Jackie/rentall-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

infrastructure with aws cdk

Browse Source
This commit is contained in:
jackiettran
2026-01-21 14:18:07 -05:00
parent 28554acc2d
commit 0136b74ee0
6 changed files with 1049 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
infrastructure/cdk/bin/app.ts
View File

@@ -4,11 +4,20 @@ import * as cdk from "aws-cdk-lib";
import { ConditionCheckLambdaStack } from "../lib/condition-check-lambda-stack";
import { ImageProcessorLambdaStack } from "../lib/image-processor-lambda-stack";
import { VpcStack } from "../lib/vpc-stack";
import { CertificateStack } from "../lib/certificate-stack";
import { SecretsStack } from "../lib/secrets-stack";
import { EcrStack } from "../lib/ecr-stack";
import { RdsStack } from "../lib/rds-stack";
import { EcsServiceStack } from "../lib/ecs-service-stack";
const app = new cdk.App();
// Get environment from context or default to staging
const environment = app.node.tryGetContext("env") || "staging";
// Get environment from context or default to dev
const environment = app.node.tryGetContext("env") || "dev";
// Get context variables for deployment configuration
const allowedIp = app.node.tryGetContext("allowedIp"); // e.g., "1.2.3.4/32"
const domainName = app.node.tryGetContext("domainName") || "village-share.com";
// Environment-specific configurations
const envConfig: Record<
@@ -19,26 +28,46 @@ const envConfig: Record<
sesFromEmail: string;
emailEnabled: boolean;
natGateways: number;
subdomain: string;
dbInstanceType: "micro" | "small" | "medium";
multiAz: boolean;
}
> = {
dev: {
databaseUrl:
process.env.DATABASE_URL ||
"postgresql://user:password@localhost:5432/rentall_dev",
frontendUrl: `https://dev.${domainName}`,
sesFromEmail: `noreply@${domainName}`,
emailEnabled: false, // Disable emails in dev
natGateways: 1,
subdomain: "dev",
dbInstanceType: "micro",
multiAz: false,
},
staging: {
// These should be passed via CDK context or SSM parameters in production
databaseUrl:
process.env.DATABASE_URL ||
"postgresql://user:password@localhost:5432/rentall_staging",
frontendUrl: "https://staging.villageshare.app",
sesFromEmail: "noreply@villageshare.app",
frontendUrl: `https://staging.${domainName}`,
sesFromEmail: `noreply@${domainName}`,
emailEnabled: true,
natGateways: 1, // Single NAT gateway for cost optimization in staging
natGateways: 1,
subdomain: "staging",
dbInstanceType: "micro",
multiAz: false,
},
prod: {
databaseUrl:
process.env.DATABASE_URL ||
"postgresql://user:password@localhost:5432/rentall_prod",
frontendUrl: "https://villageshare.app",
sesFromEmail: "noreply@villageshare.app",
frontendUrl: `https://${domainName}`,
sesFromEmail: `noreply@${domainName}`,
emailEnabled: true,
natGateways: 2, // Multi-AZ NAT gateways for high availability in production
natGateways: 2, // Multi-AZ NAT gateways for high availability
subdomain: "", // No subdomain for prod
dbInstanceType: "small",
multiAz: true,
},
};
@@ -55,7 +84,30 @@ const envProps = {
},
};
// Create the VPC stack first (other stacks depend on it)
// Common tags for all stacks
const commonTags = {
Environment: environment,
Project: "village-share",
ManagedBy: "cdk",
};
// ============================================================================
// Certificate Stack (Shared across environments)
// Deploy this once and validate DNS before deploying other stacks
// ============================================================================
const certificateStack = new CertificateStack(app, "CertificateStack", {
domainName,
...envProps,
description: `ACM wildcard certificate for ${domainName}`,
tags: {
...commonTags,
Service: "certificate",
},
});
// ============================================================================
// VPC Stack
// ============================================================================
const vpcStack = new VpcStack(app, `VpcStack-${environment}`, {
environment,
natGateways: config.natGateways,
@@ -63,13 +115,102 @@ const vpcStack = new VpcStack(app, `VpcStack-${environment}`, {
...envProps,
description: `VPC infrastructure with private subnets and VPC endpoints (${environment})`,
tags: {
Environment: environment,
Project: "village-share",
...commonTags,
Service: "networking",
},
});
// Create the Condition Check Lambda stack
// ============================================================================
// Secrets Stack
// ============================================================================
const secretsStack = new SecretsStack(app, `SecretsStack-${environment}`, {
environment,
...envProps,
description: `Secrets Manager secrets for database and application (${environment})`,
tags: {
...commonTags,
Service: "secrets",
},
});
// ============================================================================
// ECR Stack
// ============================================================================
const ecrStack = new EcrStack(app, `EcrStack-${environment}`, {
environment,
...envProps,
description: `ECR repositories for Docker images (${environment})`,
tags: {
...commonTags,
Service: "ecr",
},
});
// ============================================================================
// RDS Stack
// ============================================================================
const rdsStack = new RdsStack(app, `RdsStack-${environment}`, {
environment,
vpc: vpcStack.vpc,
databaseSecret: secretsStack.databaseSecret,
databaseName: "rentall",
multiAz: config.multiAz,
...envProps,
description: `RDS PostgreSQL database (${environment})`,
tags: {
...commonTags,
Service: "database",
},
});
// RDS depends on VPC and Secrets
rdsStack.addDependency(vpcStack);
rdsStack.addDependency(secretsStack);
// ============================================================================
// ECS Service Stack
// ============================================================================
const fullDomainName = config.subdomain
? `${config.subdomain}.${domainName}`
: domainName;
const ecsServiceStack = new EcsServiceStack(
app,
`EcsServiceStack-${environment}`,
{
environment,
vpc: vpcStack.vpc,
certificate: certificateStack.certificate,
backendRepository: ecrStack.backendRepository,
frontendRepository: ecrStack.frontendRepository,
databaseSecret: secretsStack.databaseSecret,
appSecret: secretsStack.appSecret,
databaseSecurityGroup: rdsStack.databaseSecurityGroup,
dbEndpoint: rdsStack.dbEndpoint,
dbPort: rdsStack.dbPort,
dbName: "rentall",
domainName: fullDomainName,
allowedIp: environment === "dev" ? allowedIp : undefined, // Only restrict in dev
frontendUrl: config.frontendUrl,
...envProps,
description: `ECS Fargate services with ALB (${environment})`,
tags: {
...commonTags,
Service: "ecs",
},
}
);
// ECS depends on VPC, Certificate, ECR, Secrets, and RDS
ecsServiceStack.addDependency(vpcStack);
ecsServiceStack.addDependency(certificateStack);
ecsServiceStack.addDependency(ecrStack);
ecsServiceStack.addDependency(secretsStack);
ecsServiceStack.addDependency(rdsStack);
// ============================================================================
// Lambda Stacks (existing)
// ============================================================================
const conditionCheckStack = new ConditionCheckLambdaStack(
app,
`ConditionCheckLambdaStack-${environment}`,
@@ -84,17 +225,14 @@ const conditionCheckStack = new ConditionCheckLambdaStack(
...envProps,
description: `Condition Check Reminder Lambda infrastructure (${environment})`,
tags: {
Environment: environment,
Project: "village-share",
...commonTags,
Service: "condition-check-reminder",
},
}
);
// Add dependency on VPC stack
conditionCheckStack.addDependency(vpcStack);
// Create the Image Processor Lambda stack
const imageProcessorStack = new ImageProcessorLambdaStack(
app,
`ImageProcessorLambdaStack-${environment}`,
@@ -107,12 +245,10 @@ const imageProcessorStack = new ImageProcessorLambdaStack(
...envProps,
description: `Image Processor Lambda infrastructure (${environment})`,
tags: {
Environment: environment,
Project: "village-share",
...commonTags,
Service: "image-processor",
},
}
);
// Add dependency on VPC stack
imageProcessorStack.addDependency(vpcStack);