-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathserverless.yml
255 lines (245 loc) · 8.54 KB
/
serverless.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
# Welcome to Serverless!
#
# This file is the main config file for your service.
# It's very minimal at this point and uses default values.
# You can always add more config options for more control.
# We've included some commented out config examples here.
# Just uncomment any of them to get that config option.
#
# For full config options, check the docs:
# docs.serverless.com
#
# Happy Coding!
service: abstract-play
# app and org for use with dashboard.serverless.com
# app: apfront
# org: wamelen
# You can pin your service to only deploy with a specific Serverless version
# Check out our docs for more details
frameworkVersion: '3'
custom:
scheduleEnabled:
prod: true
dev: false
recbucket:
prod: "records.abstractplay.com"
dev: "records.abstractplay.com"
dumpbucket: "abstractplay-db-dump"
params:
dev:
profile: AbstractPlayDev
userpool: arn:aws:cognito-idp:us-east-1:153672715141:userpool/us-east-1_2zrzbEjoU
sqsurl: https://sqs.us-east-1.amazonaws.com/153672715141/abstractplay-aiai-dev-aiai-queue
prod:
profile: AbstractPlayProd
userpool: arn:aws:cognito-idp:us-east-1:153672715141:userpool/us-east-1_YCjgSZHJm
sqsurl: https://sqs.us-east-1.amazonaws.com/153672715141/abstractplay-aiai-prod-aiai-queue
package:
excludeDevDependencies: false
plugins:
- serverless-plugin-common-excludes
- serverless-plugin-include-dependencies
provider:
name: aws
runtime: nodejs18.x
versionFunctions: false
stage: ${opt:stage, 'dev'}
profile: ${param:profile}
region: us-east-1
environment:
ABSTRACT_PLAY_TABLE: abstract-play-${self:provider.stage}
userpool: ${param:userpool}
SQS_URL: ${param:sqsurl}
AIAI_USERID: SkQfHAjeDxs8eeEnScuYA
TOTP_KEY: ${env:TOTP_KEY}
VAPID_PRIVATE_KEY: ${env:VAPID_PRIVATE_KEY}
VAPID_PUBLIC_KEY: ${env:VAPID_PUBLIC_KEY}
# TOTP_KEY: ${file(../apsecrets.yml):totp_key}
# VAPID_PRIVATE_KEY: ${file(../apsecrets.yml):vapid_private_key}
# VAPID_PUBLIC_KEY: ${file(../apsecrets.yml):vapid_public_key}
iam:
role:
statements:
- Effect: Allow
Action:
- dynamodb:Query
- dynamodb:Scan
- dynamodb:GetItem
- dynamodb:PutItem
- dynamodb:UpdateItem
- dynamodb:DeleteItem
- dynamodb:ExportTableToPointInTime
- dynamodb:BatchWriteItem
- ses:SendEmail
- ses:SendRawEmail
- sqs:SendMessage
- cloudfront:CreateInvalidation
Resource: "*"
- Effect: 'Allow'
Action:
- 's3:ListBucket'
Resource: 'arn:aws:s3:::abstractplay-db-dump'
- Effect: 'Allow'
Action:
- 's3:GetObject'
- 's3:PutObject'
Resource: 'arn:aws:s3:::abstractplay-db-dump/*'
- Effect: 'Allow'
Action:
- 's3:ListBucket'
Resource: 'arn:aws:s3:::records.abstractplay.com'
- Effect: 'Allow'
Action:
- 's3:PutObject'
Resource: 'arn:aws:s3:::records.abstractplay.com/*'
resources:
Resources:
# One table design
AbstractGamesDynamoDbTable:
Type: 'AWS::DynamoDB::Table'
DeletionPolicy: Delete
Properties:
AttributeDefinitions:
-
AttributeName: "pk"
AttributeType: "S"
-
AttributeName: "sk"
AttributeType: "S"
KeySchema:
-
AttributeName: "pk"
KeyType: "HASH"
-
AttributeName: "sk"
KeyType: "RANGE"
ProvisionedThroughput:
ReadCapacityUnits: 1
WriteCapacityUnits: 1
StreamSpecification:
StreamViewType: "NEW_AND_OLD_IMAGES"
TableName: ${self:provider.environment.ABSTRACT_PLAY_TABLE}
GatewayResponseDefault4XX:
Type: 'AWS::ApiGateway::GatewayResponse'
Properties:
ResponseParameters:
gatewayresponse.header.Access-Control-Allow-Origin: "'*'"
gatewayresponse.header.Access-Control-Allow-Headers: "'*'"
ResponseType: DEFAULT_4XX
RestApiId:
Ref: 'ApiGatewayRestApi'
functions:
authQuery:
handler: api/abstractplay.authQuery
memorySize: 1024
description: Abstract Play queries that need authorization.
events:
- http:
path: authQuery
method: post
cors: true
integration: lambda
authorizer:
name: authorizer
arn: ${self:provider.environment.userpool}
claims:
- email
- 'cognito:username'
query:
handler: api/abstractplay.query
memorySize: 128
description: Abstract Play queries that does not need authorization.
events:
- http:
path: query
method: get
cors: true
yourturn:
handler: utils/yourturn.handler
description: Sends out "your turn" notifications
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-yourturn
description: Send out "your turn" notifications
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
schedule: cron(0 14,22 * * ? *)
dumpdb:
handler: utils/dumpdb.handler
description: Triggers a full export of production DB to S3
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-dumpdb
description: Triggers a full export of production DB to S3
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# midnight UTC every Sunday
schedule: cron(0 0 ? * 1 *)
records:
handler: utils/records.handler
description: Generates static lists of game records
timeout: 900
memorySize: 10240
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-records
description: Generates static lists of game records
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# 3am UTC every sunday (giving the dump plenty of time to complete)
schedule: cron(0 3 ? * 1 *)
records-ttm:
handler: utils/records-ttm.handler
description: Generates static time-to-move results of each game
timeout: 900
memorySize: 10240
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-records-ttm
description: Generates static time-to-move results of each game
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# 3am UTC every sunday (giving the dump plenty of time to complete)
schedule: cron(0 3 ? * 1 *)
records-manifest:
handler: utils/records-manifest.handler
description: Generates manifest file for records bucket
timeout: 900
memorySize: 10240
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-records-manifest
description: Generates static time-to-move results of each game
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# 4am UTC every sunday (giving the various records scripts time to complete)
# then run again after summarize
schedule: cron(0 4,7 ? * 1 *)
summarize:
handler: utils/summarize.handler
description: Summarize generated game reports
timeout: 60
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-summarize
description: Summarize generated game reports
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# 6am UTC every sunday (giving plenty of time for the record generation to complete)
schedule: cron(0 6 ? * 1 *)
starttournaments:
handler: utils/starttournaments.handler
description: Checks if any tournaments are ready to start (and starts or cancels them)
timeout: 600
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-starttournaments
description: Checks if any tournaments are ready to start (and starts or cancels them)
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# 10am and 10pm UTC every day
schedule: cron(0 10,22 * * ? *)
standingchallenges:
handler: utils/standingchallenges.handler
description: Manages preset standing challenge requests
timeout: 600
events:
- eventBridge:
name: abstractplay-${self:provider.stage}-standingchallenges
description: Manages preset standing challenge requests
enabled: ${self:custom.scheduleEnabled.${self:provider.stage}}
# Midnight and noon UTC every day
schedule: cron(0 0,12 * * ? *)