Tying off loose ends

I have been working my way through the old todo list in the five days since I wrote it, and I wanted to give you an update.

As I predicted, all of the things that should have definitely happened did in fact definitely happen:

Some of the things that were likely to have happened have already happened, and they shall be detailed below!

The thing that was unlikely to have happened did not in fact happen, but I don't feel bad about that because I told you it was unlikely to happen anyway so in a way, it's awesome that it didn't happen because otherwise I would have been wrong in my prediction that it was unlikely to happen. Of course, the summer isn't over yet, so it could still be unlikely to happen yet, Mr. Frodo.

HTTPS for the blog

I did finally get HTTPS working for my blog, as you can see from the following screenshot that looks something like what you would see in the address bar of your very own browser should you choose to look up there at it:

Browser address bar showing a shield and a
lock

Of course, the URL itself will be a bit different, but you know what I mean.

So here's what I needed to do (after following my 50 simple steps, of course):

  1. Use the AWS Certificate Manager console (in the us-east-1 region; this is extremely important!) to create a certificate containing domain names jmglov.net and www.jmglov.net, using DNS validation since I host my own domain using Route 53.
  2. Open the hosted zone for jmglov.net in the Route 53 console and manually add the CNAME records displayed on the ACM certificate (for some reason, the Create records in Route 53 button in ACM didn't work for me, but whatevs).
  3. Use the CloudFront console to create a distribuion, setting the origin to jmglov.net.s3-website-eu-west-1.amazonaws.com, adding jmglov.net and www.jmglov.net as alternate domain names, choosing the ACM certificate that I just created as the custom SSL certificate, and setting HTTP to redirect to HTTPS.
  4. Wait for the CloudFront distribution to deploy. You can test this by making sure the S3 hosted site loads when you browse to the distribution domain name that CloudFront creates for you (in my case, https://d3bulohh9org4y.cloudfront.net).
  5. Once the website loads using the distribution, use the Route 53 console to update the A records for jmglov.net and www.jmglov.net to alias my CloudFront distribution instead of my S3 bucket.

Et voilĂ !

Oh, and my website logs did of course start showing up in the S3 logs bucket I created, after some delay probably caused by buffering. I also configured my CloudFront distribution to log to the same place, and those logs are also showing up there.

Blambda!

I also created an AWS Lambda custom runtime for Babashka, which I have called Blambda!, because I couldn't think of a good pun involving BBs and lambdas or something like that.

This was also quite easy to do, thanks to a bb-lambda project that I found on Github that already took care of the heavy lifting of interacting with the Lambda runtime API to process function invocations.

I decided to create my own custom runtime instead of just straight up using bb-lambda because it uses Docker, which I hate and fear (I don't even know what a container is, much less why you should use it to implement a serverless function). Thanks to the borktacular borkdude (toss him a few euros on Ko-fi if you can) and the fact that he builds a static executable for each borkin' release of Babashka, creating a lambda layer for a custom runtime is really easy!

More stuff to do

Things that are likely to happen:

Things that may happen:

Things that are unlikely to happen but really should:

Discuss this post here.

Published: 2022-06-26

Tagged: clojure aws s3 babashka lambda

Archive