mirror of
https://github.com/Luzifer/share.git
synced 2024-12-20 18:41:17 +00:00
130 lines
3.3 KiB
YAML
130 lines
3.3 KiB
YAML
|
---
|
||
|
|
||
|
AWSTemplateFormatVersion: "2010-09-09"
|
||
|
Description: Sharing objects through S3
|
||
|
|
||
|
Mappings:
|
||
|
RegionMap:
|
||
|
us-east-1:
|
||
|
S3HostedZoneId: Z3AQBSTGFYJSTF
|
||
|
S3WebsiteEndpoint: s3-website-us-east-1.amazonaws.com
|
||
|
us-west-1:
|
||
|
S3HostedZoneId: Z2F56UZL2M1ACD
|
||
|
S3WebsiteEndpoint: s3-website-us-west-1.amazonaws.com
|
||
|
us-west-2:
|
||
|
S3HostedZoneId: Z3BJ6K6RIION7M
|
||
|
S3WebsiteEndpoint: s3-website-us-west-2.amazonaws.com
|
||
|
eu-west-1:
|
||
|
S3HostedZoneId: Z1BKCTXD74EZPE
|
||
|
S3WebsiteEndpoint: s3-website-eu-west-1.amazonaws.com
|
||
|
ap-southeast-1:
|
||
|
S3HostedZoneId: Z3O0J2DXBE1FTB
|
||
|
S3WebsiteEndpoint: s3-website-ap-southeast-1.amazonaws.com
|
||
|
ap-southeast-2:
|
||
|
S3HostedZoneId: Z1WCIGYICN2BYD
|
||
|
S3WebsiteEndpoint: s3-website-ap-southeast-2.amazonaws.com
|
||
|
ap-northeast-1:
|
||
|
S3HostedZoneId: Z2M4EHUR26P7ZW
|
||
|
S3WebsiteEndpoint: s3-website-ap-northeast-1.amazonaws.com
|
||
|
sa-east-1:
|
||
|
S3HostedZoneId: Z31GFT0UA1I2HV
|
||
|
S3WebsiteEndpoint: s3-website-sa-east-1.amazonaws.com
|
||
|
|
||
|
Outputs:
|
||
|
BucketName:
|
||
|
Value:
|
||
|
Ref: S3Bucket
|
||
|
Description: S3 Bucket for share.luzifer.io
|
||
|
CFDistribution:
|
||
|
Value:
|
||
|
Fn::GetAtt:
|
||
|
- CFDistribution
|
||
|
- DomainName
|
||
|
Description: DNS Name for CF Distribution
|
||
|
|
||
|
Resources:
|
||
|
S3Bucket:
|
||
|
Type: AWS::S3::Bucket
|
||
|
Properties:
|
||
|
AccessControl: PublicRead
|
||
|
LifecycleConfiguration:
|
||
|
Rules:
|
||
|
- AbortIncompleteMultipartUpload:
|
||
|
DaysAfterInitiation: 7
|
||
|
ExpirationInDays: 90
|
||
|
Prefix: file/
|
||
|
Status: Enabled
|
||
|
WebsiteConfiguration:
|
||
|
IndexDocument: index.html
|
||
|
ErrorDocument: error.html
|
||
|
|
||
|
BucketPolicy:
|
||
|
Type: AWS::S3::BucketPolicy
|
||
|
Properties:
|
||
|
Bucket:
|
||
|
Ref: S3Bucket
|
||
|
PolicyDocument:
|
||
|
Statement:
|
||
|
- Sid: PublicReadForGetBucketObjects
|
||
|
Effect: Allow
|
||
|
Principal: '*'
|
||
|
Action: s3:GetObject
|
||
|
Resource:
|
||
|
Fn::Join:
|
||
|
- ''
|
||
|
- - 'arn:aws:s3:::'
|
||
|
- Ref: S3Bucket
|
||
|
- '/*'
|
||
|
|
||
|
|
||
|
CFDistribution:
|
||
|
Type: AWS::CloudFront::Distribution
|
||
|
Properties:
|
||
|
DistributionConfig:
|
||
|
Aliases:
|
||
|
- share.luzifer.io
|
||
|
DefaultCacheBehavior:
|
||
|
AllowedMethods:
|
||
|
- GET
|
||
|
- HEAD
|
||
|
Compress: true
|
||
|
TargetOriginId: S3Origin
|
||
|
ForwardedValues:
|
||
|
QueryString: false
|
||
|
Cookies:
|
||
|
Forward: none
|
||
|
ViewerProtocolPolicy: redirect-to-https
|
||
|
DefaultRootObject: index.html
|
||
|
Enabled: true
|
||
|
HttpVersion: http2
|
||
|
IPV6Enabled: true
|
||
|
Origins:
|
||
|
- DomainName:
|
||
|
Fn::Join:
|
||
|
- .
|
||
|
- - Ref: S3Bucket
|
||
|
- Fn::FindInMap:
|
||
|
- RegionMap
|
||
|
- Ref: AWS::Region
|
||
|
- S3WebsiteEndpoint
|
||
|
Id: S3Origin
|
||
|
CustomOriginConfig:
|
||
|
HTTPPort: 80
|
||
|
HTTPSPort: 443
|
||
|
OriginProtocolPolicy: http-only
|
||
|
PriceClass: PriceClass_100
|
||
|
ViewerCertificate:
|
||
|
AcmCertificateArn:
|
||
|
Ref: Certificate
|
||
|
SslSupportMethod: sni-only
|
||
|
|
||
|
Certificate:
|
||
|
Type: AWS::CertificateManager::Certificate
|
||
|
Properties:
|
||
|
DomainName: '*.luzifer.io'
|
||
|
DomainValidationOptions:
|
||
|
- DomainName: '*.luzifer.io'
|
||
|
ValidationDomain: luzifer.io
|
||
|
|
||
|
...
|