Moving out route53 and load balancer resources
This commit is contained in:
parent
3029fbb3f6
commit
b0e5bd50da
24
infra/dns/Makefile
Normal file
24
infra/dns/Makefile
Normal file
@ -0,0 +1,24 @@
|
||||
plan=out.plan
|
||||
|
||||
SHELL := /bin/bash
|
||||
|
||||
$(plan): *.tf
|
||||
source secrets/set-env.sh && terraform plan -input=false -out $(plan)
|
||||
|
||||
push: build
|
||||
source secrets/set-env.sh && terraform apply $(plan)
|
||||
|
||||
refresh:
|
||||
source secrets/set-env.sh && terraform apply -refresh-only
|
||||
|
||||
test:
|
||||
terraform validate
|
||||
|
||||
|
||||
rip:
|
||||
source secrets/set-env.sh && terraform destroy
|
||||
|
||||
clean:
|
||||
rm -f $(plan)
|
||||
|
||||
.PHONY: test build clean push rip
|
||||
24
infra/dns/backend.tf
Normal file
24
infra/dns/backend.tf
Normal file
@ -0,0 +1,24 @@
|
||||
terraform {
|
||||
required_version = ">= 0.13"
|
||||
backend "s3" {
|
||||
bucket = "project-athens"
|
||||
key = "infra/dns/state/build.tfstate"
|
||||
region = "us-west-1"
|
||||
encrypt = true
|
||||
}
|
||||
required_providers {
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "4.13.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Base config for using AWS features w/ Terraform
|
||||
provider "aws" {
|
||||
access_key = var.aws_key
|
||||
secret_key = var.aws_secret
|
||||
region = var.aws_region
|
||||
max_retries = 1
|
||||
}
|
||||
|
||||
@ -34,8 +34,8 @@ locals {
|
||||
ttl = 300
|
||||
records = [ "v=spf1 include:_mailcust.gandi.net ?all" ]
|
||||
},
|
||||
{ name = "www.shockrah.xyz", records = [ aws_lb.alpha.dns_name ] },
|
||||
{ name = "resume.shockrah.xyz", records = [ aws_lb.alpha.dns_name ] }
|
||||
{ name = "www.shockrah.xyz", records = [ var.alpha.dns ] },
|
||||
{ name = "resume.shockrah.xyz", records = [ var.alpha.dns ] }
|
||||
]
|
||||
}
|
||||
|
||||
@ -62,8 +62,8 @@ resource "aws_route53_record" "shockrah-xyz-apex" {
|
||||
type = "A"
|
||||
|
||||
alias {
|
||||
name = aws_lb.alpha.dns_name
|
||||
zone_id = aws_lb.alpha.zone_id
|
||||
name = var.alpha.dns
|
||||
zone_id = var.alpha.zone
|
||||
evaluate_target_health = true
|
||||
}
|
||||
}
|
||||
31
infra/dns/variables.tf
Normal file
31
infra/dns/variables.tf
Normal file
@ -0,0 +1,31 @@
|
||||
# All variables that are used in various places go here
|
||||
|
||||
######################### General provider specific values
|
||||
|
||||
variable "aws_key" {
|
||||
description = "Access Key for AWS operations"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "aws_secret" {
|
||||
description = "Secret Key for AWS operations"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "aws_region" {
|
||||
description = "Region where the VPC is located"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
|
||||
variable "alpha" {
|
||||
type = object({
|
||||
dns = string
|
||||
zone = string
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
@ -83,3 +83,11 @@ variable "sg" {
|
||||
})
|
||||
}
|
||||
|
||||
variable "alpha" {
|
||||
type = object({
|
||||
dns = string
|
||||
zone = string
|
||||
})
|
||||
}
|
||||
|
||||
|
||||
|
||||
24
infra/load-balancer/Makefile
Normal file
24
infra/load-balancer/Makefile
Normal file
@ -0,0 +1,24 @@
|
||||
plan=out.plan
|
||||
|
||||
SHELL := /bin/bash
|
||||
|
||||
$(plan): *.tf
|
||||
source ../secrets/set-env.sh && terraform plan -input=false -out $(plan)
|
||||
|
||||
push: build
|
||||
source ../secrets/set-env.sh && terraform apply $(plan)
|
||||
|
||||
refresh:
|
||||
source ../secrets/set-env.sh && terraform apply -refresh-only
|
||||
|
||||
test:
|
||||
terraform validate
|
||||
|
||||
|
||||
rip:
|
||||
source ../secrets/set-env.sh && terraform destroy
|
||||
|
||||
clean:
|
||||
rm -f $(plan)
|
||||
|
||||
.PHONY: test build clean push rip
|
||||
24
infra/load-balancer/backend.tf
Normal file
24
infra/load-balancer/backend.tf
Normal file
@ -0,0 +1,24 @@
|
||||
terraform {
|
||||
required_version = ">= 0.13"
|
||||
backend "s3" {
|
||||
bucket = "project-athens"
|
||||
key = "infra/load-balancer/state/build.tfstate"
|
||||
region = "us-west-1"
|
||||
encrypt = true
|
||||
}
|
||||
required_providers {
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "4.13.0"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
# Base config for using AWS features w/ Terraform
|
||||
provider "aws" {
|
||||
access_key = var.aws_key
|
||||
secret_key = var.aws_secret
|
||||
region = var.aws_region
|
||||
max_retries = 1
|
||||
}
|
||||
|
||||
@ -31,7 +31,7 @@ resource "aws_acm_certificate" "project_athens_xyz" {
|
||||
# DNS RECORDS
|
||||
#############
|
||||
resource "aws_route53_record" "shockrah_xyz_cert" {
|
||||
zone_id = aws_route53_zone.shockrah-xyz.id
|
||||
zone_id = var.shockrah_zone
|
||||
name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name
|
||||
type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type
|
||||
records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ]
|
||||
@ -39,7 +39,7 @@ resource "aws_route53_record" "shockrah_xyz_cert" {
|
||||
}
|
||||
|
||||
resource "aws_route53_record" "project_athens_xyz_cert" {
|
||||
zone_id = aws_route53_zone.project-athens.id
|
||||
zone_id = var.project_athens_zone
|
||||
name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name
|
||||
type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type
|
||||
records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ]
|
||||
12
infra/load-balancer/data.tf
Normal file
12
infra/load-balancer/data.tf
Normal file
@ -0,0 +1,12 @@
|
||||
data "aws_vpc" "athens" {
|
||||
id = var.vpc_id
|
||||
}
|
||||
|
||||
data "aws_subnet" "delphi" {
|
||||
id = "subnet-0a1943f26e4338cf6"
|
||||
}
|
||||
|
||||
data "aws_subnet" "crete" {
|
||||
id = "subnet-09302319a6678643f"
|
||||
}
|
||||
|
||||
13
infra/load-balancer/local.tf
Normal file
13
infra/load-balancer/local.tf
Normal file
@ -0,0 +1,13 @@
|
||||
locals {
|
||||
# ECR
|
||||
repos = [
|
||||
"reverse-proxy",
|
||||
]
|
||||
buckets = [
|
||||
"shockrah.xyz",
|
||||
"resume.shockrah.xyz"
|
||||
]
|
||||
nginx_name = "${var.athens_prefix}-nginx-static-content"
|
||||
nginx_hp_check_interval = 300
|
||||
}
|
||||
|
||||
53
infra/load-balancer/variables.tf
Normal file
53
infra/load-balancer/variables.tf
Normal file
@ -0,0 +1,53 @@
|
||||
# All variables that are used in various places go here
|
||||
|
||||
######################### General provider specific values
|
||||
|
||||
variable "aws_key" {
|
||||
description = "Access Key for AWS operations"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "aws_secret" {
|
||||
description = "Secret Key for AWS operations"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "aws_region" {
|
||||
description = "Region where the VPC is located"
|
||||
type = string
|
||||
sensitive = true
|
||||
}
|
||||
|
||||
variable "vpc_id" {
|
||||
description = "Project Athens VPC ID"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "athens_prefix" {
|
||||
description = "Prefix for all things in alpha cluster"
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "nginx_port" {
|
||||
description = "Port for shockrah.xyz"
|
||||
type = number
|
||||
}
|
||||
|
||||
variable "sg" {
|
||||
type = object({
|
||||
base_ecs = string
|
||||
ecs_web_ingress = string
|
||||
lb_health_check = string
|
||||
})
|
||||
}
|
||||
|
||||
variable "shockrah_zone" {
|
||||
type = string
|
||||
}
|
||||
|
||||
variable "project_athens_zone" {
|
||||
type = string
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user