first commit

2025-05-13 18:13:40 -05:00
commit d7d5ee0836
9 changed files with 188 additions and 0 deletions
--- a/infrastructure/stack.py
+++ b/infrastructure/stack.py
@@ -0,0 +1,101 @@
+import os
+from aws_cdk import (
+    Stack,
+    aws_ec2 as ec2,
+    aws_iam as iam,
+    CfnOutput
+)
+from constructs import Construct
+
+class IptvUpdaterStack(Stack):
+    def __init__(self, scope: Construct, construct_id: str, **kwargs) -> None:
+        super().__init__(scope, construct_id, **kwargs)
+
+        # Create VPC
+        vpc = ec2.Vpc(self, "IptvUpdaterVPC",
+            max_azs=1,  # Use only one AZ for free tier
+            nat_gateways=0,  # No NAT Gateway to stay in free tier
+            subnet_configuration=[
+                ec2.SubnetConfiguration(
+                    name="public",
+                    subnet_type=ec2.SubnetType.PUBLIC,
+                    cidr_mask=24
+                )
+            ]
+        )
+
+        # Security Group
+        security_group = ec2.SecurityGroup(
+            self, "IptvUpdaterSG",
+            vpc=vpc,
+            allow_all_outbound=True
+        )
+
+        security_group.add_ingress_rule(
+            ec2.Peer.any_ipv4(),
+            ec2.Port.tcp(443),
+            "Allow HTTPS traffic"
+        )
+        
+        security_group.add_ingress_rule(
+            ec2.Peer.any_ipv4(),
+            ec2.Port.tcp(80),
+            "Allow HTTP traffic"
+        )
+
+        security_group.add_ingress_rule(
+            ec2.Peer.any_ipv4(),
+            ec2.Port.tcp(22),
+            "Allow SSH traffic"
+        )
+
+        # Key pair for IPTV Updater instance
+        key_pair = ec2.KeyPair(self, "IptvUpdaterKeyPair",
+            key_pair_name="iptv-updater-key"
+        )
+
+        # Create IAM role for EC2
+        role = iam.Role(
+            self, "IptvUpdaterRole",
+            assumed_by=iam.ServicePrincipal("ec2.amazonaws.com")
+        )
+
+        # Add SSM managed policy
+        role.add_managed_policy(
+            iam.ManagedPolicy.from_aws_managed_policy_name(
+                "AmazonSSMManagedInstanceCore"
+            )
+        )
+        
+        # Read the userdata script with proper path resolution
+        script_dir = os.path.dirname(os.path.abspath(__file__))
+        userdata_path = os.path.join(script_dir, "userdata.sh")
+        userdata_file = open(userdata_path, "rb").read()
+
+        # Creates a userdata object for Linux hosts
+        userdata = ec2.UserData.for_linux()
+        # Adds one or more commands to the userdata object.
+        userdata.add_commands(str(userdata_file, 'utf-8'))
+
+        # EC2 Instance
+        instance = ec2.Instance(
+            self, "IptvUpdaterInstance",
+            vpc=vpc,
+            instance_type=ec2.InstanceType.of(
+                ec2.InstanceClass.T2,
+                ec2.InstanceSize.MICRO
+            ),
+            machine_image=ec2.AmazonLinuxImage(
+                generation=ec2.AmazonLinuxGeneration.AMAZON_LINUX_2
+            ),
+            security_group=security_group,
+            key_pair=key_pair,
+            role=role,
+            user_data=userdata,
+        )
+
+        # Output the public DNS name
+        CfnOutput(
+            self, "InstancePublicDNS",
+            value=instance.instance_public_dns_name
+        )