def create_distribution(data):
try:
print('[cfgen]\tcreating distribution')
_get_conn(service='cloudfront').create_distribution_with_tags(
DistributionConfigWithTags=data)
print('[cfgen]\tdistribution created with data set')
except Exception as err:
logging.error(f'An error occured: {err}')
def request_cert(domain):
res = _get_conn(service='acm', region='us-east-1').request_certificate(
DomainName=domain,
ValidationMethod='DNS',
IdempotencyToken=idgen.id_gen(size=32))
ret = res['CertificateArn']
print(f'[acm ]\trequest_cert result: {ret}')
return ret
def set_policy(bucket):
"""Set's the bucket policy."""
policy = '{"Version":"2012-10-17","Statement":[{"Sid":"PublicReadGetObject","Effect":"Allow","Principal":"*","Action":"s3:GetObject","Resource":"arn:aws:s3:::' + bucket + '/*"}]}'
try:
res = _get_conn(service='s3').put_bucket_policy(
Bucket=bucket, ConfirmRemoveSelfBucketAccess=False, Policy=policy)
print(f'[s3gen]\tset policy on {bucket}')
except Exception as err:
logging.error(err)
def find_cloudfront_distribution(domain):
ret = f'Something is very wrong here.....'
data = boto3.client('cloudfront').list_distributions()
for item in data['DistributionList']['Items']:
if item['Origins']['Items'][0]['Id'] == domain:
res = item['Id']
dist = _get_conn(service='cloudfront').get_distribution(Id=res)
ret = dist['Distribution']['DomainName']
print(f'[cfgen]\tfound distribution {ret} for {domain}')
return ret
def list_buckets(bucket):
try:
res = _get_conn(service='s3').list_buckets()
buckets = []
for b in res['Buckets']:
buckets.append(b['Name'].split('.')[0])
if bucket not in buckets:
create_bucket(bucket)
except Exception as err:
logging.error(err)
def get_certs(domain):
ret = False
req = _get_conn(service='acm', region='us-east-1').list_certificates()
for item in req['CertificateSummaryList']:
if item['DomainName'] == domain:
if item['CertificateArn']:
ret = item['CertificateArn']
else:
print('[acm ]\tfucking fix this')
return ret
def record_set_present(domain, record, region):
try:
for hosted_zone in _get_conn(
service='route53').list_hosted_zones()['HostedZones']:
if hosted_zone['Name'] == domain + '.':
hosted_zone_id = hosted_zone['Id'].split('/')[2]
print(f'[53gen]\tfound HostedZoneId: {hosted_zone_id}')
except Exception as err:
logging.error(f'Zone: {domain} not found in hosted zones.')
logging.error(f'error {err}')
try:
full_domain = f'{record}.{domain}'
logging.debug(f'domain: {full_domain}')
cloudfront_domain = cfgen.find_cloudfront_distribution(full_domain)
except Exception as err:
logging.error(f'error {err}')
try:
res = _get_conn(service='route53').change_resource_record_sets(
HostedZoneId=hosted_zone_id,
ChangeBatch={
'Comment':
f'RecordSet for {record}.{domain} with CloudFront',
'Changes': [{
'Action': 'UPSERT',
'ResourceRecordSet': {
'Name': f'{record}.{domain}',
'Type': 'CNAME',
'Region': region,
'SetIdentifier': 'SIMPLE',
'TTL': 60,
'ResourceRecords': [{
'Value': cloudfront_domain
}]
}
}]
})
print(
f'[53gen]\tcreated recordset for {record}.{domain} with {cloudfront_domain}'
)
except Exception as err:
logging.error(f'error {err}')
def create_bucket(bucket):
"""Creates the bucket, if not allready present"""
try:
# TODO: check if the bucket exists first
res = _get_conn(service='s3').create_bucket(
ACL='public-read',
Bucket=bucket,
CreateBucketConfiguration={'LocationConstraint': 'EU'})
print(f'[s3gen]\tcreated/updated {bucket}')
except Exception as err:
logging.debug(err)
def validate_certificate(fqdn, domain):
arn = get_certs(domain)
print(f'[acm ]\tARN to validate: {arn}')
data = _get_conn(
service='acm',
region='us-east-1').describe_certificate(CertificateArn=arn)
dns_name = data['Certificate']['DomainValidationOptions'][0][
'ResourceRecord']['Name']
dns_value = data['Certificate']['DomainValidationOptions'][0][
'ResourceRecord']['Value']
for hosted_zone in boto3.client(
'route53').list_hosted_zones()['HostedZones']:
if hosted_zone['Name'] == 'freyrsvin.nl.':
hosted_zone_id = hosted_zone['Id'].split('/')[2]
ret = boto3.client('route53').change_resource_record_sets(
HostedZoneId=hosted_zone_id,
ChangeBatch={
'Comment':
f'RecordSet for ACM Validation',
'Changes': [{
'Action': 'UPSERT',
'ResourceRecordSet': {
'Name': dns_name,
'Type': 'CNAME',
'TTL': 60,
'ResourceRecords': [{
'Value': dns_value
}]
}
}]
})
while _get_conn(service='acm', region='us-east-1').describe_certificate(
CertificateArn=arn
)['Certificate']['Status'] == 'PENDING_VALIDATION':
print(
f'The certificate for {domain} is pending validation, waiting...')
time.sleep(10)
return (ret)
def list_distributions(record):
"""Returns a boolean if the distribution is present"""
try:
print(f'[cfgen]\tfinding distribution for {record}')
ret = False
dists = _get_conn(service='cloudfront').list_distributions()
for dist in dists['DistributionList']['Items']:
origins = dist['Origins']['Items']
for origin in origins:
if record in origin['Id']:
print(f'[cfgen]\tfound distribution for {record}')
ret = True
return ret
except Exception as err:
logging.error(f'An error occured: {err}')
def set_website(bucket):
"""Turns the bucket into a static website."""
conn = _get_conn(service='s3')
try:
res = conn.put_bucket_website(Bucket=bucket,
WebsiteConfiguration={
'IndexDocument': {
'Suffix': 'index.html'
},
'ErrorDocument': {
'Key': 'error.html'
},
})
print(f'[s3gen]\tturned on Static Hosting for {bucket}')
except Exception as err:
logging.error(err)
def sync(bucket, output_dir):
try:
for item in os.listdir(output_dir):
if item.endswith('.css'):
content_type = 'text/css'
else:
content_type = magic.from_file(f'{output_dir}/{item}',
mime=True)
res = _get_conn(service='s3').put_object(
Body=open(output_dir + '/' + item, 'rb'),
Bucket=bucket,
Key=item,
ContentType=content_type,
)
print(f'[s3gen]\tsynced {item} to bucket: {bucket}')
except Exception as err:
logging.error(err)
