Cleaning up DNS Records and updating certs to account for root domains
For now we're just going to worry about the main blog and resume.shockrah.xyz In the reverse-proxy image * Resume pipelines will not work in this state and will need way of updating their part of the image for ECS to pull updates*
This commit is contained in:
parent
904b730362
commit
11ffc23871
@ -7,8 +7,8 @@
|
|||||||
# Base cerificate for shockrah_xyz
|
# Base cerificate for shockrah_xyz
|
||||||
##################################
|
##################################
|
||||||
resource "aws_acm_certificate" "shockrah_xyz" {
|
resource "aws_acm_certificate" "shockrah_xyz" {
|
||||||
# TODO: replace this with wildcard once we're ready
|
domain_name = "*.shockrah.xyz"
|
||||||
domain_name = "blog.shockrah.xyz"
|
subject_alternative_names = [ "shockrah.xyz" ]
|
||||||
validation_method = "DNS"
|
validation_method = "DNS"
|
||||||
|
|
||||||
lifecycle {
|
lifecycle {
|
||||||
@ -20,6 +20,7 @@ resource "aws_acm_certificate" "shockrah_xyz" {
|
|||||||
#####################################
|
#####################################
|
||||||
resource "aws_acm_certificate" "project_athens_xyz" {
|
resource "aws_acm_certificate" "project_athens_xyz" {
|
||||||
domain_name = "*.project-athens.xyz"
|
domain_name = "*.project-athens.xyz"
|
||||||
|
subject_alternative_names = [ "project-athens.xyz" ]
|
||||||
validation_method = "DNS"
|
validation_method = "DNS"
|
||||||
|
|
||||||
lifecycle {
|
lifecycle {
|
||||||
@ -56,4 +57,4 @@ resource "aws_acm_certificate_validation" "shockrah_xyz" {
|
|||||||
resource "aws_acm_certificate_validation" "project_athens_xyz" {
|
resource "aws_acm_certificate_validation" "project_athens_xyz" {
|
||||||
certificate_arn = aws_acm_certificate.project_athens_xyz.arn
|
certificate_arn = aws_acm_certificate.project_athens_xyz.arn
|
||||||
validation_record_fqdns = [ aws_route53_record.project_athens_xyz_cert.fqdn ]
|
validation_record_fqdns = [ aws_route53_record.project_athens_xyz_cert.fqdn ]
|
||||||
}
|
}
|
||||||
|
|||||||
@ -34,15 +34,10 @@ locals {
|
|||||||
ttl = 300
|
ttl = 300
|
||||||
records = [ "v=spf1 include:_mailcust.gandi.net ?all" ]
|
records = [ "v=spf1 include:_mailcust.gandi.net ?all" ]
|
||||||
},
|
},
|
||||||
{ name = "shockrah.xyz", records = [ aws_eip.beta_eip.public_ip ] },
|
{ name = "www.shockrah.xyz", records = [ aws_lb.alpha.dns_name ] },
|
||||||
{ name = "freechat.shockrah.xyz", records = [ aws_eip.beta_eip.public_ip ] },
|
{ name = "resume.shockrah.xyz", records = [ aws_lb.alpha.dns_name ] }
|
||||||
{ name = "resume.shockrah.xyz", records = [ aws_eip.beta_eip.public_ip ] },
|
# NOTE: This one requires a proper rebuild to function
|
||||||
{ name = "www.shockrah.xyz", records = [ aws_eip.beta_eip.public_ip ] },
|
#{ name = "freechat.shockrah.xyz", records = [ aws_eip.beta_eip.public_ip ] },
|
||||||
{
|
|
||||||
name = "blog.shockrah.xyz"
|
|
||||||
type = "CNAME"
|
|
||||||
records = [ aws_lb.alpha.dns_name ]
|
|
||||||
},
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -54,8 +49,22 @@ resource "aws_route53_record" "shockrah-xyz-record" {
|
|||||||
|
|
||||||
zone_id = aws_route53_zone.shockrah-xyz.id
|
zone_id = aws_route53_zone.shockrah-xyz.id
|
||||||
name = each.value.name
|
name = each.value.name
|
||||||
type = lookup(each.value, "type", "A")
|
type = lookup(each.value, "type", "CNAME")
|
||||||
ttl = lookup(each.value, "ttl", 300)
|
ttl = lookup(each.value, "ttl", 300)
|
||||||
records = each.value.records
|
records = each.value.records
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "shockrah-xyz-apex" {
|
||||||
|
zone_id = aws_route53_zone.shockrah-xyz.id
|
||||||
|
name = "shockrah.xyz"
|
||||||
|
type = "A"
|
||||||
|
|
||||||
|
alias {
|
||||||
|
name = aws_lb.alpha.dns_name
|
||||||
|
zone_id = aws_lb.alpha.zone_id
|
||||||
|
evaluate_target_health = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user