class CfnVpn::S3

Public Class Methods

new(region, bucket, name) click to toggle source
# File lib/cfnvpn/s3.rb, line 7
def initialize(region, bucket, name)
  @client = Aws::S3::Client.new(region: region)
  @bucket = bucket
  @name = name
  @path = "cfnvpn/certificates/#{@name}"
end

Public Instance Methods

create_bucket() click to toggle source
# File lib/cfnvpn/s3.rb, line 66
def create_bucket
  @client.create_bucket({
    bucket: bucket,
    acl: 'private'
  })

  @client.put_public_access_block({
    bucket: bucket,
    public_access_block_configuration: { 
      block_public_acls: true,
      ignore_public_acls: true,
      block_public_policy: true,
      restrict_public_buckets: true,
    }
  })

  @client.put_bucket_encryption({
    bucket: bucket,
    server_side_encryption_configuration: {
      rules: [
        {
          apply_server_side_encryption_by_default: {
            sse_algorithm: "AES256"
          }
        }
      ]
    }
  })
end
get_object(file) click to toggle source
# File lib/cfnvpn/s3.rb, line 27
def get_object(file)
  file_name = file.split('/').last
  CfnVpn::Log.logger.debug("downloading s3://#{@bucket}/#{@path}/#{file_name} to #{file}")
  @client.get_object(
    response_target: file,
    bucket: @bucket,
    key: "#{@path}/#{file_name}")
end
get_url(file) click to toggle source
# File lib/cfnvpn/s3.rb, line 46
def get_url(file)
  presigner = Aws::S3::Presigner.new(client: @client)
  params = {
    bucket: @bucket,
    key: "#{@path}/#{file}",
    expires_in: 3600
  }
  presigner.presigned_url(:get_object, params)
end
store_config(config) click to toggle source
# File lib/cfnvpn/s3.rb, line 36
def store_config(config)
  CfnVpn::Log.logger.debug("uploading config to s3://#{@bucket}/#{@path}/#{@name}.config.ovpn")
  @client.put_object({
    body: config,
    bucket: @bucket,
    key: "#{@path}/#{@name}.config.ovpn",
    tagging: "cfnvpn:name=#{@name}"
  })
end
store_embedded_config(config, cn) click to toggle source
# File lib/cfnvpn/s3.rb, line 56
def store_embedded_config(config, cn)
  CfnVpn::Log.logger.debug("uploading config to s3://#{@bucket}/#{@path}/#{@name}_#{cn}.config.ovpn")
  @client.put_object({
    body: config,
    bucket: @bucket,
    key: "#{@path}/#{@name}_#{cn}.config.ovpn",
    tagging: "cfnvpn:name=#{@name}"
  })
end
store_object(file) click to toggle source
# File lib/cfnvpn/s3.rb, line 14
def store_object(file)
  body = File.open(file, 'rb').read
  file_name = file.split('/').last
  CfnVpn::Log.logger.debug("uploading #{file} to s3://#{@bucket}/#{@path}/#{file_name}")
  @client.put_object({
    body: body,
    bucket: @bucket,
    key: "#{@path}/#{file_name}",
    server_side_encryption: "AES256",
    tagging: "cfnvpn:name=#{@name}"
  })
end