Lambda Skip
This commit is contained in:
@@ -7,9 +7,14 @@
|
||||
# Standard: mail.${DOMAIN_NAME}
|
||||
# Override: export MAIL_FROM_SUBDOMAIN="mailfrom" (nur der Prefix, ohne Domain)
|
||||
#
|
||||
# Lambda Deployment:
|
||||
# Standard: Überspringt den Deploy (SKIP_LAMBDA_DEPLOY=true)
|
||||
# Override: export SKIP_LAMBDA_DEPLOY="false" (um Lambda neu auszurollen)
|
||||
#
|
||||
# Beispiel:
|
||||
# export DOMAIN_NAME="buddelectric.net"
|
||||
# export MAIL_FROM_SUBDOMAIN="mailfrom" # → mailfrom.buddelectric.net
|
||||
# export SKIP_LAMBDA_DEPLOY="false" # → Lambda wird aktualisiert
|
||||
# ./awsses.sh
|
||||
|
||||
set -e
|
||||
@@ -18,17 +23,20 @@ set -e
|
||||
if ! command -v jq &> /dev/null; then echo "Fehler: 'jq' fehlt."; exit 1; fi
|
||||
if [ -z "$DOMAIN_NAME" ]; then echo "Fehler: DOMAIN_NAME ist nicht gesetzt."; exit 1; fi
|
||||
|
||||
# Prüfen ob Python Code da ist
|
||||
PYTHON_FILE="ses_sns_shim_global.py"
|
||||
if [ ! -f "$PYTHON_FILE" ]; then
|
||||
echo "Fehler: $PYTHON_FILE nicht gefunden!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# --- VARIABLEN ---
|
||||
AWS_REGION=${AWS_REGION:-"us-east-2"}
|
||||
EMAIL_PREFIX=${EMAIL_PREFIX:-""}
|
||||
CONFIGURATION_SET_NAME="relay-outbound"
|
||||
SKIP_LAMBDA_DEPLOY=${SKIP_LAMBDA_DEPLOY:-"true"}
|
||||
|
||||
# Prüfen ob Python Code da ist (nur wenn auch deployt werden soll)
|
||||
PYTHON_FILE="ses_sns_shim_global.py"
|
||||
if [ "$SKIP_LAMBDA_DEPLOY" != "true" ]; then
|
||||
if [ ! -f "$PYTHON_FILE" ]; then
|
||||
echo "Fehler: $PYTHON_FILE nicht gefunden!"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
||||
# MAIL FROM Subdomain (konfigurierbar)
|
||||
MAIL_FROM_SUBDOMAIN=${MAIL_FROM_SUBDOMAIN:-"mail"}
|
||||
@@ -49,6 +57,7 @@ LAMBDA_ROLE_NAME="SesShimGlobalRole"
|
||||
echo "=========================================================="
|
||||
echo " SES Setup (S3 -> Global Lambda Shim -> SQS) für $DOMAIN_NAME"
|
||||
echo " MAIL FROM: $MAIL_FROM_DOMAIN"
|
||||
echo " SKIP_LAMBDA: $SKIP_LAMBDA_DEPLOY"
|
||||
echo "=========================================================="
|
||||
|
||||
# ---------------------------------------------------------
|
||||
@@ -113,41 +122,43 @@ echo " -> Permissions aktualisiert."
|
||||
sleep 5
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# 4. Lambda Funktion erstellen/updaten (Global!)
|
||||
# 4 & 5. Lambda Funktion + SES Permissions (optional)
|
||||
# ---------------------------------------------------------
|
||||
echo "[4/6] Global Lambda Shim deployen..."
|
||||
# Zip erstellen
|
||||
cp "$PYTHON_FILE" lambda_function.py
|
||||
zip -q lambda.zip lambda_function.py
|
||||
# Keine Env-Vars nötig, da dynamisch
|
||||
ROLE_ARN=$(aws iam get-role --role-name "$LAMBDA_ROLE_NAME" --query 'Role.Arn' --output text)
|
||||
if ! aws lambda get-function --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null 2>&1; then
|
||||
echo " -> Erstelle neue Lambda-Funktion..."
|
||||
aws lambda create-function --function-name "$LAMBDA_NAME" \
|
||||
--runtime python3.11 --handler lambda_function.lambda_handler \
|
||||
--role "$ROLE_ARN" --zip-file fileb://lambda.zip \
|
||||
--region "$AWS_REGION" >/dev/null
|
||||
if [ "$SKIP_LAMBDA_DEPLOY" = "true" ]; then
|
||||
echo "[4/6] Global Lambda Shim deployen... (ÜBERSPRUNGEN)"
|
||||
echo "[5/6] SES Permission für Lambda... (ÜBERSPRUNGEN)"
|
||||
else
|
||||
echo " -> Aktualisiere existierende Lambda-Funktion..."
|
||||
aws lambda update-function-code --function-name "$LAMBDA_NAME" --zip-file fileb://lambda.zip --region "$AWS_REGION" >/dev/null
|
||||
echo "[4/6] Global Lambda Shim deployen..."
|
||||
# Zip erstellen
|
||||
cp "$PYTHON_FILE" lambda_function.py
|
||||
zip -q lambda.zip lambda_function.py
|
||||
# Keine Env-Vars nötig, da dynamisch
|
||||
ROLE_ARN=$(aws iam get-role --role-name "$LAMBDA_ROLE_NAME" --query 'Role.Arn' --output text)
|
||||
if ! aws lambda get-function --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null 2>&1; then
|
||||
echo " -> Erstelle neue Lambda-Funktion..."
|
||||
aws lambda create-function --function-name "$LAMBDA_NAME" \
|
||||
--runtime python3.11 --handler lambda_function.lambda_handler \
|
||||
--role "$ROLE_ARN" --zip-file fileb://lambda.zip \
|
||||
--region "$AWS_REGION" >/dev/null
|
||||
else
|
||||
echo " -> Aktualisiere existierende Lambda-Funktion..."
|
||||
aws lambda update-function-code --function-name "$LAMBDA_NAME" --zip-file fileb://lambda.zip --region "$AWS_REGION" >/dev/null
|
||||
|
||||
# Warte kurz
|
||||
sleep 2
|
||||
# Warte kurz
|
||||
sleep 2
|
||||
|
||||
aws lambda update-function-configuration --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null
|
||||
aws lambda update-function-configuration --function-name "$LAMBDA_NAME" --region "$AWS_REGION" >/dev/null
|
||||
fi
|
||||
# Aufräumen
|
||||
rm lambda.zip lambda_function.py
|
||||
|
||||
echo "[5/6] SES Permission für Lambda..."
|
||||
aws lambda add-permission --function-name "$LAMBDA_NAME" \
|
||||
--statement-id "AllowSESInvoke-Global" \
|
||||
--action "lambda:InvokeFunction" \
|
||||
--principal "ses.amazonaws.com" \
|
||||
--region "$AWS_REGION" 2>/dev/null || true
|
||||
fi
|
||||
# Aufräumen
|
||||
rm lambda.zip lambda_function.py
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# 5. Permission: SES darf Lambda aufrufen (Global, einmalig)
|
||||
# ---------------------------------------------------------
|
||||
echo "[5/6] SES Permission für Lambda..."
|
||||
aws lambda add-permission --function-name "$LAMBDA_NAME" \
|
||||
--statement-id "AllowSESInvoke-Global" \
|
||||
--action "lambda:InvokeFunction" \
|
||||
--principal "ses.amazonaws.com" \
|
||||
--region "$AWS_REGION" 2>/dev/null || true
|
||||
|
||||
# ---------------------------------------------------------
|
||||
# 6. SES Rule (S3 + Global Lambda)
|
||||
|
||||
Reference in New Issue
Block a user