* Load balancer components are now built dynamically for each domain
+ Increased health_check intervals + HTTPS default action is now a blank 400 page + Generating listener rules for beta proxy based on bucket names/domains Using domain filters for this basically * Dynamically attaching listener certificates
This commit is contained in:
parent
ffe5ffe831
commit
87a549bc1f
@ -20,14 +20,15 @@ resource "aws_lb" "alpha" {
|
|||||||
## ECS services manage themselves when it comes to registering to the
|
## ECS services manage themselves when it comes to registering to the
|
||||||
## target group so we only need to provide the pool
|
## target group so we only need to provide the pool
|
||||||
#####################################################################
|
#####################################################################
|
||||||
resource "aws_lb_target_group" "shockrah_xyz" {
|
resource "aws_lb_target_group" "nginx" {
|
||||||
name = "${var.athens_prefix}-shockrah-xyz"
|
for_each = toset(local.buckets)
|
||||||
|
name = "${var.athens_prefix}-${replace(each.value, ".", "-")}"
|
||||||
port = var.nginx_port
|
port = var.nginx_port
|
||||||
protocol = "HTTP"
|
protocol = "HTTP"
|
||||||
target_type = "ip"
|
target_type = "ip"
|
||||||
vpc_id = aws_vpc.athens_vpc.id
|
vpc_id = aws_vpc.athens_vpc.id
|
||||||
health_check {
|
health_check {
|
||||||
interval = 60
|
interval = 120
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -54,15 +55,39 @@ resource "aws_lb_listener" "https" {
|
|||||||
|
|
||||||
certificate_arn = aws_acm_certificate_validation.shockrah_xyz.certificate_arn
|
certificate_arn = aws_acm_certificate_validation.shockrah_xyz.certificate_arn
|
||||||
default_action {
|
default_action {
|
||||||
|
type = "fixed-response"
|
||||||
|
fixed_response {
|
||||||
|
content_type = "text/plain"
|
||||||
|
message_body = "Literally how"
|
||||||
|
status_code = "400"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_lb_listener_rule" "beta" {
|
||||||
|
for_each = {
|
||||||
|
for index, record in local.buckets:
|
||||||
|
index => record
|
||||||
|
}
|
||||||
|
listener_arn = aws_lb_listener.https.arn
|
||||||
|
priority = 100 + each.key
|
||||||
|
action {
|
||||||
type = "forward"
|
type = "forward"
|
||||||
target_group_arn = aws_lb_target_group.shockrah_xyz.arn
|
target_group_arn = aws_lb_target_group.nginx[each.value].arn
|
||||||
|
}
|
||||||
|
condition {
|
||||||
|
host_header {
|
||||||
|
values = [ each.value ]
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
# Certificate attachment for project athens
|
# Certificate attachment for project athens
|
||||||
###########################################
|
###########################################
|
||||||
# Additional certificate for the .net
|
# Additional certificate for the .net
|
||||||
resource "aws_lb_listener_certificate" "alpha_project_athens_cert" {
|
resource "aws_lb_listener_certificate" "alpha_project_athens_cert" {
|
||||||
|
for_each = toset(local.buckets)
|
||||||
listener_arn = aws_lb_listener.https.arn
|
listener_arn = aws_lb_listener.https.arn
|
||||||
certificate_arn = aws_acm_certificate_validation.project_athens_xyz.certificate_arn
|
certificate_arn = aws_acm_certificate_validation.project_athens_xyz.certificate_arn
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user