client terraform halfway

infrastructure/client/main.tf

@@ -46,6 +46,29 @@ resource "aws_s3_bucket_acl" "static_website" {
   acl    = "public-read"
 }
 
+# S3 Bucket Policy to allow public access to all objects
+resource "aws_s3_bucket_policy" "static_website_policy" {
+  bucket = aws_s3_bucket.static_website.id
+
+  policy = jsonencode({
+    Version = "2012-10-17",
+    Statement = [
+      {
+        Sid       = "PublicReadGetObject",
+        Effect    = "Allow",
+        Principal = "*",
+        Action    = "s3:GetObject",
+        Resource  = "${aws_s3_bucket.static_website.arn}/*"
+      }
+    ]
+  })
+
+  depends_on = [
+    aws_s3_bucket_acl.static_website,
+    aws_s3_bucket_website_configuration.static_website_config,
+  ]
+}
+
 # S3 Bucket Website Configuration
 resource "aws_s3_bucket_website_configuration" "static_website_config" {
   bucket = aws_s3_bucket.static_website.bucket
@@ -59,95 +82,34 @@ resource "aws_s3_bucket_website_configuration" "static_website_config" {
   }
 }
 
-# Upload files to S3 bucket
+# Set Content-Type based on file extension
 resource "aws_s3_object" "website_files" {
   for_each = fileset("../../client/build", "**/*")
 
   bucket = aws_s3_bucket.static_website.bucket
   key    = each.key
   source = "../../client/build/${each.key}"
-  # No ACL specified to avoid AccessControlListNotSupported errors
-}
-
-# S3 Bucket Policy to allow public access to all objects
-# resource "aws_s3_bucket_policy" "static_website_policy" {
-#   bucket = aws_s3_bucket.static_website.id
-#   depends_on = [
-#     aws_s3_bucket_acl.static_website,
-#     aws_s3_bucket_website_configuration.static_website_config,
-#   ]
-
-#   policy = jsonencode({
-#     Version = "2012-10-17",
-#     Statement = [
-#       {
-#         Sid       = "PublicReadGetObject",
-#         Effect    = "Allow",
-#         Principal = "*",
-#         Action    = "s3:GetObject",
-#         Resource  = "${aws_s3_bucket.static_website.arn}/*"
-#       }
-#     ]
-#   })
-# }
-
-# CloudFront Distribution
-resource "aws_cloudfront_distribution" "cdn" {
-  origin {
-    domain_name = aws_s3_bucket.static_website.bucket_regional_domain_name
-    origin_id   = aws_s3_bucket.static_website.bucket
-
-    custom_origin_config {
-      http_port              = 80
-      https_port             = 443
-      origin_protocol_policy = "http-only"
-      origin_ssl_protocols   = ["TLSv1.2"]
-    }
-  }
+
+  content_type = lookup({
+    "html" = "text/html",
+    "css"  = "text/css",
+    "js"   = "application/javascript",
+    "png"  = "image/png",
+    "jpg"  = "image/jpeg",
+    "jpeg" = "image/jpeg",
+    "gif"  = "image/gif",
+    "svg"  = "image/svg+xml"
+  }, split(".", each.key)[length(split(".", each.key)) - 1], "application/octet-stream")
 
-  default_cache_behavior {
-    allowed_methods        = ["GET", "HEAD"]
-    cached_methods         = ["GET", "HEAD"]
-    target_origin_id       = aws_s3_bucket.static_website.bucket
-    viewer_protocol_policy = "redirect-to-https"
-
-    forwarded_values {
-      query_string = false
-      cookies {
-        forward = "none"
-      }
-    }
-  }
-
-  # Handle 403 errors by serving index.html with a 200 status code
-  custom_error_response {
-    error_code         = 403
-    response_code      = 200
-    response_page_path = "/index.html"
-  }
-
-  # Default root object
-  default_root_object = "index.html"
-
-  enabled         = true
-  is_ipv6_enabled = true
-  price_class     = "PriceClass_100"
-
-  restrictions {
-    geo_restriction {
-      restriction_type = "none"
-    }
-  }
-
-  viewer_certificate {
-    cloudfront_default_certificate = true
-  }
+  depends_on = [
+    aws_s3_bucket_policy.static_website_policy,
+  ]
 }
 
 output "s3_bucket_name" {
   value = aws_s3_bucket.static_website.bucket
 }
 
-output "cloudfront_domain_name" {
-  value = aws_cloudfront_distribution.cdn.domain_name
-}
+# output "cloudfront_domain_name" {
+#   value = aws_cloudfront_distribution.cdn.domain_name
+# }