winston-logger

AVP-auth-api

unity-snake

AWS-EC2-minecraft-server-mesh

The-Lost-Dungeon-3

Hilbert-Curve

AWS-API-query-RDS

AWS-Arduino-IoT-Core-test

AWS-IoT-Hub-Website

Proof of concept management interface to communicate with embedded devices on MQTT with an Appsync security layer to surface the data to the interface users

Watch

391

Star

3.9k

Topics:

amplify
appsync
arduino
aws
react
website

iot-hub-website

Amplify Setup

In order to use Amplify you will need to generate and provide an access token for it to be able to build the frontend. The required scopes are api, read_api & read_repository
When deploying the stack to AWS, it can optionally be configured with a domain in Route53 via the domain params.
When the stack deploys you will then need to trigger an Amplify job to build the web frontend similar to what's done in the update-frontend job in the .gitlab-ci.yml file

Arduino Setup

Find your AWS Account & Region specific AWS IoT Broker Endpoint - This can be found here: https://console.aws.amazon.com/iot/home#/settings
create the AWS IoT certificate

aws iot create-keys-and-certificate --set-as-active

The Response will be:

{
  "certificateArn": "arn:aws:iot:{Region}:{AccountId}:cert/2c0f72bf-b230-4c49-9e0e-cbf177926d96",
  "certificateId": "2c0f72bf-b230-4c49-9e0e-cbf177926d96",
  "certificatePem": "-----BEGIN CERTIFICATE-----\n{Certificate}\n-----END CERTIFICATE-----\n",
  "keyPair": {
    "PublicKey": "-----BEGIN PUBLIC KEY-----\n{Public Key Material}\n-----END PUBLIC KEY-----\n",
    "PrivateKey": "-----BEGIN RSA PRIVATE KEY-----\n{Private Key Material}\n-----END RSA PRIVATE KEY-----\n"
  }
}

Prepare arduino_secrets.h file in arduino/iot-lightbulb/
1. Enter your Wifi name & password
2. Enter your Account & Region specific AWS IoT Broker Endpoint from Step 1
3. Enter a unique identifier for the device.
4. Enter the complete Device Certificate & Device Private Key from Step 2
deploy the template.yaml including the certificateArn parameter from step 2
upload the .ino file to Arduino using the Arduino IDE
The board will now listen on the ${DEVICE_ID}/${INCOMING_TOPIC} topic for events targeted for this device

Usage

Create a cognito user in the userpool
Associate a device to the user in the devicesTable

{
 "userId": "${Cognito user sub}",
 "deviceId": "light-bulb",
 "name": "demo light bulb thing",
 "type": "LIGHT_BULB"
}

This associated only allows logged in users to interact with their own devices

Devices before logging in

Login page

Devices after logging in

The On/Off switch for the device will send a message to the arduino over MQTT to turn the LED On or Off.

Arduino setup

When the Arduino receives a message over MQTT it will either be told to turn the LED ON or OFF. The arduino will then set the voltage of the relevant data pin to turn the LED On or Off

wave-function-collapse

AWS-ECS-minecraft-server-network

AWS-EC2-Gitlab-runner-fleet

AWS-Transfer-Server

Terraform-Aurora-Global

AWS Application using Terraform to deploy a Global RDS Aurora cluster

Watch

1.1k

Star

1.4k

Topics:

aws
ec2
networking
rds-database
terraform

Terraform-Aurora-Global

This demo utilises an AWS RDS Aurora Serverless acting as a global cluster manged by Terraform. It first deploys the primary cluster (the writer) to the specified primaryRegion in variables.tf and it then deploys a cluster (the reader) in each region specified in the secondaryRegions variable in variables.tf. It also generates and configured RDS to authorise with an AWS Secrets Manager Secret which is also replicated to all necessary regions along with the regional KMS Key. As a simple way to view the data in the RDS database, the application launches a website in a public subnet which queries the app database in RDS to list all users.

Setup

See .gitlab-ci.yml for automated deployment.

To initialise Terraform and deploy to AWS it requires an S3 bucket be created to store state. Ensure a bucket is created and initialise Terraform like

terraform init \
  -backend-config="bucket=${BUCKET_NAME}" \
  -backend-config="key=tf-rds-aurora-global" \
  -backend-config="region=${BUCKET_REGION}"

Configure the desired variables in variables.tf.
- primaryRegion This specifies the primary AWS Region which the writer cluster will be created in. A KMS Key and Secrets Manager Secret will also be created.
- secondaryRegions This is an array of AWS Regions for which a replica reader cluster will be created in. A replica KMS Key and Secrets Manager Secret will also be created.
- domain Optional Route53 domain in the target account. This will cause Route53 Latency records to be created in all specified regions which route to the public EC2 running a website allowing viewing of the users in the app Database.
- subDomain Optional subdomain to prefix the domain with when creating the Route53 records.
To see what resources Terraform will deploy you can run terraform plan and if that looks ok you can run terraform apply --auto-approve which will deploy all resources.
Once the resources are deployed you'll need to populate the database with some test data before you can view it on the EC2 website.
- Go to AWS Secrets Manager, find the Secret that Terraform created and copy its Secret ARN
- Now go to the AWS console for Aurora and RDS then Query editor.
- To connect to the cluster, select it from the dropdown, select Connect with a Secrets Manager ARN and enter the previously copied Secret ARN and enter these commands
```
CREATE DATABASE app;
```
```
use app;

CREATE TABLE users (
  id INT PRIMARY KEY,
  name VARCHAR(100)
);
```
```
use app;

INSERT INTO users (id, name) VALUES (1, 'Alice');
INSERT INTO users (id, name) VALUES (2, 'Bob');
```
Now that's some test data in the DB you can go to the AWS console for EC2, find the websiteInstance that Terraform created and go to the website http://{Public IPv4 address}
There is an equivalent EC2 website created in the regions specified for primaryRegion and secondaryRegions which query all data created in the users database as the global cluster replicates it across all replica clusters.
Once done, you can teardown the resources Terraform created with terraform destroy --auto-approve

Flocking-Simulation

unity-Game-Of-Life

ECS-Github-Runners

AWS-Asynchronous-api

A-Star-Path-Finder

AWS-ECS-web-app-demo

AWS-EC2-EFS-demo

Slime-Simulation

AWS-serverless-multi-region-api

AWS-Arduino-Timestream-temperature-sensor

AWS-API

plop-project-scaffolding

Quadtree

Twitch-VOD-downloader

AWS Application to download & archive Twitch Streams for registered Twitch Streamers

Watch

3.4k

Star

3.7k

Topics:

amplify
api
appsync
aws
docker
ecs
javascript
networking
nextjs
react
website

twitch-vod-downloader

Twitch is a livestreaming platform that allows content creators to livestream video to their Twitch channel for people to view and interact with. When a livestream ends, it is then made available as a VOD (Video On Demand) to be watched by people who missed the livestream.

Twitch only allows previous broadcasts to be available for 7 days, or 60 days for their Twitch Partners. After this period, the broadcast is no longer available and, unless downloaded by the streamer, it effectively becomes lost media.

This system is intended to support the automatic archival of content creators' livestreams by downloading the VOD asset and enabling rewatching it from a user interface.

Setup

See .gitlab-ci.yml for automated deployment.

This application supports logging in by deferring to Twitch via OAuth 2.0. Deploying this application will require registering a Twitch Developer App and then creating a Confidential Twitch application. You will need to create an AWS Secrets Manager secret with the format:

{
  "clientId": "{your client id}",
  "clientSecret": "{your client secret}",
  "url": "https://id.twitch.tv/oauth2/token"
}

Deploy the container-registry.yaml CloudFormation stack to host the ECR images. E.g. sam deploy --no-fail-on-empty-changeset --template-file container-registry.yaml --stack-name twitch-vod-downloader-registry --s3-bucket $S3_DEPLOY --capabilities CAPABILITY_NAMED_IAM --region eu-west-1
Build the Manifest and DownloadVideo docker images and push them to the ECR repository from step 2. The image tags should be Manifest and DownloadVideo to match what the ECS task definitions in template.yaml expect.
Deploy the template.yaml with a Domain, HostedZoneId, DomainCert & optionally DomainPrefix for Amplify to be configured with a Route53 domain. The AmplifyAppRepoURL, AmplifyAppRepoBranch & AmplifyAppRepoToken Parameters need to be provided for Amplify to build the frontend. The TwitchCredentialsSecretPath parameter needs to be specified, which is the ARN of the Secret created in step 1 and the ImageUri parameter will need to be provided as the ECR repository URI for ECS to fetch the docker images.

Frontend

The frontend UI integrates with Twitch using an OIDC Cognito Identity Provider. Visiting the frontend redirects you to the Twitch login. After signing in, Twitch redirects you back to the application.

You are then presented with a list of Twitch Streamers that the application is archiving the VODs for.

Clicking on a Twitch Streamer will load a list of their videos which have been downloaded and are ready to view.

Registering a Streamer

Registering a new Streamer can be done by making this Appsync mutation

mutation MyMutation {
  createStreamer(username: "pokimane") {
    pk
    sk
    userDisplayName
    userProfileImageUrl
    userName
    userId
  }
}

Dockerized puppeteer webbot

A key piece of this system is taking the url of the Streamer's video and retrieving the HLS manifest url of that video. Twitch's API does not allow this, resulting in a dockerized ECS puppeteer bot which loads the page & intercepts traffic for the HLS manifest url.

Data structures

Streamer

{
 "pk": "STREAMER",
 "sk": "STREAMER#44445592",
 "userDisplayName": "pokimane",
 "userId": "44445592",
 "userName": "pokimane",
 "userProfileImageUrl": "https://static-cdn.jtvnw.net/jtv_user_pictures/912232e8-9e53-4fb7-aac4-14aed07869ca-profile_image-300x300.png"
}

Video

{
 "pk": "VIDEO#44445592",
 "sk": "VIDEO#2458896948",
 "processedManifestUri": "s3://twitch-vod-downloader-video-bucket/44445592/2458896948/index.m3u8",
 "processedManifestUrl": "https://djpcyzz1kzchy.cloudfront.net/44445592/2458896948/index.m3u8",
 "twitchManifestUrl": "https://d2nvs31859zcd8.cloudfront.net/d3c2fadcaee0a608c2d6_pokimane_321069980156_1747261099/chunked/index-dvr.m3u8",
 "twitchVideoUrl": "https://www.twitch.tv/videos/2458896948",
 "userId": "44445592",
 "videoDuration": "11m47s",
 "videoId": "2458896948",
 "videoProcessingStatus": "COMPLETE",
 "videoPublishedTime": "2025-05-14T22:18:25Z"
}

Appsync-Messaging-App

AWS-EC2-Gitlab-Instance

A Self hosted Gitlab application hosted on an EC2 instance in front of an ALB. Includes support for domain configuration with Route53 & regular backups into an S3 bucket

Watch

3.8k

Star

3.7k

Topics:

aws
ec2
gitlab
networking

EC2-Gitlab-Instance

Instance:

ImageId: ami-084e8c05825742534 (eu-west-2)
InstanceType: t2.medium

Setup:

deploy the template to cloudformation
enter the parameters
configuration with a domain:
1. including the hostedZoneId, domainName, subDomainName & domainCertArn parameters will:
  1. Create a HTTPS loadbalancer targetGroup & listener with the domainCertArn on port 443
  2. Create a dns record in the hostedZoneId for subDomainName.domainName e.g. gitlab.example.co.uk
  3. Configure the gitlab instance for the domain subDomainName.domainName
2. not including the hostedZoneId, domainName, subDomainName & domainCertArn parameters will:
  1. Omit the HTTPS loadbalancer targetGroup & listener
  2. Not create any dns records
  3. Configure the gitlab instance to be accessible from the loadbalancer e.g. {loadBalancerName}-1234567890.AWS::Region.elb.amazonaws.com
Give time for the instance to create, it will be accessible from the dns record or the public ELB domain

Notes

Q: Why is a load balancer needed? A: The Gitlab CE installation creates & signs its own HTTPS certificate which some browsers warn about when trying to access the site. The load balancer allows port 443 to be listened on & inject your domain certificate when using HTTPS to resolve this issue.

Q: How do backups work? A: The gitlab.rb file is configured to send the Gitlab backup, the gitlab.rb file & gitlab-secrets.json. A backup will occur everyday at 00:00. A backup can also be preform by running the preform-backup SSM document.

The default username is root & the userData script sets the password to gitlabRootPassword stack parameter, The default being Password123!

Self-Managed Gitlab CE

Once you finish setting up Gitlab CE you can login, create groups & repos without issue. You can even clone them locally (setup ssh), add files then push them back to your Gitlab. Additionally, You can also register your own runners on a global or group level check this out. These runners can then create resources in aws using a template.yaml & gitlab-ci.yaml.

.css-1eziwv{-webkit-flex:1;-ms-flex:1;flex:1;text-align:left;}README.md

cloudwatch-winston-logger

Example

Output

Example

Cloudwatch Output

README.md

AVP-auth-api

Setup

README.md

Unity Snake

README.md

AWS-EC2-minecraft-server-mesh

Setup

a. Setup without a domain:

b. Setup with a domain:

Minecraft Server Proxy

README.md

The Lost Dungeon 3

Example room:

Example of the boss room:

README.md

Hilbert-Curve

README.md

API-query-RDS

Setup:

README.md

Arduino-AWS-IoT-Core

Arduino

Setup

Arduino Logs

README.md

iot-hub-website

Amplify Setup

Arduino Setup

Usage

Devices before logging in

Login page

Devices after logging in

Arduino setup

README.md

wave-function-collapse

Initial testing:

The small boxes are representing a blank tile

tests with more complicated tile sheets after adding dynamic rules

addition of asymmetric tiles

proof of concept dungeon layout

README.md

ECS-MC-network

Setup

a. Setup without a domain:

b. Setup with a domain:

Minecraft Server Proxy

README.md

EC2-gitlab-runner-fleet

Instance:

Runners:

Setup:

README.md

AWS-Transfer-Server

Setup:

Usage

README.md

Terraform-Aurora-Global

Setup

README.md

Flocking Simulation

Setup

README.md

Game Of Life

README.md

ECS-Github-Runners

setup

ECS Container

README.md

AWS-Asynchronous-api

setup

README.md

A-Star Path Finding Algorithm

setup