Skip to main content
Internal Service β€” This is not an HTTP endpoint. It’s called directly by the generate-all orchestrator.

​
Purpose

Creates an AWS CloudFront distribution with Lambda@Edge for the domain proxy. This allows the AI site to be served from the customer’s own domain. Runs in GROUP 1f (parallel with scrape, fire-and-forget). Doesn’t need scraped pages.

​
Function Signature

async def run_cloudfront_setup(url: str, org_slug: str) -> StepResult

​
Parameters

ParameterTypeDescription
urlstrThe business website URL
org_slugstrThe Clerk organization slug

​
Returns

{
  "name": "setup_cloudfront",
  "status": "success",
  "data": {
    "distribution_id": "E1234567890ABC",
    "cloudfront_domain": "d1234567890abc.cloudfront.net"
  }
}

​
What It Creates

  1. CloudFront Distribution - CDN distribution for the domain
  2. Lambda@Edge Function - Routes requests between original site and AI site
  3. SSL Certificate - Via AWS Certificate Manager (ACM)

​
How The Proxy Works

The Lambda@Edge function intercepts requests and routes:
  • /llms.txt, /robots.txt, /sitemap.xml, /pages/* β†’ AI Site
  • Everything else β†’ Original website

​
Database Updates

Updates the ai_sites table: 
UPDATE ai_sites SET
  cloudfront_distribution_id = 'E1234567890ABC',
  cloudfront_domain = 'd1234567890abc.cloudfront.net'
WHERE entity_id = 'uuid-...';

​
Code Location

src/app/shared/cloudfront/
β”œβ”€β”€ __init__.py
β”œβ”€β”€ service.py              # setup_cloudfront function
β”œβ”€β”€ create_distribution.py  # AWS CloudFront API calls
└── domain_detection.py     # Apex vs subdomain detection

​
Why Pre-create?

The CloudFront distribution is created during onboarding (before the user connects their domain) so that:
  1. DNS propagation can start early
  2. The distribution is ready when the user completes domain setup
  3. Reduces wait time in the domain connection flow

​
Error Handling

{
  "name": "setup_cloudfront",
  "status": "error",
  "error": "AWS rate limit exceeded"
}
If CloudFront setup fails, the error is logged but onboarding continues. The distribution can be created later during domain setup.