Home/iptv-manager-service
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Changed project name to be IPTV Manager Service
All checks were successful
AWS Deploy on Push / build (push) Successful in 8m29s
Details

Browse Source
This commit is contained in:
Stefano Fiorini
2025-05-29 16:09:52 -05:00
parent e25f8c1ecd
commit eaab1ef998
22 changed files with 202 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
infrastructure/stack.py
View File

@@ -9,7 +9,7 @@ from aws_cdk import aws_ssm as ssm
from constructs import Construct
class IptvUpdaterStack(Stack):
class IptvManagerStack(Stack):
def __init__(
self,
scope: Construct,
@@ -27,7 +27,7 @@ class IptvUpdaterStack(Stack):
# Create VPC
vpc = ec2.Vpc(
self,
"IptvUpdaterVPC",
"IptvManagerVPC",
max_azs=2, # Need at least 2 AZs for RDS subnet group
nat_gateways=0, # No NAT Gateway to stay in free tier
subnet_configuration=[
@@ -44,7 +44,7 @@ class IptvUpdaterStack(Stack):
# Security Group
security_group = ec2.SecurityGroup(
self, "IptvUpdaterSG", vpc=vpc, allow_all_outbound=True
self, "IptvManagerSG", vpc=vpc, allow_all_outbound=True
)
security_group.add_ingress_rule(
@@ -66,18 +66,18 @@ class IptvUpdaterStack(Stack):
"Allow PostgreSQL traffic for tunneling",
)
# Key pair for IPTV Updater instance
# Key pair for IPTV Manager instance
key_pair = ec2.KeyPair(
self,
"IptvUpdaterKeyPair",
key_pair_name="iptv-updater-key",
"IptvManagerKeyPair",
key_pair_name="iptv-manager-key",
public_key_material=ssh_public_key,
)
# Create IAM role for EC2
role = iam.Role(
self,
"IptvUpdaterRole",
"IptvManagerRole",
assumed_by=iam.ServicePrincipal("ec2.amazonaws.com"),
)
@@ -114,7 +114,7 @@ class IptvUpdaterStack(Stack):
# EC2 Instance
instance = ec2.Instance(
self,
"IptvUpdaterInstance",
"IptvManagerInstance",
vpc=vpc,
vpc_subnets=ec2.SubnetSelection(subnet_type=ec2.SubnetType.PUBLIC),
instance_type=ec2.InstanceType.of(
@@ -132,7 +132,7 @@ class IptvUpdaterStack(Stack):
# Option: 2: Create Elastic IP (not free tier compatible)
# eip = ec2.CfnEIP(
# self, "IptvUpdaterEIP",
# self, "IptvManagerEIP",
# domain="vpc",
# instance_id=instance.instance_id
# )
@@ -140,8 +140,8 @@ class IptvUpdaterStack(Stack):
# Add Cognito User Pool
user_pool = cognito.UserPool(
self,
"IptvUpdaterUserPool",
user_pool_name="iptv-updater-users",
"IptvManagerUserPool",
user_pool_name="iptv-manager-users",
self_sign_up_enabled=False, # Only admins can create users
password_policy=cognito.PasswordPolicy(
min_length=8,
@@ -156,7 +156,7 @@ class IptvUpdaterStack(Stack):
# Add App Client with the correct callback URL
client = user_pool.add_client(
"IptvUpdaterClient",
"IptvManagerClient",
access_token_validity=Duration.minutes(60),
id_token_validity=Duration.minutes(60),
refresh_token_validity=Duration.days(1),
@@ -171,8 +171,8 @@ class IptvUpdaterStack(Stack):
# Add domain for hosted UI
domain = user_pool.add_domain(
"IptvUpdaterDomain",
cognito_domain=cognito.CognitoDomainOptions(domain_prefix="iptv-updater"),
"IptvManagerDomain",
cognito_domain=cognito.CognitoDomainOptions(domain_prefix="iptv-manager"),
)
# Read the userdata script with proper path resolution
@@ -226,7 +226,7 @@ class IptvUpdaterStack(Stack):
# Create RDS PostgreSQL instance (free tier compatible - db.t3.micro)
db = rds.DatabaseInstance(
self,
"IptvUpdaterDB",
"IptvManagerDB",
engine=rds.DatabaseInstanceEngine.postgres(
version=rds.PostgresEngineVersion.VER_13
),
@@ -240,7 +240,7 @@ class IptvUpdaterStack(Stack):
security_groups=[rds_sg],
allocated_storage=10,
max_allocated_storage=10,
database_name="iptv_updater",
database_name="iptv_manager",
removal_policy=RemovalPolicy.DESTROY,
deletion_protection=False,
publicly_accessible=False, # Avoid public IPv4 charges
@@ -255,25 +255,25 @@ class IptvUpdaterStack(Stack):
ssm.StringParameter(
self,
"DBHostParam",
parameter_name="/iptv-updater/DB_HOST",
parameter_name="/iptv-manager/DB_HOST",
string_value=db.db_instance_endpoint_address,
)
ssm.StringParameter(
self,
"DBNameParam",
parameter_name="/iptv-updater/DB_NAME",
string_value="iptv_updater",
parameter_name="/iptv-manager/DB_NAME",
string_value="iptv_manager",
)
ssm.StringParameter(
self,
"DBUserParam",
parameter_name="/iptv-updater/DB_USER",
parameter_name="/iptv-manager/DB_USER",
string_value=db.secret.secret_value_from_json("username").to_string(),
)
ssm.StringParameter(
self,
"DBPassParam",
parameter_name="/iptv-updater/DB_PASSWORD",
parameter_name="/iptv-manager/DB_PASSWORD",
string_value=db.secret.secret_value_from_json("password").to_string(),
)

43
infrastructure/userdata.sh
View File

@@ -2,7 +2,7 @@
# Update system and install required packages
dnf update -y
dnf install -y python3-pip git cronie nginx certbot python3-certbot-nginx
dnf install -y python3-pip git cronie nginx certbot python3-certbot-nginx postgresql awscli
# Start and enable crond service
systemctl start crond
@@ -11,27 +11,48 @@ systemctl enable crond
cd /home/ec2-user
git clone ${REPO_URL}
cd iptv-updater-aws
cd iptv-manager-service
# Install Python packages with --ignore-installed to prevent conflicts with RPM packages
pip3 install --ignore-installed -r requirements.txt
# Retrieve DB credentials from SSM Parameter Store
export DB_HOST=$(aws ssm get-parameter --name "/iptv-manager/DB_HOST" --query "Parameter.Value" --output text)
export DB_NAME=$(aws ssm get-parameter --name "/iptv-manager/DB_NAME" --query "Parameter.Value" --output text)
export DB_USER=$(aws ssm get-parameter --name "/iptv-manager/DB_USER" --query "Parameter.Value" --output text)
export DB_PASSWORD=$(aws ssm get-parameter --name "/iptv-manager/DB_PASSWORD" --query "Parameter.Value" --output text)
# Set PGPASSWORD for psql to use
export PGPASSWORD=$DB_PASSWORD
# Wait for PostgreSQL to be ready
echo "Waiting for PostgreSQL to start..."
until psql -h $DB_HOST -U $DB_USER -d postgres -c '\q'; do
sleep 1
done
echo "PostgreSQL is ready."
# Create database if it does not exist
DB_EXISTS=$(psql -h $DB_HOST -U $DB_USER -d postgres -tc "SELECT 1 FROM pg_database WHERE datname = '$DB_NAME';")
if [ -z "$DB_EXISTS" ]; then
echo "Creating database $DB_NAME..."
psql -h $DB_HOST -U $DB_USER -d postgres -c "CREATE DATABASE $DB_NAME;"
echo "Database $DB_NAME created."
fi
# Run database migrations
alembic upgrade head
# Seed initial priorities
python3 -c "from app.utils.database import SessionLocal; from app.models.db import Priority; db = SessionLocal(); db.add_all([Priority(id=100, description='High'), Priority(id=200, description='Medium'), Priority(id=300, description='Low')]); db.commit()"
# Create systemd service file
cat << 'EOF' > /etc/systemd/system/iptv-updater.service
cat << 'EOF' > /etc/systemd/system/iptv-manager.service
[Unit]
Description=IPTV Updater Service
Description=IPTV Manager Service
After=network.target
[Service]
Type=simple
User=ec2-user
WorkingDirectory=/home/ec2-user/iptv-updater-aws
WorkingDirectory=/home/ec2-user/iptv-manager-service
ExecStart=/usr/local/bin/uvicorn app.main:app --host 127.0.0.1 --port 8000
EnvironmentFile=/etc/environment
Restart=always
@@ -56,7 +77,7 @@ sudo mkdir -p /etc/nginx/ssl
--reloadcmd "service nginx force-reload"
# Create nginx config
cat << EOF > /etc/nginx/conf.d/iptvUpdater.conf
cat << EOF > /etc/nginx/conf.d/iptvManager.conf
server {
listen 80;
server_name ${DOMAIN_NAME} *.${DOMAIN_NAME};
@@ -83,5 +104,5 @@ EOF
# Start nginx service
systemctl enable nginx
systemctl start nginx
systemctl enable iptv-updater
systemctl start iptv-updater
systemctl enable iptv-manager
systemctl start iptv-manager