serverless.yml

service: hackingstudio-code4maus

provider:
  name: aws
  runtime: nodejs16.x
  region: eu-central-1
  role: 'arn:aws:iam::#{AWS::AccountId}:role/hackingstudio/code4maus/hackingstudio-code4maus-functions'
  stage: ${file(scripts/env.js):stage}
  deploymentBucket:
    skipPolicySetup: true
  environment:
    S3_BUCKET_PROJECTS: ${self:custom.projectBucketName}
    ASSET_BASEURL: ${self:custom.baseUrl}
    API_HOST: ${self:custom.baseUrl}

functions:
  prepareAssetUpload:
    handler: src/backend/prepareAssetUpload.handler
    events:
      - http:
          path: api/prepareAssetUpload
          method: POST

  saveProject:
    handler: src/backend/saveProject.handler
    events:
      - http:
          path: api/saveProject
          method: POST

  saveShareResult:
    handler: src/backend/prepareShareResult.handler
    events:
      - http:
          path: api/prepareShareResult
          method: POST

resources:
  Resources:
    AppBucket:
      Type: 'AWS::S3::Bucket'
      Properties:
        AccessControl: Private
        PublicAccessBlockConfiguration:
          BlockPublicPolicy: false
          RestrictPublicBuckets: false
        BucketName: ${self:custom.appBucketName}
        WebsiteConfiguration:
          IndexDocument: index.html
          ErrorDocument: index.html

    ProjectBucket:
      Type: 'AWS::S3::Bucket'
      Properties:
        AccessControl: Private
        PublicAccessBlockConfiguration:
          BlockPublicPolicy: false
          RestrictPublicBuckets: false
        BucketName: ${self:custom.projectBucketName}
        CorsConfiguration:
          CorsRules:
            - AllowedHeaders: ['content-type']
              AllowedMethods: [PUT]
              AllowedOrigins: ['https://${file(scripts/env.js):baseDomain}']
              Id: myCORSRuleId1
              MaxAge: '1800'

    EntrypointDistribution:
      Type: AWS::CloudFront::Distribution
      Properties:
        DistributionConfig:
          Aliases:
            - ${file(scripts/env.js):baseDomain}
          Comment: 'Code4Maus ${file(scripts/env.js):stage}'
          Enabled: true
          PriceClass: PriceClass_100
          CacheBehaviors:
            - TargetOriginId: S3-${self:custom.projectBucketName}
              PathPattern: data/*
              ViewerProtocolPolicy: redirect-to-https
              MinTTL: 0
              AllowedMethods:
                - HEAD
                - DELETE
                - POST
                - GET
                - OPTIONS
                - PUT
                - PATCH
              CachedMethods:
                - HEAD
                - GET
              ForwardedValues:
                QueryString: false
              Compress: true
            - TargetOriginId: Custom-hackingstudio-code4maus-api-${file(scripts/env.js):stage}
              PathPattern: api/*
              ViewerProtocolPolicy: redirect-to-https
              MinTTL: 0
              AllowedMethods:
                - HEAD
                - DELETE
                - POST
                - GET
                - OPTIONS
                - PUT
                - PATCH
              CachedMethods:
                - HEAD
                - GET
              ForwardedValues:
                QueryString: true
          DefaultCacheBehavior:
            TargetOriginId: S3-${self:custom.appBucketName}
            ViewerProtocolPolicy: redirect-to-https
            MinTTL: 0
            AllowedMethods:
              - HEAD
              - GET
            CachedMethods:
              - HEAD
              - GET
            ForwardedValues:
              QueryString: false
            Compress: true
          Origins:
            - DomainName: ${self:custom.appBucketName}.s3-website.eu-central-1.amazonaws.com
              Id: S3-${self:custom.appBucketName}
              CustomOriginConfig:
                HTTPPort: '80'
                HTTPSPort: '443'
                OriginProtocolPolicy: http-only
            - DomainName: ${self:custom.projectBucketName}.s3.amazonaws.com
              Id: S3-${self:custom.projectBucketName}
              S3OriginConfig: {}
            - DomainName:
                Fn::Join:
                  - ''
                  - - Ref: 'ApiGatewayRestApi'
                    - '.execute-api.${self:provider.region}.amazonaws.com'
              Id: Custom-hackingstudio-code4maus-api-${file(scripts/env.js):stage}
              OriginPath: '/${file(scripts/env.js):stage}'
              CustomOriginConfig:
                HTTPPort: '80'
                HTTPSPort: '443'
                OriginProtocolPolicy: https-only
          Restrictions:
            GeoRestriction:
              RestrictionType: none
              Locations: []
          ViewerCertificate:
            SslSupportMethod: sni-only
            MinimumProtocolVersion: TLSv1.1_2016
            AcmCertificateArn: ${file(scripts/env.js):certArn}
          CustomErrorResponses:
            - ErrorCachingMinTTL: 0
              ErrorCode: 404
              ResponseCode: 200
              ResponsePagePath: /
    EntrypointDNSRecord:
      Type: AWS::Route53::RecordSet
      Properties:
        HostedZoneId: ${file(scripts/env.js):hostedZone}
        Name: ${file(scripts/env.js):baseDomain}.
        Type: A
        AliasTarget:
          DNSName:
            Fn::GetAtt:
              - EntrypointDistribution
              - DomainName
          HostedZoneId: Z2FDTNDATAQYW2

plugins:
  - serverless-offline
  - serverless-pseudo-parameters
  - serverless-webpack
  - serverless-dotenv-plugin

custom:
  appBucketName: ${self:service}-app-${file(scripts/env.js):stage}
  projectBucketName: ${self:service}-projects-${file(scripts/env.js):bucketSuffix}
  baseUrl: https://${file(scripts/env.js):baseDomain}
  dotenv:
    path: .env.backend
  webpack:
    webpackConfig: 'webpack.backend.js'
    packager: 'yarn'
    includeModules:
      forceExclude:
        - aws-sdk