shockrah/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Moving out route53 and load balancer resources

Browse Source
This commit is contained in:
shockrah 2023-10-05 22:20:06 -07:00
parent 3029fbb3f6
commit b0e5bd50da
13 changed files with 219 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
infra/dns/Makefile Normal file
View File

@ -0,0 +1,24 @@
plan=out.plan
SHELL := /bin/bash
$(plan): *.tf
source secrets/set-env.sh && terraform plan -input=false -out $(plan)
push: build
source secrets/set-env.sh && terraform apply $(plan)
refresh:
source secrets/set-env.sh && terraform apply -refresh-only
test:
terraform validate
rip:
source secrets/set-env.sh && terraform destroy
clean:
rm -f $(plan)
.PHONY: test build clean push rip

24
infra/dns/backend.tf Normal file
View File

@ -0,0 +1,24 @@
terraform {
required_version = ">= 0.13"
backend "s3" {
bucket = "project-athens"
key = "infra/dns/state/build.tfstate"
region = "us-west-1"
encrypt = true
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "4.13.0"
}
}
}
# Base config for using AWS features w/ Terraform
provider "aws" {
access_key = var.aws_key
secret_key = var.aws_secret
region = var.aws_region
max_retries = 1
}

0
infra/route53-project-athens-xyz.tf → infra/dns/project-athens-xyz.tf
View File

8
infra/route53-shockrah-xyz.tf → infra/dns/shockrah-xyz.tf
View File

@ -34,8 +34,8 @@ locals {
ttl = 300 ttl = 300
records = [ "v=spf1 include:_mailcust.gandi.net ?all" ] records = [ "v=spf1 include:_mailcust.gandi.net ?all" ]
}, },
{ name = "www.shockrah.xyz", records = [ aws_lb.alpha.dns_name ] }, { name = "www.shockrah.xyz", records = [ var.alpha.dns ] },
{ name = "resume.shockrah.xyz", records = [ aws_lb.alpha.dns_name ] } { name = "resume.shockrah.xyz", records = [ var.alpha.dns ] }
] ]
} }
@ -62,8 +62,8 @@ resource "aws_route53_record" "shockrah-xyz-apex" {
type = "A" type = "A"
alias { alias {
name = aws_lb.alpha.dns_name name = var.alpha.dns
zone_id = aws_lb.alpha.zone_id zone_id = var.alpha.zone
evaluate_target_health = true evaluate_target_health = true
} }
} }

31
infra/dns/variables.tf Normal file
View File

@ -0,0 +1,31 @@
# All variables that are used in various places go here
######################### General provider specific values
variable "aws_key" {
description = "Access Key for AWS operations"
type = string
sensitive = true
}
variable "aws_secret" {
description = "Secret Key for AWS operations"
type = string
sensitive = true
}
variable "aws_region" {
description = "Region where the VPC is located"
type = string
sensitive = true
}
variable "alpha" {
type = object({
dns = string
zone = string
})
}

8
infra/input-vars.tf
View File

@ -83,3 +83,11 @@ variable "sg" {
}) })
} }
variable "alpha" {
type = object({
dns = string
zone = string
})
}

24
infra/load-balancer/Makefile Normal file
View File

@ -0,0 +1,24 @@
plan=out.plan
SHELL := /bin/bash
$(plan): *.tf
source ../secrets/set-env.sh && terraform plan -input=false -out $(plan)
push: build
source ../secrets/set-env.sh && terraform apply $(plan)
refresh:
source ../secrets/set-env.sh && terraform apply -refresh-only
test:
terraform validate
rip:
source ../secrets/set-env.sh && terraform destroy
clean:
rm -f $(plan)
.PHONY: test build clean push rip

24
infra/load-balancer/backend.tf Normal file
View File

@ -0,0 +1,24 @@
terraform {
required_version = ">= 0.13"
backend "s3" {
bucket = "project-athens"
key = "infra/load-balancer/state/build.tfstate"
region = "us-west-1"
encrypt = true
}
required_providers {
aws = {
source = "hashicorp/aws"
version = "4.13.0"
}
}
}
# Base config for using AWS features w/ Terraform
provider "aws" {
access_key = var.aws_key
secret_key = var.aws_secret
region = var.aws_region
max_retries = 1
}

4
infra/cert.tf → infra/load-balancer/cert.tf
View File

@ -31,7 +31,7 @@ resource "aws_acm_certificate" "project_athens_xyz" {
# DNS RECORDS # DNS RECORDS
############# #############
resource "aws_route53_record" "shockrah_xyz_cert" { resource "aws_route53_record" "shockrah_xyz_cert" {
zone_id = aws_route53_zone.shockrah-xyz.id zone_id = var.shockrah_zone
name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type
records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ] records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ]
@ -39,7 +39,7 @@ resource "aws_route53_record" "shockrah_xyz_cert" {
} }
resource "aws_route53_record" "project_athens_xyz_cert" { resource "aws_route53_record" "project_athens_xyz_cert" {
zone_id = aws_route53_zone.project-athens.id zone_id = var.project_athens_zone
name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type
records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ] records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ]

12
infra/load-balancer/data.tf Normal file
View File

@ -0,0 +1,12 @@
data "aws_vpc" "athens" {
id = var.vpc_id
}
data "aws_subnet" "delphi" {
id = "subnet-0a1943f26e4338cf6"
}
data "aws_subnet" "crete" {
id = "subnet-09302319a6678643f"
}

0
infra/load-balancer.tf → infra/load-balancer/load-balancer.tf
View File

13
infra/load-balancer/local.tf Normal file
View File

@ -0,0 +1,13 @@
locals {
# ECR
repos = [
"reverse-proxy",
]
buckets = [
"shockrah.xyz",
"resume.shockrah.xyz"
]
nginx_name = "${var.athens_prefix}-nginx-static-content"
nginx_hp_check_interval = 300
}

53
infra/load-balancer/variables.tf Normal file
View File

@ -0,0 +1,53 @@
# All variables that are used in various places go here
######################### General provider specific values
variable "aws_key" {
description = "Access Key for AWS operations"
type = string
sensitive = true
}
variable "aws_secret" {
description = "Secret Key for AWS operations"
type = string
sensitive = true
}
variable "aws_region" {
description = "Region where the VPC is located"
type = string
sensitive = true
}
variable "vpc_id" {
description = "Project Athens VPC ID"
type = string
}
variable "athens_prefix" {
description = "Prefix for all things in alpha cluster"
type = string
}
variable "nginx_port" {
description = "Port for shockrah.xyz"
type = number
}
variable "sg" {
type = object({
base_ecs = string
ecs_web_ingress = string
lb_health_check = string
})
}
variable "shockrah_zone" {
type = string
}
variable "project_athens_zone" {
type = string
}