From 5b0a087a7812e853339fcd48b8cdf885f95ca68a Mon Sep 17 00:00:00 2001 From: Andreas Knuth Date: Mon, 27 Apr 2026 21:17:41 -0500 Subject: [PATCH] Lambda Skip --- basic_setup/awsses.sh | 89 ++++++++++++++++++++++++------------------- 1 file changed, 50 insertions(+), 39 deletions(-) diff --git a/basic_setup/awsses.sh b/basic_setup/awsses.sh index 0ee86a1..4d3e5b2 100755 --- a/basic_setup/awsses.sh +++ b/basic_setup/awsses.sh @@ -7,9 +7,14 @@ # Standard: mail.${DOMAIN_NAME} # Override: export MAIL_FROM_SUBDOMAIN="mailfrom" (nur der Prefix, ohne Domain) # +# Lambda Deployment: +# Standard: Überspringt den Deploy (SKIP_LAMBDA_DEPLOY=true) +# Override: export SKIP_LAMBDA_DEPLOY="false" (um Lambda neu auszurollen) +# # Beispiel: # export DOMAIN_NAME="buddelectric.net" # export MAIL_FROM_SUBDOMAIN="mailfrom" # → mailfrom.buddelectric.net +# export SKIP_LAMBDA_DEPLOY="false" # → Lambda wird aktualisiert # ./awsses.sh set -e @@ -18,17 +23,20 @@ set -e if ! command -v jq &> /dev/null; then echo "Fehler: 'jq' fehlt."; exit 1; fi if [ -z "$DOMAIN_NAME" ]; then echo "Fehler: DOMAIN_NAME ist nicht gesetzt."; exit 1; fi -# Prüfen ob Python Code da ist -PYTHON_FILE="ses_sns_shim_global.py" -if [ ! -f "$PYTHON_FILE" ]; then - echo "Fehler: $PYTHON_FILE nicht gefunden!" - exit 1 -fi - # --- VARIABLEN --- AWS_REGION=${AWS_REGION:-"us-east-2"} EMAIL_PREFIX=${EMAIL_PREFIX:-""} CONFIGURATION_SET_NAME="relay-outbound" +SKIP_LAMBDA_DEPLOY=${SKIP_LAMBDA_DEPLOY:-"true"} + +# Prüfen ob Python Code da ist (nur wenn auch deployt werden soll) +PYTHON_FILE="ses_sns_shim_global.py" +if [ "$SKIP_LAMBDA_DEPLOY" != "true" ]; then + if [ ! -f "$PYTHON_FILE" ]; then + echo "Fehler: $PYTHON_FILE nicht gefunden!" + exit 1 + fi +fi # MAIL FROM Subdomain (konfigurierbar) MAIL_FROM_SUBDOMAIN=${MAIL_FROM_SUBDOMAIN:-"mail"} @@ -49,6 +57,7 @@ LAMBDA_ROLE_NAME="SesShimGlobalRole" echo "==========================================================" echo " SES Setup (S3 -> Global Lambda Shim -> SQS) für $DOMAIN_NAME" echo " MAIL FROM: $MAIL_FROM_DOMAIN" +echo " SKIP_LAMBDA: $SKIP_LAMBDA_DEPLOY" echo "==========================================================" # --------------------------------------------------------- @@ -113,41 +122,43 @@ echo " -> Permissions aktualisiert." sleep 5 # --------------------------------------------------------- -# 4. Lambda Funktion erstellen/updaten (Global!) +# 4 & 5. Lambda Funktion + SES Permissions (optional) # --------------------------------------------------------- -echo "[4/6] Global Lambda Shim deployen..." -# Zip erstellen -cp "$PYTHON_FILE" lambda_function.py -zip -q lambda.zip lambda_function.py -# Keine Env-Vars nötig, da dynamisch -ROLE_ARN=$(aws iam get-role --role-name "$LAMBDA_ROLE_NAME" --query 'Role.Arn' --output text) -if ! aws lambda get-function --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null 2>&1; then - echo " -> Erstelle neue Lambda-Funktion..." - aws lambda create-function --function-name "$LAMBDA_NAME" \ - --runtime python3.11 --handler lambda_function.lambda_handler \ - --role "$ROLE_ARN" --zip-file fileb://lambda.zip \ - --region "$AWS_REGION" >/dev/null +if [ "$SKIP_LAMBDA_DEPLOY" = "true" ]; then + echo "[4/6] Global Lambda Shim deployen... (ÜBERSPRUNGEN)" + echo "[5/6] SES Permission für Lambda... (ÜBERSPRUNGEN)" else - echo " -> Aktualisiere existierende Lambda-Funktion..." - aws lambda update-function-code --function-name "$LAMBDA_NAME" --zip-file fileb://lambda.zip --region "$AWS_REGION" >/dev/null - - # Warte kurz - sleep 2 - - aws lambda update-function-configuration --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null -fi -# Aufräumen -rm lambda.zip lambda_function.py + echo "[4/6] Global Lambda Shim deployen..." + # Zip erstellen + cp "$PYTHON_FILE" lambda_function.py + zip -q lambda.zip lambda_function.py + # Keine Env-Vars nötig, da dynamisch + ROLE_ARN=$(aws iam get-role --role-name "$LAMBDA_ROLE_NAME" --query 'Role.Arn' --output text) + if ! aws lambda get-function --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null 2>&1; then + echo " -> Erstelle neue Lambda-Funktion..." + aws lambda create-function --function-name "$LAMBDA_NAME" \ + --runtime python3.11 --handler lambda_function.lambda_handler \ + --role "$ROLE_ARN" --zip-file fileb://lambda.zip \ + --region "$AWS_REGION" >/dev/null + else + echo " -> Aktualisiere existierende Lambda-Funktion..." + aws lambda update-function-code --function-name "$LAMBDA_NAME" --zip-file fileb://lambda.zip --region "$AWS_REGION" >/dev/null + + # Warte kurz + sleep 2 + + aws lambda update-function-configuration --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null + fi + # Aufräumen + rm lambda.zip lambda_function.py -# --------------------------------------------------------- -# 5. Permission: SES darf Lambda aufrufen (Global, einmalig) -# --------------------------------------------------------- -echo "[5/6] SES Permission für Lambda..." -aws lambda add-permission --function-name "$LAMBDA_NAME" \ - --statement-id "AllowSESInvoke-Global" \ - --action "lambda:InvokeFunction" \ - --principal "ses.amazonaws.com" \ - --region "$AWS_REGION" 2>/dev/null || true + echo "[5/6] SES Permission für Lambda..." + aws lambda add-permission --function-name "$LAMBDA_NAME" \ + --statement-id "AllowSESInvoke-Global" \ + --action "lambda:InvokeFunction" \ + --principal "ses.amazonaws.com" \ + --region "$AWS_REGION" 2>/dev/null || true +fi # --------------------------------------------------------- # 6. SES Rule (S3 + Global Lambda)