~repos /website
git clone https://pyrossh.dev/repos/website.git
木 Personal website of pyrossh. Built with astrojs, shiki, vite.
699a2919
—
pyrossh 2 weeks ago
fix alchemy cloud front permission
- .alchemy/prd/s3-distribution-prd.json +9 -3
- alchemy.run.ts +7 -5
.alchemy/prd/s3-distribution-prd.json
CHANGED
|
@@ -200,13 +200,16 @@
|
|
|
200
200
|
}
|
|
201
201
|
},
|
|
202
202
|
"ViewerCertificate": {
|
|
203
|
+
"MinimumProtocolVersion": "TLSv1.2_2021",
|
|
204
|
+
"CloudFrontDefaultCertificate": false,
|
|
205
|
+
"SslSupportMethod": "sni-only",
|
|
203
206
|
"AcmCertificateArn": "arn:aws:acm:us-east-1:122129753516:certificate/d04cd0a5-623c-4d18-a9d1-f0d8df3e999d"
|
|
204
207
|
},
|
|
205
208
|
"Comment": "ProvisionedBy Alchemy - prd"
|
|
206
209
|
}
|
|
207
210
|
},
|
|
208
211
|
"id": "E2IM0M1RNCBSHJ",
|
|
209
|
-
"createdAt":
|
|
212
|
+
"createdAt": 1764175362829,
|
|
210
213
|
"DistributionConfig": {
|
|
211
214
|
"Logging": {
|
|
212
215
|
"IncludeCookies": false,
|
|
@@ -250,8 +253,8 @@
|
|
|
250
253
|
}
|
|
251
254
|
],
|
|
252
255
|
"ViewerCertificate": {
|
|
253
|
-
"SslSupportMethod": "
|
|
256
|
+
"SslSupportMethod": "sni-only",
|
|
254
|
-
"MinimumProtocolVersion": "TLSv1",
|
|
257
|
+
"MinimumProtocolVersion": "TLSv1.2_2021",
|
|
255
258
|
"CloudFrontDefaultCertificate": false,
|
|
256
259
|
"AcmCertificateArn": "arn:aws:acm:us-east-1:122129753516:certificate/d04cd0a5-623c-4d18-a9d1-f0d8df3e999d"
|
|
257
260
|
},
|
|
@@ -651,6 +654,9 @@
|
|
|
651
654
|
}
|
|
652
655
|
},
|
|
653
656
|
"ViewerCertificate": {
|
|
657
|
+
"MinimumProtocolVersion": "TLSv1.2_2021",
|
|
658
|
+
"CloudFrontDefaultCertificate": false,
|
|
659
|
+
"SslSupportMethod": "sni-only",
|
|
654
660
|
"AcmCertificateArn": "arn:aws:acm:us-east-1:122129753516:certificate/d04cd0a5-623c-4d18-a9d1-f0d8df3e999d"
|
|
655
661
|
},
|
|
656
662
|
"Comment": "ProvisionedBy Alchemy - prd"
|
alchemy.run.ts
CHANGED
|
@@ -200,6 +200,8 @@ const s3Distribution = await AWS.CloudFront.Distribution(`s3-distribution-${app.
|
|
|
200
200
|
// provider = aws.useast
|
|
201
201
|
// }
|
|
202
202
|
ViewerCertificate: {
|
|
203
|
+
MinimumProtocolVersion: "TLSv1.2_2021",
|
|
204
|
+
CloudFrontDefaultCertificate: false,
|
|
203
205
|
SslSupportMethod: "sni-only",
|
|
204
206
|
AcmCertificateArn: "arn:aws:acm:us-east-1:122129753516:certificate/d04cd0a5-623c-4d18-a9d1-f0d8df3e999d",
|
|
205
207
|
// AcmCertificateArn: domainSslCertificate.CertificateArn,
|
|
@@ -278,8 +280,8 @@ const reposBucketPolicy = await AWS.S3.BucketPolicy(`repos-bucket-policy-${app.s
|
|
|
278
280
|
// });
|
|
279
281
|
|
|
280
282
|
await app.finalize();
|
|
281
|
-
await $`rm -rf dist`
|
|
283
|
+
// await $`rm -rf dist`
|
|
282
|
-
await $`bun run build`
|
|
284
|
+
// await $`bun run build`
|
|
283
|
-
await $`aws s3 sync --delete ./dist/ s3://${websiteBucket.BucketName}`
|
|
285
|
+
// await $`aws s3 sync --delete ./dist/ s3://${websiteBucket.BucketName}`
|
|
284
|
-
await $`aws cloudfront create-invalidation --distribution-id ${s3Distribution.Id} --paths "/*" --no-cli-pager`
|
|
286
|
+
// await $`aws cloudfront create-invalidation --distribution-id ${s3Distribution.Id} --paths "/*" --no-cli-pager`
|
|
285
|
-
await $`rm -rf dist`
|
|
287
|
+
// await $`rm -rf dist`
|