chore: wip

Author: chrisbbreuer

.stacks/core/cloud/src/cloud/cdn.ts

@@ -7,7 +7,7 @@ import {
   aws_cloudfront_origins as origins,
   aws_route53 as route53,
   aws_secretsmanager as secretsmanager,
-  aws_ssm as ssm,
+  // aws_ssm as ssm,
   aws_route53_targets as targets,
 } from 'aws-cdk-lib'
 import type { Construct } from 'constructs'

.stacks/core/cloud/src/cloud/file-system.ts

@@ -33,6 +33,3 @@ export class FileSystemStack {
     })
   }
 }
-
-// manageFileSystem() {
-// }

.stacks/core/cloud/src/cloud/index.ts

@@ -11,6 +11,7 @@ import { DeploymentStack } from './deployment'
 import { JumpBoxStack } from './jump-box'
 import { FileSystemStack } from './file-system'
 import { NetworkStack } from './network'
+import { RedirectsStack } from './redirects'
 
 export class Cloud extends Stack {
   constructor(scope: Construct, id: string, props: CloudOptions) {
@@ -54,6 +55,8 @@ export class Cloud extends Stack {
       zone: dns.zone,
     })
 
+    new RedirectsStack(this, props)
+
     new DeploymentStack(this, {
       ...props,
       publicBucket: storage.publicBucket,

.stacks/core/cloud/src/cloud/network.ts

@@ -12,30 +12,41 @@ export class NetworkStack {
   constructor(scope: Construct, props: NetworkStackProps) {
     this.vpc = new ec2.Vpc(scope, 'Network', {
       vpcName: `${props.appName}-${props.appEnv}-vpc`,
-      // ipAddresses: ec2.IpAddresses.cidr('10.0.0.0/16'),
+      ipAddresses: ec2.IpAddresses.cidr('10.0.0.0/16'),
       maxAzs: 3,
-    // subnetConfiguration: [
-    //   {
-    //     cidrMask: 19, // Size of the subnet in CIDR notation
-    //     name: `${this.appName}-${appEnv}-public-subnet-1`,
-    //     subnetType: ec2.SubnetType.PUBLIC,
-    //   },
-    //   {
-    //     cidrMask: 19,
-    //     name: `${this.appName}-${appEnv}-public-subnet-2`,
-    //     subnetType: ec2.SubnetType.PUBLIC,
-    //   },
-    //   {
-    //     cidrMask: 19,
-    //     name: `${this.appName}-${appEnv}-private-subnet-1`,
-    //     subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
-    //   },
-    //   {
-    //     cidrMask: 19,
-    //     name: `${this.appName}-${appEnv}-private-subnet-2`,
-    //     subnetType: ec2.SubnetType.PRIVATE_WITH_EGRESS,
-    //   },
-    // ],
+      natGateways: 0,
+      subnetConfiguration: [
+        {
+          cidrMask: 21,
+          name: `${props.appName}-${props.appEnv}-public-subnet-1`,
+          subnetType: ec2.SubnetType.PUBLIC,
+        },
+        {
+          cidrMask: 21,
+          name: `${props.appName}-${props.appEnv}-public-subnet-2`,
+          subnetType: ec2.SubnetType.PUBLIC,
+        },
+        {
+          cidrMask: 21,
+          name: `${props.appName}-${props.appEnv}-public-subnet-3`,
+          subnetType: ec2.SubnetType.PUBLIC,
+        },
+        {
+          cidrMask: 21,
+          name: `${props.appName}-${props.appEnv}-private-subnet-1`,
+          subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
+        },
+        {
+          cidrMask: 21,
+          name: `${props.appName}-${props.appEnv}-private-subnet-2`,
+          subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
+        },
+        {
+          cidrMask: 21,
+          name: `${props.appName}-${props.appEnv}-private-subnet-3`,
+          subnetType: ec2.SubnetType.PRIVATE_ISOLATED,
+        },
+      ],
     })
   }
 }

.stacks/core/cloud/src/cloud/redirects.ts

@@ -1,27 +1,45 @@
-// for each redirect, create a bucket & redirect it to the APP_URL
-// config.dns.redirects?.forEach((redirect) => {
-//   // TODO: use string-ts function here instead
-//   const slug = redirect.split('.').map((part, index) => index === 0 ? part : part.charAt(0).toUpperCase() + part.slice(1)).join('') // creates a CamelCase slug from the redirect
-//   const hostedZone = route53.HostedZone.fromLookup(this, 'HostedZone', { domainName: redirect })
-//   const redirectBucket = new s3.Bucket(this, `RedirectBucket${slug}`, {
-//     bucketName: `${redirect}-redirect`,
-//     websiteRedirect: {
-//       hostName: this.domain,
-//       protocol: s3.RedirectProtocol.HTTPS,
-//     },
-//     removalPolicy: RemovalPolicy.DESTROY,
-//     autoDeleteObjects: true,
-//   })
-//   new route53.CnameRecord(this, `RedirectRecord${slug}`, {
-//     zone: hostedZone,
-//     recordName: 'redirect',
-//     domainName: redirectBucket.bucketWebsiteDomainName,
-//   })
-// })
+/* eslint-disable no-new */
+import { config } from '@stacksjs/config'
+import { RemovalPolicy, aws_route53 as route53, aws_s3 as s3 } from 'aws-cdk-lib'
+import type { Construct } from 'constructs'
+import type { NestedCloudProps } from '../types'
 
-// TODO: fix this – redirects do not work yet
-// config.dns.redirects?.forEach((redirect) => {
-//   const slug = redirect.split('.').map((part, index) => index === 0 ? part : part.charAt(0).toUpperCase() + part.slice(1)).join('') // creates a CamelCase slug from the redirect
-//   const hostedZone = route53.HostedZone.fromLookup(this, `RedirectHostedZone${slug}`, { domainName: redirect })
-//   this.redirectZones.push(hostedZone)
-// })
+export interface RedirectsStackProps extends NestedCloudProps {
+  //
+}
+
+export class RedirectsStack {
+  redirectZones: route53.IHostedZone[] = []
+
+  constructor(scope: Construct, props: RedirectsStackProps) {
+    // for each redirect, create a bucket & redirect it to the APP_URL
+    config.dns.redirects?.forEach((redirect) => {
+      // TODO: use string-ts function here instead
+      const slug = redirect.split('.').map((part, index) => index === 0 ? part : part.charAt(0).toUpperCase() + part.slice(1)).join('') // creates a CamelCase slug from the redirect
+      const hostedZone = route53.HostedZone.fromLookup(scope, 'HostedZone', { domainName: redirect })
+
+      const redirectBucket = new s3.Bucket(scope, `RedirectBucket${slug}`, {
+        bucketName: `${redirect}-redirect`,
+        websiteRedirect: {
+          hostName: props.domain,
+          protocol: s3.RedirectProtocol.HTTPS,
+        },
+        removalPolicy: RemovalPolicy.DESTROY,
+        autoDeleteObjects: true,
+      })
+
+      new route53.CnameRecord(scope, `RedirectRecord${slug}`, {
+        zone: hostedZone,
+        recordName: 'redirect',
+        domainName: redirectBucket.bucketWebsiteDomainName,
+      })
+    })
+
+    // TODO: fix this – redirects do not work yet
+    config.dns.redirects?.forEach((redirect) => {
+      const slug = redirect.split('.').map((part, index) => index === 0 ? part : part.charAt(0).toUpperCase() + part.slice(1)).join('') // creates a CamelCase slug from the redirect
+      const hostedZone = route53.HostedZone.fromLookup(scope, `RedirectHostedZone${slug}`, { domainName: redirect })
+      this.redirectZones.push(hostedZone)
+    })
+  }
+}

.stacks/core/cloud/src/cloud/security.ts

@@ -9,14 +9,12 @@ export interface StorageStackProps extends NestedCloudProps {
   zone: route53.IHostedZone
 }
 
-// export class SecurityStack extends NestedStack {
 export class SecurityStack {
   firewall: wafv2.CfnWebACL
   kmsKey: kms.Key
   certificate: acm.Certificate
 
   constructor(scope: Construct, props: StorageStackProps) {
-    // super(scope, 'Security', props)
     const firewallOptions = config.cloud.firewall
 
     if (!firewallOptions)

.stacks/core/cloud/src/cloud/storage.ts

@@ -1,13 +1,12 @@
 import type { aws_kms as kms } from 'aws-cdk-lib'
-import { NestedStack, RemovalPolicy, Tags, aws_backup as backup, aws_iam as iam, aws_s3 as s3 } from 'aws-cdk-lib'
+import { RemovalPolicy, Tags, aws_backup as backup, aws_iam as iam, aws_s3 as s3 } from 'aws-cdk-lib'
 import type { Construct } from 'constructs'
 import type { NestedCloudProps } from '../types'
 
 export interface StorageStackProps extends NestedCloudProps {
   kmsKey: kms.Key
 }
 
-// export class StorageStack extends NestedStack {
 export class StorageStack {
   publicBucket: s3.Bucket
   privateBucket: s3.Bucket
@@ -18,7 +17,6 @@ export class StorageStack {
   backupRole: iam.Role
 
   constructor(scope: Construct, props: StorageStackProps) {
-    // super(scope, 'Storage', props)
     this.bucketPrefix = `${props.appName}-${props.appEnv}`
 
     this.publicBucket = new s3.Bucket(scope, 'PublicBucket', {