-
Notifications
You must be signed in to change notification settings - Fork 1
/
Makefile
103 lines (94 loc) · 4.83 KB
/
Makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# These variables need to be changed
STACKNAME_BASE="s3-staticsite-multiregion"
PRIMARY_REGION="ca-central-1"
STANDBY_REGION="us-west-2"
PRIMARY_URL="static-site.jolexa.us"
STANDBY_URL="static-site-standby.jolexa.us"
DOMAIN="jolexa.us"
ZONE="$(DOMAIN)."
# This below won't work for all domains, YMMV
ADMINCONTACTEMAIL=$(shell whois $(DOMAIN) | grep 'Tech.*Email'| grep -o '[a-zA-Z+-\.]*@.*')
BUCKET_US_EAST1="s3-staticsite-multiregion-artifacts" # This has to be created out of band
# These are helper variables
PRIMARY_STACKNAME="$(STACKNAME_BASE)-primary"
STANDBY_STACKNAME="$(STACKNAME_BASE)-standby"
deploy-all: deploy-standby deploy-primary
deploy-standby-infra: deploy-acm
aws cloudformation deploy \
--template-file standby-region-infra.yml \
--stack-name $(STANDBY_STACKNAME)-infra \
--region $(STANDBY_REGION) \
--parameter-overrides "ACMCertArn=$(shell scripts/find-cfn-output-value.py --region us-east-1 --stack-name $(STACKNAME_BASE)-acm-certs --output-key ACMCertArn)" \
"ZoneName=$(ZONE)" \
"SiteURL=$(STANDBY_URL)" \
"USEast1Bucket=$(BUCKET_US_EAST1)" \
--capabilities CAPABILITY_IAM || exit 0
deploy-standby: deploy-standby-infra
# Cloudwatch alarms for route53 healthchecks MUST be in us-east-1
# It is easiest, though not impossible to do otherwise, to put the lambda in
# the same region as the SNS topic
aws cloudformation deploy \
--template-file standby-region-alarms.yml \
--stack-name $(STANDBY_STACKNAME)-alarms \
--region us-east-1 \
--parameter-overrides "StandbyHealthCheckId=$(shell scripts/find-cfn-output-value.py --region $(STANDBY_REGION) --output-key StandbyHealthCheckId --stack-name $(STANDBY_STACKNAME)-infra)" \
"CloudFrontDistributionDomainName=$(shell scripts/find-cfn-output-value.py --region $(STANDBY_REGION) --output-key CloudFrontDistributionDomainName --stack-name $(STANDBY_STACKNAME)-infra)" \
"HostedZoneName=$(ZONE)" \
"PrimaryUrl=$(PRIMARY_URL)" \
"StandbyUrl=$(STANDBY_URL)" \
"MyInfraStackName=$(STANDBY_STACKNAME)-infra" \
"MyInfraStackRegion=$(STANDBY_REGION)" \
"OtherInfraStackName=$(PRIMARY_STACKNAME)-infra" \
"OtherInfraStackRegion=$(PRIMARY_REGION)" \
"DeploymentBucket=$(BUCKET_US_EAST1)" \
"AdminContactEmail=$(ADMINCONTACTEMAIL)" \
--capabilities CAPABILITY_IAM || exit 0
prep:
aws s3 cp --acl public-read ./nested-route53.yml s3://$(BUCKET_US_EAST1)
cd lambda && zip -r9 /tmp/deployment.zip main.py && \
aws s3 cp --region us-east-1 /tmp/deployment.zip s3://$(BUCKET_US_EAST1) && \
rm -f /tmp/deployment.zip
deploy-acm: prep
# HACK: ACM Must be in us-east-1 for CloudFront distros
aws cloudformation deploy \
--template-file acm-certs.yml \
--stack-name $(STACKNAME_BASE)-acm-certs \
--region us-east-1 \
--parameter-overrides "ACMUrl=$(PRIMARY_URL)" \
--capabilities CAPABILITY_IAM || exit 0
deploy-primary-infra: deploy-acm
aws cloudformation deploy \
--template-file primary-region-infra.yml \
--stack-name $(PRIMARY_STACKNAME)-infra \
--region $(PRIMARY_REGION) \
--parameter-overrides "StandbyReplBucketArn=$(shell scripts/find-cfn-output-value.py --region $(STANDBY_REGION) --output-key StandbyReplBucketArn --stack-name $(STANDBY_STACKNAME)-infra)" \
"ACMCertArn=$(shell scripts/find-cfn-output-value.py --region us-east-1 --stack-name $(STACKNAME_BASE)-acm-certs --output-key ACMCertArn)" \
"SiteURL=$(PRIMARY_URL)" \
"ZoneName=$(ZONE)" \
"USEast1Bucket=$(BUCKET_US_EAST1)" \
--capabilities CAPABILITY_IAM || exit 0
deploy-primary: deploy-primary-infra
# Cloudwatch alarms for route53 healthchecks MUST be in us-east-1
# This is starting to smell like a SPOF
# It is easiest, though not impossible to do otherwise, to put the lambda in
# the same region as the SNS topic
aws cloudformation deploy \
--template-file primary-region-alarms.yml \
--stack-name $(PRIMARY_STACKNAME)-alarms \
--region us-east-1 \
--parameter-overrides "PrimaryHealthCheckId=$(shell scripts/find-cfn-output-value.py --region $(PRIMARY_REGION) --output-key PrimaryHealthCheckId --stack-name $(PRIMARY_STACKNAME)-infra)" \
"CloudFrontDistributionDomainName=$(shell scripts/find-cfn-output-value.py --region $(PRIMARY_REGION) --output-key CloudFrontDistributionDomainName --stack-name $(PRIMARY_STACKNAME)-infra)" \
"HostedZoneName=$(ZONE)" \
"PrimaryUrl=$(PRIMARY_URL)" \
"StandbyUrl=$(STANDBY_URL)" \
"MyInfraStackName=$(PRIMARY_STACKNAME)-infra" \
"MyInfraStackRegion=$(PRIMARY_REGION)" \
"OtherInfraStackName=$(STANDBY_STACKNAME)-infra" \
"OtherInfraStackRegion=$(STANDBY_REGION)" \
"DeploymentBucket=$(BUCKET_US_EAST1)" \
"AdminContactEmail=$(ADMINCONTACTEMAIL)" \
--capabilities CAPABILITY_IAM || exit 0
push-html-primary-bucket:
aws s3 sync --sse --acl public-read html/ \
s3://$(shell scripts/find-cfn-output-value.py --region $(PRIMARY_REGION) --output-key PrimaryS3BucketName --stack-name $(PRIMARY_STACKNAME)-infra)/
scripts/invalidate-all.py $(PRIMARY_URL)