From 84e02e4929855104b292c1639b91c5371bf5243c Mon Sep 17 00:00:00 2001 From: Kamil Stus Date: Tue, 1 Apr 2025 16:11:19 +0200 Subject: [PATCH 1/4] chore: configuration for docs-preview --- nginx.conf | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/nginx.conf b/nginx.conf index 13c34f0be..a173a1eef 100644 --- a/nginx.conf +++ b/nginx.conf @@ -441,3 +441,15 @@ server { # Redirect rule so that /python/docs actually leads somewhere rewrite ^/python/docs/?$ /python/docs/quick-start; } + +server { + listen 80; + + server_name pull-*.preview.docs.apify.com; + + location / { + rewrite ^/(.*)/$ https://s3.amazonaws.com/apify-docs-preview/pull-$host/$1/index.html permanent; + rewrite ^/(.*[^./])$ https://s3.amazonaws.com/apify-docs-preview/pull-$host/$1.html permanent; + rewrite ^/(.*)$ https://s3.amazonaws.com/apify-docs-preview/pull-$host/$1 permanent; + } +} From c8eebbf8f5590be3d6cbc5d3f6a90dbe80b570e5 Mon Sep 17 00:00:00 2001 From: Kamil Stus Date: Tue, 1 Apr 2025 16:13:28 +0200 Subject: [PATCH 2/4] chore: cloudformation --- .github/workflows/deploy_cloudformation.yaml | 28 +++++++++++++ deploy/cloudformation/s3.yaml | 42 ++++++++++++++++++++ 2 files changed, 70 insertions(+) create mode 100644 .github/workflows/deploy_cloudformation.yaml create mode 100644 deploy/cloudformation/s3.yaml diff --git a/.github/workflows/deploy_cloudformation.yaml b/.github/workflows/deploy_cloudformation.yaml new file mode 100644 index 000000000..f4e5ed2d6 --- /dev/null +++ b/.github/workflows/deploy_cloudformation.yaml @@ -0,0 +1,28 @@ +name: 'Deploy Cloudformation' + +on: + workflow_dispatch: + + push: + paths: + - 'deploy/cloudformation/**' + +jobs: + get_values: + uses: apify/workflows/.github/workflows/get_values.yaml@v0.27.0 + + deploy_cloudformation: + needs: + - get_values + uses: apify/workflows/.github/workflows/deploy_cloudformation.yaml@v0.27.0 + secrets: + awsAccessKeyId: ${{ secrets.AWS_ACCESS_KEY_ID }} + awsSecretAccessKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }} + slackToken: ${{ secrets.SLACK_BOT_USER_OAUTH_ACCESS_TOKEN }} + with: + stackName: apify-docs-preview + templateFile: deploy/cloudformation/s3.yaml + cloudformationRoleArn: arn:aws:iam::031263542130:role/ApifyCloudFormationServiceRole + s3Bucket: apify-cf-templates-store-organization + capabilities: CAPABILITY_NAMED_IAM + revision: ${{ needs.get_values.outputs.short_commit_sha }} diff --git a/deploy/cloudformation/s3.yaml b/deploy/cloudformation/s3.yaml new file mode 100644 index 000000000..4245fec66 --- /dev/null +++ b/deploy/cloudformation/s3.yaml @@ -0,0 +1,42 @@ +AWSTemplateFormatVersion: "2010-09-09" +Description: This template creates an S3 bucket and access control policy for apify-docs-preview +Metadata: + License: Apache-2.0 + +Resources: + S3Bucket: + Type: AWS::S3::Bucket + DeletionPolicy: Retain + UpdateReplacePolicy: Retain + Properties: + BucketName: apify-docs-preview + # Maintaining your public access settings + PublicAccessBlockConfiguration: + BlockPublicAcls: false + BlockPublicPolicy: false + IgnorePublicAcls: false + RestrictPublicBuckets: false + # Enable encryption for data at rest + BucketEncryption: + ServerSideEncryptionConfiguration: + - ServerSideEncryptionByDefault: + SSEAlgorithm: AES256 + Tags: + - Key: component + Value: apify-docs + - Key: owner + Value: apify-docs + + # Adding a bucket policy to grant public read access + BucketPolicy: + Type: AWS::S3::BucketPolicy + Properties: + Bucket: !Ref S3Bucket + PolicyDocument: + Version: "2012-10-17" + Statement: + - Sid: PublicReadForGetBucketObjects + Effect: Allow + Principal: '*' + Action: 's3:GetObject' + Resource: !Sub 'arn:aws:s3:::${S3Bucket}/*' From 0b6f70f1ac699e616025d52c35a5663e729046c3 Mon Sep 17 00:00:00 2001 From: Kamil Stus Date: Tue, 1 Apr 2025 16:44:54 +0200 Subject: [PATCH 3/4] chore: Remove CloudFormation deployment workflow and template --- .github/workflows/deploy_cloudformation.yaml | 28 ------------- deploy/cloudformation/s3.yaml | 42 -------------------- 2 files changed, 70 deletions(-) delete mode 100644 .github/workflows/deploy_cloudformation.yaml delete mode 100644 deploy/cloudformation/s3.yaml diff --git a/.github/workflows/deploy_cloudformation.yaml b/.github/workflows/deploy_cloudformation.yaml deleted file mode 100644 index f4e5ed2d6..000000000 --- a/.github/workflows/deploy_cloudformation.yaml +++ /dev/null @@ -1,28 +0,0 @@ -name: 'Deploy Cloudformation' - -on: - workflow_dispatch: - - push: - paths: - - 'deploy/cloudformation/**' - -jobs: - get_values: - uses: apify/workflows/.github/workflows/get_values.yaml@v0.27.0 - - deploy_cloudformation: - needs: - - get_values - uses: apify/workflows/.github/workflows/deploy_cloudformation.yaml@v0.27.0 - secrets: - awsAccessKeyId: ${{ secrets.AWS_ACCESS_KEY_ID }} - awsSecretAccessKey: ${{ secrets.AWS_SECRET_ACCESS_KEY }} - slackToken: ${{ secrets.SLACK_BOT_USER_OAUTH_ACCESS_TOKEN }} - with: - stackName: apify-docs-preview - templateFile: deploy/cloudformation/s3.yaml - cloudformationRoleArn: arn:aws:iam::031263542130:role/ApifyCloudFormationServiceRole - s3Bucket: apify-cf-templates-store-organization - capabilities: CAPABILITY_NAMED_IAM - revision: ${{ needs.get_values.outputs.short_commit_sha }} diff --git a/deploy/cloudformation/s3.yaml b/deploy/cloudformation/s3.yaml deleted file mode 100644 index 4245fec66..000000000 --- a/deploy/cloudformation/s3.yaml +++ /dev/null @@ -1,42 +0,0 @@ -AWSTemplateFormatVersion: "2010-09-09" -Description: This template creates an S3 bucket and access control policy for apify-docs-preview -Metadata: - License: Apache-2.0 - -Resources: - S3Bucket: - Type: AWS::S3::Bucket - DeletionPolicy: Retain - UpdateReplacePolicy: Retain - Properties: - BucketName: apify-docs-preview - # Maintaining your public access settings - PublicAccessBlockConfiguration: - BlockPublicAcls: false - BlockPublicPolicy: false - IgnorePublicAcls: false - RestrictPublicBuckets: false - # Enable encryption for data at rest - BucketEncryption: - ServerSideEncryptionConfiguration: - - ServerSideEncryptionByDefault: - SSEAlgorithm: AES256 - Tags: - - Key: component - Value: apify-docs - - Key: owner - Value: apify-docs - - # Adding a bucket policy to grant public read access - BucketPolicy: - Type: AWS::S3::BucketPolicy - Properties: - Bucket: !Ref S3Bucket - PolicyDocument: - Version: "2012-10-17" - Statement: - - Sid: PublicReadForGetBucketObjects - Effect: Allow - Principal: '*' - Action: 's3:GetObject' - Resource: !Sub 'arn:aws:s3:::${S3Bucket}/*' From c76cc908421af62dda75e096a0efe506784c326b Mon Sep 17 00:00:00 2001 From: Kamil Stus Date: Thu, 3 Apr 2025 12:21:03 +0200 Subject: [PATCH 4/4] fix: nginx conf server name --- nginx.conf | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/nginx.conf b/nginx.conf index a173a1eef..ff8294691 100644 --- a/nginx.conf +++ b/nginx.conf @@ -445,11 +445,11 @@ server { server { listen 80; - server_name pull-*.preview.docs.apify.com; + server_name ~^(?[^.]+)\.preview\.docs\.apify\.com$; location / { - rewrite ^/(.*)/$ https://s3.amazonaws.com/apify-docs-preview/pull-$host/$1/index.html permanent; - rewrite ^/(.*[^./])$ https://s3.amazonaws.com/apify-docs-preview/pull-$host/$1.html permanent; - rewrite ^/(.*)$ https://s3.amazonaws.com/apify-docs-preview/pull-$host/$1 permanent; + rewrite ^/(.*)/$ https://s3.amazonaws.com/apify-docs-preview/$subdomain/$1/index.html permanent; + rewrite ^/(.*[^./])$ https://s3.amazonaws.com/apify-docs-preview/$subdomain/$1.html permanent; + rewrite ^/(.*)$ https://s3.amazonaws.com/apify-docs-preview/$subdomain/$1 permanent; } }