Avoiding dementia one post at a time
Web
Lambda@EDGE Add index.html to request
Node 8
'use strict'; exports.handler = (event, context, callback) => { // Extract the request from the CloudFront event that is sent to Lambda@Edge var request = event.Records[0].cf.request; // Extract the URI from the request var olduri = request.uri; // Match any '/' that occurs at the end of a URI. Replace it with a default index var newuri = olduri.replace(/\/$/, '\/index.html'); // Log the URI as received by CloudFront and the new URI to be used to fetch from origin console.log("Old URI: " + olduri); console.log("New URI: " + newuri); // Replace the received URI with the URI that includes the index page request.uri = newuri; // Return to CloudFront return callback(null, request); };
Lambda@EDGE Security Headers
Node 8
'use strict'; exports.handler = (event, context, callback) => { //Get contents of response const response = event.Records[0].cf.response; const headers = response.headers; //Set new headers headers['strict-transport-security'] = [{key: 'Strict-Transport-Security', value: 'max-age=63072000; includeSubdomains; preload'}]; headers['content-security-policy'] = [{key: 'Content-Security-Policy', value: "default-src 'self' 'unsafe-inline' 'unsafe-eval'"}]; headers['x-content-type-options'] = [{key: 'X-Content-Type-Options', value: 'nosniff'}]; headers['x-frame-options'] = [{key: 'X-Frame-Options', value: 'DENY'}]; headers['x-xss-protection'] = [{key: 'X-XSS-Protection', value: '1; mode=block'}]; headers['referrer-policy'] = [{key: 'Referrer-Policy', value: 'same-origin'}]; headers['x-custom-header'] = [{key: 'X-Custom-Header', value: 'SH_V1'}]; headers['cache-control'] = [{key: 'Cache-Control', value: 'no-store'}]; headers['feature-policy'] = [{key: 'Feature-Policy', value: "microphone 'self'"}]; headers['expect-ct'] = [{key: 'Expect-CT', value: 'enforce, max-age=30'}]; //Return modified response callback(null, response); };
Python Cloudfront Invalidation Script
#!/usr/bin/env python3 from datetime import tzinfo, timedelta, datetime, date, timezone import boto3 cf = boto3.client('cloudfront') timestamp=str(datetime.timestamp(datetime.today())) distributions=cf.list_distributions() if distributions['DistributionList']['Quantity'] > 0: for distribution in distributions['DistributionList']['Items']: print("Distribution Id: " + distribution['Id']) print("Time: " + timestamp) cf.create_invalidation( DistributionId=distribution['Id'], InvalidationBatch={ 'Paths': { 'Quantity': 1, 'Items': [ '/*', ] }, 'CallerReference': timestamp } ) else: print("Error - No CloudFront Distributions Detected.")
Hosting commands.
cd virtualenvs/pelican/ source bin/activate cd magna make s3_upload ../cf_invalidate
Static Hosting
Ok, let’s get this show on the road….
apt install php7.3-curl apt install php7.3-dom apt install php7.3-zip
