# frozen_string_literal: true class CloudfrontConfigService def initialize(bucket, tags = []) @bucket = bucket @tags = tags end def to_s bucket_config.to_json.strip end private def bucket_config { DistributionConfig: { CallerReference: unique_caller_reference, Origins: { Quantity: 1, Items: [ { Id: "S3-#{@bucket}", DomainName: "#{@bucket}.s3.amazonaws.com", OriginPath: '', CustomHeaders: { Quantity: 0 }, S3OriginConfig: { OriginAccessIdentity: '' } } ] }, DefaultCacheBehavior: { TargetOriginId: "S3-#{@bucket}", ForwardedValues: { QueryString: false, Cookies: { Forward: 'none' }, Headers: { Quantity: 0 }, QueryStringCacheKeys: { Quantity: 0 } }, TrustedSigners: { Enabled: false, Quantity: 0 }, ViewerProtocolPolicy: 'redirect-to-https', MinTTL: 0, AllowedMethods: { Quantity: 2, Items: %w[ HEAD GET ], CachedMethods: { Quantity: 2, Items: %w[ HEAD GET ] } }, SmoothStreaming: false, DefaultTTL: 86_400, MaxTTL: 31_536_000, Compress: true, LambdaFunctionAssociations: { Quantity: 0 } }, CacheBehaviors: { Quantity: 0 }, CustomErrorResponses: { Quantity: 0 }, Comment: '', Logging: { Enabled: false, IncludeCookies: false, Bucket: '', Prefix: '' }, PriceClass: 'PriceClass_100', Enabled: true, ViewerCertificate: { CloudFrontDefaultCertificate: true, MinimumProtocolVersion: 'TLSv1.2_2018', CertificateSource: 'cloudfront' }, Restrictions: { GeoRestriction: { RestrictionType: 'none', Quantity: 0 } }, WebACLId: '', HttpVersion: 'http2', IsIPV6Enabled: true }, Tags: { Items: @tags } } end def unique_caller_reference "#{Time.now.getutc.to_i}-#{@bucket}" end end