def create_distribution(data): try: print('[cfgen]\tcreating distribution') _get_conn(service='cloudfront').create_distribution_with_tags( DistributionConfigWithTags=data) print('[cfgen]\tdistribution created with data set') except Exception as err: logging.error(f'An error occured: {err}')
def request_cert(domain): res = _get_conn(service='acm', region='us-east-1').request_certificate( DomainName=domain, ValidationMethod='DNS', IdempotencyToken=idgen.id_gen(size=32)) ret = res['CertificateArn'] print(f'[acm ]\trequest_cert result: {ret}') return ret
def set_policy(bucket): """Set's the bucket policy.""" policy = '{"Version":"2012-10-17","Statement":[{"Sid":"PublicReadGetObject","Effect":"Allow","Principal":"*","Action":"s3:GetObject","Resource":"arn:aws:s3:::' + bucket + '/*"}]}' try: res = _get_conn(service='s3').put_bucket_policy( Bucket=bucket, ConfirmRemoveSelfBucketAccess=False, Policy=policy) print(f'[s3gen]\tset policy on {bucket}') except Exception as err: logging.error(err)
def find_cloudfront_distribution(domain): ret = f'Something is very wrong here.....' data = boto3.client('cloudfront').list_distributions() for item in data['DistributionList']['Items']: if item['Origins']['Items'][0]['Id'] == domain: res = item['Id'] dist = _get_conn(service='cloudfront').get_distribution(Id=res) ret = dist['Distribution']['DomainName'] print(f'[cfgen]\tfound distribution {ret} for {domain}') return ret
def list_buckets(bucket): try: res = _get_conn(service='s3').list_buckets() buckets = [] for b in res['Buckets']: buckets.append(b['Name'].split('.')[0]) if bucket not in buckets: create_bucket(bucket) except Exception as err: logging.error(err)
def get_certs(domain): ret = False req = _get_conn(service='acm', region='us-east-1').list_certificates() for item in req['CertificateSummaryList']: if item['DomainName'] == domain: if item['CertificateArn']: ret = item['CertificateArn'] else: print('[acm ]\tfucking fix this') return ret
def record_set_present(domain, record, region): try: for hosted_zone in _get_conn( service='route53').list_hosted_zones()['HostedZones']: if hosted_zone['Name'] == domain + '.': hosted_zone_id = hosted_zone['Id'].split('/')[2] print(f'[53gen]\tfound HostedZoneId: {hosted_zone_id}') except Exception as err: logging.error(f'Zone: {domain} not found in hosted zones.') logging.error(f'error {err}') try: full_domain = f'{record}.{domain}' logging.debug(f'domain: {full_domain}') cloudfront_domain = cfgen.find_cloudfront_distribution(full_domain) except Exception as err: logging.error(f'error {err}') try: res = _get_conn(service='route53').change_resource_record_sets( HostedZoneId=hosted_zone_id, ChangeBatch={ 'Comment': f'RecordSet for {record}.{domain} with CloudFront', 'Changes': [{ 'Action': 'UPSERT', 'ResourceRecordSet': { 'Name': f'{record}.{domain}', 'Type': 'CNAME', 'Region': region, 'SetIdentifier': 'SIMPLE', 'TTL': 60, 'ResourceRecords': [{ 'Value': cloudfront_domain }] } }] }) print( f'[53gen]\tcreated recordset for {record}.{domain} with {cloudfront_domain}' ) except Exception as err: logging.error(f'error {err}')
def create_bucket(bucket): """Creates the bucket, if not allready present""" try: # TODO: check if the bucket exists first res = _get_conn(service='s3').create_bucket( ACL='public-read', Bucket=bucket, CreateBucketConfiguration={'LocationConstraint': 'EU'}) print(f'[s3gen]\tcreated/updated {bucket}') except Exception as err: logging.debug(err)
def validate_certificate(fqdn, domain): arn = get_certs(domain) print(f'[acm ]\tARN to validate: {arn}') data = _get_conn( service='acm', region='us-east-1').describe_certificate(CertificateArn=arn) dns_name = data['Certificate']['DomainValidationOptions'][0][ 'ResourceRecord']['Name'] dns_value = data['Certificate']['DomainValidationOptions'][0][ 'ResourceRecord']['Value'] for hosted_zone in boto3.client( 'route53').list_hosted_zones()['HostedZones']: if hosted_zone['Name'] == 'freyrsvin.nl.': hosted_zone_id = hosted_zone['Id'].split('/')[2] ret = boto3.client('route53').change_resource_record_sets( HostedZoneId=hosted_zone_id, ChangeBatch={ 'Comment': f'RecordSet for ACM Validation', 'Changes': [{ 'Action': 'UPSERT', 'ResourceRecordSet': { 'Name': dns_name, 'Type': 'CNAME', 'TTL': 60, 'ResourceRecords': [{ 'Value': dns_value }] } }] }) while _get_conn(service='acm', region='us-east-1').describe_certificate( CertificateArn=arn )['Certificate']['Status'] == 'PENDING_VALIDATION': print( f'The certificate for {domain} is pending validation, waiting...') time.sleep(10) return (ret)
def list_distributions(record): """Returns a boolean if the distribution is present""" try: print(f'[cfgen]\tfinding distribution for {record}') ret = False dists = _get_conn(service='cloudfront').list_distributions() for dist in dists['DistributionList']['Items']: origins = dist['Origins']['Items'] for origin in origins: if record in origin['Id']: print(f'[cfgen]\tfound distribution for {record}') ret = True return ret except Exception as err: logging.error(f'An error occured: {err}')
def set_website(bucket): """Turns the bucket into a static website.""" conn = _get_conn(service='s3') try: res = conn.put_bucket_website(Bucket=bucket, WebsiteConfiguration={ 'IndexDocument': { 'Suffix': 'index.html' }, 'ErrorDocument': { 'Key': 'error.html' }, }) print(f'[s3gen]\tturned on Static Hosting for {bucket}') except Exception as err: logging.error(err)
def sync(bucket, output_dir): try: for item in os.listdir(output_dir): if item.endswith('.css'): content_type = 'text/css' else: content_type = magic.from_file(f'{output_dir}/{item}', mime=True) res = _get_conn(service='s3').put_object( Body=open(output_dir + '/' + item, 'rb'), Bucket=bucket, Key=item, ContentType=content_type, ) print(f'[s3gen]\tsynced {item} to bucket: {bucket}') except Exception as err: logging.error(err)