diff --git a/infrastructure/cdk/src/interfaces/ProjectConfig.ts b/infrastructure/cdk/src/interfaces/ProjectConfig.ts index 020a23ca9..fcaac0740 100644 --- a/infrastructure/cdk/src/interfaces/ProjectConfig.ts +++ b/infrastructure/cdk/src/interfaces/ProjectConfig.ts @@ -20,6 +20,4 @@ export interface ProjectConfig { web: string wildcard: string } - /** Nodes IP address */ - nodesIp: string } \ No newline at end of file diff --git a/infrastructure/cdk/src/providers/config.ts b/infrastructure/cdk/src/providers/config.ts index c49414b3f..32028ba85 100644 --- a/infrastructure/cdk/src/providers/config.ts +++ b/infrastructure/cdk/src/providers/config.ts @@ -11,7 +11,6 @@ export class Config implements ProjectConfig { public readonly env public readonly rootDomain public readonly subdomains - public readonly nodesIp public readonly dataVersion /** List of required environment variables */ @@ -33,7 +32,6 @@ export class Config implements ProjectConfig { web: 'app', wildcard: '*' } - this.nodesIp = process.env.NODES_IP as string this.dataVersion = Number(dataPackage.version.split('.')[0]) } diff --git a/infrastructure/cdk/src/providers/nodes.ts b/infrastructure/cdk/src/providers/nodes.ts index 3a90c7e42..20051ee88 100644 --- a/infrastructure/cdk/src/providers/nodes.ts +++ b/infrastructure/cdk/src/providers/nodes.ts @@ -1,8 +1,9 @@ import { Construct } from 'constructs' import * as cdk from 'aws-cdk-lib' import * as route53 from 'aws-cdk-lib/aws-route53' +import * as secretsmanager from 'aws-cdk-lib/aws-secretsmanager' import { NodesStackProps } from '../interfaces/StackProps' -import { pascalCase } from '@casimir/helpers' +import { kebabCase, pascalCase } from '@casimir/helpers' import { Config } from './config' /** @@ -16,14 +17,17 @@ export class NodesStack extends cdk.Stack { super(scope, id, props) const config = new Config() - const { rootDomain, subdomains, nodesIp } = config + const { rootDomain, subdomains } = config const { hostedZone } = props + /** Get the nodes web server IP */ + const nodesIp = secretsmanager.Secret.fromSecretNameV2(this, config.getFullStackResourceName(this.name, 'nodes-ip'), kebabCase(config.getFullStackResourceName(this.name, 'nodes-ip'))) + /** Create an A record for the nodes web server IP */ new route53.ARecord(this, config.getFullStackResourceName(this.name, 'a-record-api'), { recordName: `${subdomains.nodes}.${rootDomain}`, zone: hostedZone as route53.IHostedZone, - target: route53.RecordTarget.fromIpAddresses(nodesIp), + target: route53.RecordTarget.fromIpAddresses(nodesIp.secretValue.unsafeUnwrap()), ttl: cdk.Duration.minutes(1), }) } diff --git a/scripts/cdk/deploy.ts b/scripts/cdk/deploy.ts index 8aef28d79..ed966ca79 100755 --- a/scripts/cdk/deploy.ts +++ b/scripts/cdk/deploy.ts @@ -8,15 +8,23 @@ import { $, echo } from 'zx' * See https://docs.aws.amazon.com/cdk/api/v2 */ void async function () { - /** Get AWS secrets */ + /** Configure the environment with fallback default values */ + process.env.PROJECT = process.env.PROJECT || 'casimir' + process.env.STAGE = process.env.STAGE || 'dev' + process.env.AWS_REGION = process.env.AWS_REGION || 'us-east-2' + + /** Get AWS credentials */ await loadCredentials() process.env.AWS_ACCOUNT = await getSecret('casimir-aws-account') - process.env.NODES_IP = await getSecret('casimir-nodes-ip') + + /** Set public environment variables */ + process.env.PUBLIC_USERS_URL = `https://users.${process.env.STAGE}.casimir.co` + process.env.PUBLIC_CRYPTO_COMPARE_API_KEY = await getSecret('casimir-crypto-compare-api-key') /** Prepare CDK resources */ - await $`npm run build --workspace @casimir/web` await $`npm run build --workspace @casimir/landing` await $`npm run build --workspace @casimir/users` + await $`npm run build --workspace @casimir/web` /** Prepare CDK app */ await $`npm run bootstrap --workspace @casimir/cdk` diff --git a/scripts/cdk/test.ts b/scripts/cdk/test.ts index add329413..26cde49cc 100644 --- a/scripts/cdk/test.ts +++ b/scripts/cdk/test.ts @@ -1,3 +1,4 @@ +import { getSecret, loadCredentials } from '@casimir/helpers' import { $, echo } from 'zx' /** @@ -9,15 +10,21 @@ import { $, echo } from 'zx' void async function () { /** Configure the environment with fallback default values */ process.env.PROJECT = process.env.PROJECT || 'casimir' - process.env.STAGE = process.env.STAGE || 'test' - process.env.AWS_REGION = process.env.AWS_REGION || 'us-east-1' - process.env.AWS_ACCOUNT = process.env.AWS_ACCOUNT || '000000000000' - process.env.NODES_IP = process.env.NODES_IP || '123.456.789.012' + process.env.STAGE = process.env.STAGE || 'dev' + process.env.AWS_REGION = process.env.AWS_REGION || 'us-east-2' + + /** Get AWS secrets */ + await loadCredentials() + process.env.AWS_ACCOUNT = await getSecret('casimir-aws-account') + + /** Set public environment variables */ + process.env.PUBLIC_USERS_URL = `https://users.${process.env.STAGE}.casimir.co` + process.env.PUBLIC_CRYPTO_COMPARE_API_KEY = await getSecret('casimir-crypto-compare-api-key') /** Prepare CDK resources */ - await $`npm run build --workspace @casimir/web` await $`npm run build --workspace @casimir/landing` await $`npm run build --workspace @casimir/users` + await $`npm run build --workspace @casimir/web` /** Test CDK app */ echo('🚀 Testing CDK app') diff --git a/services/users/src/routes/auth.ts b/services/users/src/routes/auth.ts index 34521c8b7..da30c6e6f 100644 --- a/services/users/src/routes/auth.ts +++ b/services/users/src/routes/auth.ts @@ -121,12 +121,8 @@ function parseNonce(msg: string) { } function verifyMessageDomain(domain: string): boolean { - const stage = process.env.STAGE - if (stage === 'dev') { - return domain === 'localhost:3001' - } else { - return false - } + if (process.env.WEB_URL) return domain === process.env.WEB_URL + return domain === 'localhost:3001' } async function verifyMessageNonce(address: string, msgNonce: string) : Promise {