⭐ feat(infra): Update infra and add support for teams to SST (#186)

## Description
- [x] Adds support for AWS SSO, which makes us (the team) able to use
SST and update the components independently
- [x] Splits the webpage into the landing page (Qwik), and Astro (the
console) in charge of playing. This allows us to pass in Environment
Variables to the console
- ~Migrates the docs from Nuxt to Nextjs, and connects them to SST. This
allows us to use Fumadocs _citation needed_ that's much more beautiful,
and supports OpenApi~
- Cloudflare pages with github integration is not working on our new CF
account. So we will have to push the pages deployment manually with
Github actions
- [x] Moves the current set up from my personal CF and AWS accounts to
dedicated Nestri accounts -

## Related Issues
<!-- List any related issues (e.g., "Closes #123", "Fixes #456") -->

## Type of Change

- [ ] Bug fix (non-breaking change)
- [x] New feature (non-breaking change)
- [ ] Breaking change (fix or feature that changes existing
functionality)
- [x] Documentation update
- [ ] Other (please describe):

## Checklist

- [x] I have updated relevant documentation
- [x] My code follows the project's coding style
- [x] My changes generate no new warnings/errors

## Notes for Reviewers
<!-- Point out areas you'd like reviewers to focus on, questions you
have, or decisions that need discussion -->
Please approve my PR 🥹


## Screenshots/Demo
<!-- If applicable, add screenshots or a GIF demo of your changes
(especially for UI changes) -->

## Additional Context
<!-- Add any other context about the pull request here -->

infra/api.ts

@@ -1,54 +1,82 @@
-import { authFingerprintKey } from "./auth";
+import { bus } from "./bus";
+import { database } from "./database";
 import { domain } from "./dns";
-import { secret } from "./secrets"
-// import { party } from "./party"
-import { gpuTaskDefinition, ecsCluster } from "./cluster";
+import { email } from "./email";
+import { secret } from "./secret";
+
+sst.Linkable.wrap(random.RandomString, (resource) => ({
+    properties: {
+        value: resource.result,
+    },
+}));
 
 export const urls = new sst.Linkable("Urls", {
     properties: {
         api: "https://api." + domain,
         auth: "https://auth." + domain,
+        site: $dev ? "http://localhost:4321" : "https://" + domain,
     },
 });
 
-export const kv = new sst.cloudflare.Kv("CloudflareAuthKV")
+export const authFingerprintKey = new random.RandomString(
+    "AuthFingerprintKey",
+    {
+        length: 32,
+    },
+);
 
-export const auth = new sst.cloudflare.Worker("Auth", {
-    link: [
-        kv,
-        urls,
-        authFingerprintKey,
-        secret.InstantAdminToken,
-        secret.InstantAppId,
-        secret.LoopsApiKey,
-        secret.GithubClientID,
-        secret.GithubClientSecret,
-        secret.DiscordClientID,
-        secret.DiscordClientSecret,
-    ],
-    handler: "./packages/functions/src/auth.ts",
-    url: true,
-    domain: "auth." + domain
-});
+export const auth = new sst.aws.Auth("Auth", {
+    issuer: {
+        timeout: "3 minutes",
+        handler: "./packages/functions/src/auth.handler",
+        link: [
+            bus,
+            email,
+            database,
+            authFingerprintKey,
+            secret.PolarSecret,
+            secret.GithubClientID,
+            secret.DiscordClientID,
+            secret.GithubClientSecret,
+            secret.DiscordClientSecret,
+        ],
+        permissions: [
+            {
+                actions: ["ses:SendEmail"],
+                resources: ["*"],
+            },
+        ],
+    },
+    domain: {
+        name: "auth." + domain,
+        dns: sst.cloudflare.dns(),
+    },
+})
 
-export const api = new sst.cloudflare.Worker("Api", {
+export const apiFunction = new sst.aws.Function("ApiFn", {
+    handler: "packages/functions/src/api/index.handler",
     link: [
+        bus,
         urls,
-        ecsCluster,
-        gpuTaskDefinition,
-        authFingerprintKey,
-        secret.LoopsApiKey,
-        secret.InstantAppId,
-        secret.AwsAccessKey,
-        secret.AwsSecretKey,
-        secret.InstantAdminToken,
+        database,
+        secret.PolarSecret,
     ],
-    url: true,
-    handler: "./packages/functions/src/api/index.ts",
-    domain: "api." + domain
+    timeout: "3 minutes",
+    streaming: !$dev,
+    url: true
+})
+
+export const api = new sst.aws.Router("Api", {
+    routes: {
+        "/*": apiFunction.url
+    },
+    domain: {
+        name: "api." + domain,
+        dns: sst.cloudflare.dns(),
+    },
 })
 
 export const outputs = {
     auth: auth.url,
-    api: api.url
-}
+    api: api.url,
+};