# IPTV Updater AWS

An automated IPTV playlist and EPG updater service deployed on AWS infrastructure using CDK.

## Overview

This project provides a service for automatically updating IPTV playlists and Electronic Program Guide (EPG) data. It runs on AWS infrastructure with:

- EC2 instance for hosting the application
- RDS PostgreSQL database for data storage
- Amazon Cognito for user authentication
- HTTPS support via Let's Encrypt
- Domain management via FreeDNS

## Prerequisites

- AWS CLI installed and configured
- Python 3.12 or later
- Node.js v22.15 or later for AWS CDK
- Docker and Docker Compose for local development

## Local Development

1. Clone the repository:

```bash
git clone <repo-url>
cd iptv-updater-aws
```

2. Copy the example environment file:

```bash
cp .env.example .env
```

3. Add your configuration to `.env`:

```
FREEDNS_User=your_freedns_username
FREEDNS_Password=your_freedns_password
DOMAIN_NAME=your.domain.name
SSH_PUBLIC_KEY=your_ssh_public_key
REPO_URL=repository_url
LETSENCRYPT_EMAIL=your_email
```

4. Start the local development environment:

```bash
./scripts/start_local_dev.sh
```

5. Stop the local environment:

```bash
./scripts/stop_local_dev.sh
```

## Deployment

### Initial Deployment

1. Ensure your AWS credentials are configured:

```bash
aws configure
```

2. Install dependencies:

```bash
pip install -r requirements.txt
```

3. Deploy the infrastructure:

```bash
./scripts/deploy.sh
```

The deployment script will:

- Create/update the CloudFormation stack using CDK
- Configure the EC2 instance with required software
- Set up HTTPS using Let's Encrypt
- Configure the domain using FreeDNS

### Continuous Deployment

The project includes a Gitea workflow (`.gitea/workflows/aws_deploy_on_push.yml`) that automatically:

- Deploys infrastructure changes
- Updates the application on EC2 instances
- Restarts the service

## Infrastructure

The AWS infrastructure is defined in `infrastructure/stack.py` and includes:

- VPC with public subnets
- EC2 t2.micro instance (Free Tier eligible)
- RDS PostgreSQL database (db.t3.micro)
- Security groups for EC2 and RDS
- Elastic IP for the EC2 instance
- Cognito User Pool for authentication
- IAM roles and policies for EC2 instance access

## User Management

### Creating Users

To create a new user in Cognito:

```bash
./scripts/create_cognito_user.sh <user_pool_id> <username> <password> --admin <= optional for defining an admin user
```

### Deleting Users

To delete a user from Cognito:

```bash
./scripts/delete_cognito_user.sh <user_pool_id> <username>
```

## Architecture

The application is structured as follows:

```bash
app/
├── auth/           # Authentication modules
├── iptv/          # IPTV and EPG processing
├── models/        # Database models
└── utils/         # Utility functions

infrastructure/    # AWS CDK infrastructure code
docker/           # Docker configuration for local development
scripts/          # Utility scripts for deployment and management
```

## Environment Variables

The following environment variables are required:

| Variable | Description |
|----------|-------------|
| FREEDNS_User | FreeDNS username |
| FREEDNS_Password | FreeDNS password |
| DOMAIN_NAME | Your domain name |
| SSH_PUBLIC_KEY | SSH public key for EC2 access |
| REPO_URL | Repository URL |
| LETSENCRYPT_EMAIL | Email for Let's Encrypt certificates |

## Security Notes

- The EC2 instance has appropriate IAM permissions for:
  - EC2 instance discovery
  - SSM command execution
  - RDS access
  - Cognito user management
- All database credentials are stored in AWS Secrets Manager
- HTTPS is enforced using Let's Encrypt certificates
- Access is restricted through Security Groups