From a381676aaee127da8567efef444c71b2b1ea1fff Mon Sep 17 00:00:00 2001
From: Gerard Clos <clos.gerard@gmail.com>
Date: Sat, 14 Sep 2024 11:44:39 +0200
Subject: [PATCH] minor: cloudfront redirect to latitude.so from ai.latitude.so

---
 apps/infra/src/core/cloudfront.ts | 94 +++++++++++++++++++++++++++++++
 apps/infra/src/core/index.ts      |  1 +
 2 files changed, 95 insertions(+)
 create mode 100644 apps/infra/src/core/cloudfront.ts

diff --git a/apps/infra/src/core/cloudfront.ts b/apps/infra/src/core/cloudfront.ts
new file mode 100644
index 000000000..fe6eb3809
--- /dev/null
+++ b/apps/infra/src/core/cloudfront.ts
@@ -0,0 +1,94 @@
+import * as aws from '@pulumi/aws'
+
+const certificate = new aws.acm.Certificate(
+  'latitudeCertificate',
+  {
+    domainName: 'ai.latitude.so',
+    validationMethod: 'DNS',
+  },
+  { provider: new aws.Provider('us-east-1', { region: 'us-east-1' }) },
+)
+
+const redirectFunction = new aws.cloudfront.Function('redirectFunction', {
+  code: `
+function handler(event) {
+    var response = {
+        statusCode: 301,
+        statusDescription: 'Moved Permanently',
+        headers: {
+            'location': { value: 'https://latitude.so' + event.request.uri }
+        }
+    };
+    return response;
+}
+`,
+  name: 'redirect-to-latitude',
+  runtime: 'cloudfront-js-1.0',
+})
+
+const distribution = new aws.cloudfront.Distribution('latitudeRedirect', {
+  enabled: true,
+  isIpv6Enabled: true,
+  httpVersion: 'http2',
+  aliases: ['ai.latitude.so'],
+  defaultCacheBehavior: {
+    allowedMethods: ['GET', 'HEAD'],
+    cachedMethods: ['GET', 'HEAD'],
+    targetOriginId: 'latitudeOrigin',
+    forwardedValues: {
+      queryString: false,
+      cookies: {
+        forward: 'none',
+      },
+    },
+    viewerProtocolPolicy: 'redirect-to-https',
+    minTtl: 0,
+    defaultTtl: 300,
+    maxTtl: 1200,
+    functionAssociations: [
+      {
+        eventType: 'viewer-request',
+        functionArn: redirectFunction.arn,
+      },
+    ],
+  },
+  origins: [
+    {
+      domainName: 'latitude.so',
+      originId: 'latitudeOrigin',
+      customOriginConfig: {
+        httpPort: 80,
+        httpsPort: 443,
+        originSslProtocols: ['TLSv1.2'],
+        originProtocolPolicy: 'https-only',
+      },
+    },
+  ],
+  restrictions: {
+    geoRestriction: {
+      restrictionType: 'none',
+    },
+  },
+  viewerCertificate: {
+    acmCertificateArn: certificate.arn,
+    sslSupportMethod: 'sni-only',
+    minimumProtocolVersion: 'TLSv1.2_2021',
+  },
+})
+
+export const distributionUrl = distribution.domainName
+
+const record = new aws.route53.Record('latitudeRecord', {
+  zoneId: 'Z04918046RTZRA6UX0HY',
+  name: 'ai.latitude.so',
+  type: 'A',
+  aliases: [
+    {
+      name: distribution.domainName,
+      zoneId: distribution.hostedZoneId,
+      evaluateTargetHealth: false,
+    },
+  ],
+})
+
+export const recordName = record.name
diff --git a/apps/infra/src/core/index.ts b/apps/infra/src/core/index.ts
index 31214186b..30f34066f 100644
--- a/apps/infra/src/core/index.ts
+++ b/apps/infra/src/core/index.ts
@@ -6,3 +6,4 @@ export * from './ecs'
 export * from './iam'
 export * from './s3'
 export * from './secrets'
+export * from './cloudfront'