Spaces:

opendigital
/

agent-flow

Running

agent-flow / scripts /aws /lib /construct /frontend.ts

Tai Truong

fix readme

d202ada 11 months ago

4.29 kB

	import { Stack, Duration, RemovalPolicy, CfnOutput } from 'aws-cdk-lib';
	import { Construct } from 'constructs';
	import {
	aws_ec2 as ec2,
	aws_ecs as ecs,
	aws_s3 as s3,
	aws_iam as iam,
	aws_logs as logs,
	aws_elasticloadbalancingv2 as elb,
	aws_cloudfront as cloudfront,
	aws_cloudfront_origins as origins,
	aws_s3_deployment as s3_deployment
	} from 'aws-cdk-lib';
	import { CloudFrontToS3 } from '@aws-solutions-constructs/aws-cloudfront-s3';
	import { CfnDistribution, Distribution } from 'aws-cdk-lib/aws-cloudfront';
	import { NodejsBuild } from 'deploy-time-build';

	interface WebProps {
	cluster:ecs.Cluster
	alb:elb.IApplicationLoadBalancer;
	albSG:ec2.SecurityGroup;
	}

	export class Web extends Construct {
	readonly distribution;
	constructor(scope: Construct, id: string, props:WebProps) {
	super(scope, id)

	const commonBucketProps: s3.BucketProps = {
	blockPublicAccess: s3.BlockPublicAccess.BLOCK_ALL,
	encryption: s3.BucketEncryption.S3_MANAGED,
	autoDeleteObjects: true,
	removalPolicy: RemovalPolicy.DESTROY,
	objectOwnership: s3.ObjectOwnership.OBJECT_WRITER,
	enforceSSL: true,
	};

	// CDKにて静的WebサイトをホストするためのAmazon S3バケットを作成
	const websiteBucket = new s3.Bucket(this, 'LangflowWebsiteBucket', commonBucketProps);

	const originAccessIdentity = new cloudfront.OriginAccessIdentity(
	this,
	'OriginAccessIdentity',
	{
	comment: 'langflow-distribution-originAccessIdentity',
	}
	);

	const webSiteBucketPolicyStatement = new iam.PolicyStatement({
	actions: ['s3:GetObject'],
	effect: iam.Effect.ALLOW,
	principals: [
	new iam.CanonicalUserPrincipal(
	originAccessIdentity.cloudFrontOriginAccessIdentityS3CanonicalUserId
	),
	],
	resources: [`${websiteBucket.bucketArn}/*`],
	});

	websiteBucket.addToResourcePolicy(webSiteBucketPolicyStatement);
	websiteBucket.grantRead(originAccessIdentity);

	const s3SpaOrigin = new origins.S3Origin(websiteBucket);
	const ApiSpaOrigin = new origins.LoadBalancerV2Origin(props.alb,{
	protocolPolicy: cloudfront.OriginProtocolPolicy.HTTP_ONLY
	});

	const albBehaviorOptions = {
	origin: ApiSpaOrigin,
	allowedMethods: cloudfront.AllowedMethods.ALLOW_ALL,

	viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.ALLOW_ALL,
	cachePolicy: cloudfront.CachePolicy.CACHING_DISABLED,
	originRequestPolicy: cloudfront.OriginRequestPolicy.ALL_VIEWER_EXCEPT_HOST_HEADER
	}

	const cloudFrontWebDistribution = new cloudfront.Distribution(this, 'distribution', {
	comment: 'langflow-distribution',
	defaultRootObject: 'index.html',
	errorResponses: [
	{
	httpStatus: 403,
	responseHttpStatus: 200,
	responsePagePath: '/index.html',
	},
	{
	httpStatus: 404,
	responseHttpStatus: 200,
	responsePagePath: '/index.html',
	},
	],
	defaultBehavior: { origin: s3SpaOrigin },
	additionalBehaviors: {
	'/api/v1/*': albBehaviorOptions,
	'/health' : albBehaviorOptions,
	},
	enableLogging: true, // ログ出力設定
	logBucket: new s3.Bucket(this, 'LogBucket',commonBucketProps),
	logFilePrefix: 'distribution-access-logs/',
	logIncludesCookies: true,
	});
	this.distribution = cloudFrontWebDistribution;


	new NodejsBuild(this, 'BuildFrontEnd', {
	assets: [
	{
	path: '../../src/frontend',
	exclude: [
	'.git',
	'.github',
	'.gitignore',
	'.prettierignore',
	'build',
	'node_modules'
	],
	},
	],
	nodejsVersion:20,
	destinationBucket: websiteBucket,
	distribution: cloudFrontWebDistribution,
	outputSourceDirectory: 'build',
	buildCommands: ['npm install', 'npm run build'],
	buildEnvironment: {
	// VITE_AXIOS_BASE_URL: `https://${this.distribution.domainName}`
	},
	});

	// distribution から backendへのinbound 許可
	const alb_listen_port=80
	props.albSG.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(alb_listen_port))
	const alb_listen_port_443=443
	props.albSG.addIngressRule(ec2.Peer.anyIpv4(), ec2.Port.tcp(alb_listen_port_443))


	new CfnOutput(this, 'URL', {
	value: `https://${this.distribution.domainName}`,
	});
	}

	}