,
         ItemsModule,
     ],
     controllers: [HealthController],
 })
-export class AppModule {}
+export class AppModule {}

package/templates/nestjs/mvc/src/auth/auth.service.ts.hbs

@@ -1,43 +1,46 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, UnauthorizedException, BadRequestException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import * as bcrypt from 'bcryptjs';
-
-interface User {
-    id: string;
-    email: string;
-    name: string;
-    password: string;
-}
+import { PrismaService } from '../prisma/prisma.service';
 
 @Injectable()
 export class AuthService {
-    private users: Map<string, User> = new Map();
-
-    constructor(private jwtService: JwtService) {}
+    constructor(
+        private jwtService: JwtService,
+        private prisma: PrismaService,
+    ) {}
 
     async register(email: string, name: string, password: string) {
-        if (this.users.has(email)) {
-            throw new Error('User already exists');
+        const existingUser = await this.prisma.user.findUnique({
+            where: { email },
+        });
+
+        if (existingUser) {
+            throw new BadRequestException('User already exists');
         }
 
         const hashedPassword = await bcrypt.hash(password, 10);
-        const user: User = {
-            id: Date.now().toString(),
-            email,
-            name,
-            password: hashedPassword,
-        };
-
-        this.users.set(email, user);
+        
+        const user = await this.prisma.user.create({
+            data: {
+                email,
+                name,
+                password: hashedPassword,
+            },
+        });
+
         const token = this.jwtService.sign({ sub: user.id, email: user.email });
 
         return { token, user: { id: user.id, email: user.email, name: user.name } };
     }
 
     async login(email: string, password: string) {
-        const user = this.users.get(email);
-        if (!user || !(await bcrypt.compare(password, user.password))) {
-            throw new Error('Invalid credentials');
+        const user = await this.prisma.user.findUnique({
+            where: { email },
+        });
+
+        if (users || !(await bcrypt.compare(password, user.password))) {
+            throw new UnauthorizedException('Invalid credentials');
         }
 
         const token = this.jwtService.sign({ sub: user.id, email: user.email });
@@ -45,11 +48,11 @@ export class AuthService {
     }
 
     async validateUser(userId: string) {
-        for (const user of this.users.values()) {
-            if (user.id === userId) {
-                return { id: user.id, email: user.email, name: user.name };
-            }
-        }
-        return null;
+        const user = await this.prisma.user.findUnique({
+            where: { id: userId },
+            select: { id: true, email: true, name: true }
+        });
+        
+        return user;
     }
-}
+}

package/templates/nestjs/mvc/src/payments/payments.service.ts.hbs

@@ -1,12 +1,16 @@
 import { Injectable } from '@nestjs/common';
 import { ConfigService } from '@nestjs/config';
 import Stripe from 'stripe';
+import { PrismaService } from '../prisma/prisma.service';
 
 @Injectable()
 export class PaymentsService {
     private stripe: Stripe;
 
-    constructor(private configService: ConfigService) {
+    constructor(
+        private configService: ConfigService,
+        private prisma: PrismaService,
+    ) {
         this.stripe = new Stripe(configService.get('STRIPE_SECRET_KEY', ''), {
             apiVersion: '2024-12-18.acacia',
         });
@@ -31,13 +35,29 @@ export class PaymentsService {
 
         switch (event.type) {
             case 'checkout.session.completed':
-            console.log('Checkout completed:', event.data.object);
-            break;
+                {
+                    const session = event.data.object as Stripe.Checkout.Session;
+                    console.log('Checkout completed:', session.id);
+                    // Match the session back to the user via client_reference_id or customer email
+                    // await this.prisma.user.update({...});
+                }
+                break;
             case 'customer.subscription.updated':
-            console.log('Subscription updated:', event.data.object);
-            break;
+                {
+                    const subscription = event.data.object as Stripe.Subscription;
+                    console.log('Subscription updated:', subscription.id);
+                    // Update user's subscription status in DB
+                }
+                break;
+            case 'customer.subscription.deleted':
+                {
+                    const subscription = event.data.object as Stripe.Subscription;
+                    console.log('Subscription deleted:', subscription.id);
+                    // Cancel user's subscription in DB
+                }
+                break;
         }
 
         return { received: true };
     }
-}
+}

package/templates/nestjs/mvc/src/prisma/prisma.module.ts.hbs

@@ -0,0 +1,9 @@
+import { Global, Module } from '@nestjs/common';
+import { PrismaService } from './prisma.service';
+
+@Global()
+@Module({
+  providers: [PrismaService],
+  exports: [PrismaService],
+})
+export class PrismaModule {}

package/templates/nestjs/mvc/src/prisma/prisma.service.ts.hbs

@@ -0,0 +1,15 @@
+import { Injectable, OnModuleInit, INestApplication } from '@nestjs/common';
+import { PrismaClient } from '@prisma/client';
+
+@Injectable()
+export class PrismaService extends PrismaClient implements OnModuleInit {
+  async onModuleInit() {
+    await this.$connect();
+  }
+
+  async enableShutdownHooks(app: INestApplication) {
+    this.$on('beforeExit', async () => {
+      await app.close();
+    });
+  }
+}

package/templates/nestjs/mvc/src/services/items.service.ts.hbs

@@ -1,32 +1,45 @@
-import { Injectable } from '@nestjs/common';
+import { Injectable, NotFoundException } from '@nestjs/common';
+import { PrismaService } from '../prisma/prisma.service';
 import { CreateItemDto } from '../models/create-item.dto';
-import { Item } from '../models/item.model';
-import { v4 as uuidv4 } from 'uuid';
 
 @Injectable()
 export class ItemsService {
-    private items: Map<string, Item> = new Map();
+    constructor(private prisma: PrismaService) {}
 
-    findAll(): Item[] {
-        return Array.from(this.items.values());
+    async findAll() {
+        return this.prisma.item.findMany();
     }
 
-    findOne(id: string): Item | undefined {
-        return this.items.get(id);
+    async findOne(id: string) {
+        const item = await this.prisma.item.findUnique({
+            where: { id },
+        });
+        
+        if (!item) {
+            throw new NotFoundException('Item not found');
+        }
+        
+        return item;
     }
 
-    create(dto: CreateItemDto): Item {
-        const item: Item = {
-            id: uuidv4(),
-            name: dto.name,
-            description: dto.description,
-            createdAt: new Date(),
-        };
-        this.items.set(item.id, item);
-        return item;
+    async create(createItemDto: CreateItemDto) {
+        return this.prisma.item.create({
+            data: {
+                name: createItemDto.name,
+                description: createItemDto.description,
+                price: createItemDto.price,
+            },
+        });
     }
 
-    remove(id: string): boolean {
-        return this.items.delete(id);
+    async remove(id: string) {
+        try {
+            await this.prisma.item.delete({
+                where: { id },
+            });
+            return true;
+        } catch (error) {
+            return false;
+        }
     }
-}
+}

package/templates/nextjs/mvc/infra/main.tf.hbs

@@ -5,9 +5,13 @@ terraform {
 
   required_providers {
     aws = {
-      source = "hashicorp/aws"
+      source  = "hashicorp/aws"
       version = "~> 5.0"
     }
+    random = {
+      source  = "hashicorp/random"
+      version = "~> 3.5"
+    }
   }
 
 # Uncomment for remote state (recommended for production)
@@ -27,27 +31,27 @@ provider "aws" {
 # Variables
 variable "aws_region" {
   description = "AWS region"
-  type = string
-  default = "us-east-1"
+  type        = string
+  default     = "us-east-1"
 }
 
 variable "environment" {
   description = "Environment name (dev, staging, prod)"
-  type = string
-  default = "dev"
+  type        = string
+  default     = "dev"
 }
 
 variable "app_name" {
   description = "Application name"
-  type = string
-  default = "{{projectNameKebabCase}}"
+  type        = string
+  default     = "{{projectNameKebabCase}}"
 }
 
 # VPC
 module "vpc" {
   source = "./modules/vpc"
 
-  app_name = var.app_name
+  app_name    = var.app_name
   environment = var.environment
 }
 
@@ -55,29 +59,49 @@ module "vpc" {
 module "ecs" {
   source = "./modules/ecs"
 
-  app_name = var.app_name
-  environment = var.environment
-  vpc_id = module.vpc.vpc_id
-  subnet_ids = module.vpc.private_subnet_ids
+  app_name                    = var.app_name
+  environment                 = var.environment
+  vpc_id                      = module.vpc.vpc_id
+  public_subnet_ids           = module.vpc.public_subnet_ids
+  private_subnet_ids          = module.vpc.private_subnet_ids
+  alb_security_group_id       = module.vpc.alb_security_group_id
+  ecs_tasks_security_group_id = module.vpc.ecs_tasks_security_group_id
 }
 
 # RDS PostgreSQL
 module "rds" {
   source = "./modules/rds"
 
-  app_name = var.app_name
-  environment = var.environment
-  vpc_id = module.vpc.vpc_id
-  subnet_ids = module.vpc.private_subnet_ids
+  app_name          = var.app_name
+  environment       = var.environment
+  vpc_id            = module.vpc.vpc_id
+  subnet_ids        = module.vpc.private_subnet_ids
   security_group_id = module.vpc.db_security_group_id
 }
 
 # Outputs
+output "vpc_id" {
+  value = module.vpc.vpc_id
+}
+
 output "ecs_cluster_name" {
   value = module.ecs.cluster_name
 }
 
+output "ecr_repository_url" {
+  value = module.ecs.ecr_repository_url
+}
+
+output "alb_dns_name" {
+  value       = module.ecs.alb_dns_name
+  description = "The DNS name of the ALB to access the application"
+}
+
 output "rds_endpoint" {
-  value = module.rds.endpoint
+  value     = module.rds.endpoint
   sensitive = true
-}
+}
+
+output "db_name" {
+  value = module.rds.db_name
+}