UNPKG

@limlabs/limo

Version:

Infrastructure as Code generator

83 lines (80 loc) 3.39 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
import * as pulumi from "@pulumi/pulumi"; <% if (networkType === 'public') { %> import { VpcPublic } from "../../components/vpc-public";<% } else { %> import * as awsx from "@pulumi/awsx"; import * as aws from "@pulumi/aws"; import { prefixed } from "../../utils/prefixed";<% } %><% if (networkType === 'private' && includeDb) { %> import { BastionEc2 } from "../../components/bastion-ec2";<% } %> import { LoadBalancerAlbPublic } from "../../components/lb-alb-public"; import { AppFargate } from "../../components/app-fargate"; import { CdnCloudFront } from "../../components/cdn-cloudfront";<% if (includeDb) { %> import { PostgresRdsCluster } from "../../components/db-postgres-rds";<% } %><% if (includeStorage !== 'none') { %> import { StorageS3 } from "../../components/storage-s3";<% } %> <% if (networkType === 'public') { %> const { vpc } = new VpcPublic;<% } else { %> const vpc = new awsx.ec2.Vpc(prefixed('Vpc'), { enableDnsHostnames: true, enableDnsSupport: true, });<% } %> const lb = new LoadBalancerAlbPublic('LoadBalancer', { vpc }); <% if (includeStorage !== 'none') { %> const storage = new StorageS3;<% } %><% if (includeDb) { %> const db = new PostgresRdsCluster('Database', { vpc, });<% } %> const cdn = new CdnCloudFront('CDN', { lb: lb.lb,<% if (includeStorage === 'public') { %> storage: storage.bucket,<% } %> staticSite: false, });<% if (networkType === 'private') { %> const appSecurityGroup = new aws.ec2.SecurityGroup('AppSecurityGroup', { vpcId: vpc.vpcId, ingress: [{ protocol: 'tcp', fromPort: <%= port !== 'unknown' ? port : 3000 %>, toPort: <%= port !== 'unknown' ? port : 3000 %>, securityGroups: lb.lb.defaultSecurityGroup.apply(sg => [sg.id]), }], egress: [{ protocol: 'tcp', fromPort: 0, toPort: 65535, cidrBlocks: ["0.0.0.0/0"], }], }); new aws.ec2.SecurityGroupRule('PostgresAllowAppIngress', { securityGroupId: db.securityGroups[0]!.id, type: 'ingress', protocol: 'tcp', fromPort: 5432, toPort: 5432, sourceSecurityGroupId: appSecurityGroup.id, }); <% } %> const app = new AppFargate('App', { vpc, loadBalancer: lb.lb, cdnHostname: cdn.distribution.domainName,<% if (networkType === 'private') { %> subnetIds: vpc.privateSubnetIds,<% } %><% if (includeDb) { %> connectionStringSecret: db.connectionStringSecret, <% } %><% if (includeStorage !== 'none') { %> storage: storage.bucket,<% } %><% if (networkType === 'private') { %> securityGroups: [appSecurityGroup],<% }%><% if (port !== 'unknown') { %> taskDefinitionArgs: { container: { portMappings: [{ containerPort: <%= port %>, hostPort: <%= port %> }], }, },<% } %> }); <% if (networkType === 'private' && includeDb) { %> const bastion = new BastionEc2('Bastion', { vpc, securityGroups: [appSecurityGroup], });<% } %> export const vpcId = vpc.vpcId; export const service = app.service.service.name; export const cdnHostname = pulumi.interpolate`https://${cdn.distribution.domainName}`;<% if (includeStorage !== 'none') { %> export const objectStorageBucket = storage.bucket.bucket;<% } %><% if (includeDb) { %> export const dbCluster = db.dbCluster.clusterIdentifier; export const dbSecret = db.connectionStringSecret.arn;<% } %><% if (networkType === 'private' && includeDb) { %> export const bastionInstanceId = bastion.instance.id; export const dbEndpoint = db.dbCluster.endpoint;<% } %>