# type: ignore # TODO: This module doesn't work at all import datetime import os import random import string import jinja2 import tldextract from app import app from app.extensions import db from app.models.base import Group from app.models.mirrors import Origin, Proxy TEMPLATE = """ terraform { required_providers { aws = { version = "~> 4.4.0" } fastly = { source = "fastly/fastly" version = ">= 1.1.1" } } } provider "aws" { access_key = "{{ aws_access_key }}" secret_key = "{{ aws_secret_key }}" region = "us-east-1" } provider "fastly" { api_key = "{{ fastly_api_key }}" } {% for group in groups %} module "label_{{ group.id }}" { source = "cloudposse/label/null" version = "0.25.0" namespace = "bc" tenant = "{{ group.group_name }}" label_order = ["namespace", "tenant", "name", "attributes"] } module "log_bucket_{{ group.id }}" { source = "cloudposse/s3-log-storage/aws" version = "0.28.0" context = module.label_{{ group.id }}.context name = "logs" attributes = ["fastly"] acl = "private" standard_transition_days = 30 glacier_transition_days = 60 expiration_days = 90 } {% if group.id == 3 %} resource "fastly_service_vcl" "service_{{ group.id }}" { name = module.label_{{ group.id }}.id {% for origin in group.origins %} {% for proxy in origin.proxies %} {% if proxy.destroyed == None and proxy.provider == "fastly" %} domain { name = "{{ proxy.slug }}.global.ssl.fastly.com" comment = "Mirror" } {% endif %} {% endfor %} backend { address = "{{ origin.domain_name }}" name = "{{ origin.description }}" port = 443 override_host = "{{ origin.domain_name }}" } {% endfor %} } {% endif %} {% endfor %} """ def create_missing_proxies(): with app.app_context(): origins = Origin.query.filter(Origin.group_id == 3).all() for origin in origins: azure_cdn_proxies = [ x for x in origin.proxies if x.provider == "fastly" and x.deprecated is None and x.destroyed is None ] if not azure_cdn_proxies: proxy = Proxy() proxy.origin_id = origin.id proxy.provider = "fastly" # The random usage below is good enough for its purpose: to create a slug that # hasn't been used before. proxy.slug = tldextract.extract(origin.domain_name).domain[:5] + ''.join( random.choices(string.ascii_lowercase, 12)) # nosec proxy.added = datetime.datetime.utcnow() proxy.updated = datetime.datetime.utcnow() db.session.add(proxy) db.session.commit() def destroy_expired_proxies(): cutoff = datetime.datetime.utcnow() - datetime.timedelta(days=3) proxies = Proxy.query.filter( Proxy.destroyed.is_(None), Proxy.provider == "fastly", Proxy.deprecated < cutoff ).all() for proxy in proxies: proxy.destroyed = datetime.datetime.utcnow() proxy.updated = datetime.datetime.utcnow() db.session.commit() def generate_terraform(): filename = os.path.join( app.config['TERRAFORM_DIRECTORY'], 'fastly', 'main.tf' ) tmpl = jinja2.Template(TEMPLATE) rendered = tmpl.render( aws_access_key=app.config['AWS_ACCESS_KEY'], aws_secret_key=app.config['AWS_SECRET_KEY'], fastly_api_key=app.config['FASTLY_API_KEY'], groups=Group.query.all() ) with open(filename, 'w') as out: out.write(rendered) if __name__ == "__main__": with app.app_context(): create_missing_proxies() destroy_expired_proxies() generate_terraform()