shockrah/infra
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Splitting certs into lone files

Browse Source
This commit is contained in:
shockrah 2023-10-05 23:16:49 -07:00
parent df2406720f
commit d02b5de48c
3 changed files with 53 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
infra/load-balancer/cert.tf
View File

@ -1,60 +0,0 @@
# Here is the TLS cert that we create for the alpha cluster
# NOTE: for now we're going to use .blog.shockrah.xyz
# while we test things out, once everything is up then
# we can switch the cert over to use a wildcard
# Base cerificate for shockrah_xyz
##################################
resource "aws_acm_certificate" "shockrah_xyz" {
domain_name = "*.shockrah.xyz"
subject_alternative_names = [ "shockrah.xyz" ]
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
# Base certificate for project athens
#####################################
resource "aws_acm_certificate" "project_athens_xyz" {
domain_name = "*.project-athens.xyz"
subject_alternative_names = [ "project-athens.xyz" ]
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
# DNS RECORDS
#############
resource "aws_route53_record" "shockrah_xyz_cert" {
zone_id = var.shockrah_zone
name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type
records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ]
ttl = 300
}
resource "aws_route53_record" "project_athens_xyz_cert" {
zone_id = var.project_athens_zone
name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type
records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ]
ttl = 300
}
# Validation configuration blocks used by terraform
###################################################
resource "aws_acm_certificate_validation" "shockrah_xyz" {
certificate_arn = aws_acm_certificate.shockrah_xyz.arn
validation_record_fqdns = [ aws_route53_record.shockrah_xyz_cert.fqdn ]
}
resource "aws_acm_certificate_validation" "project_athens_xyz" {
certificate_arn = aws_acm_certificate.project_athens_xyz.arn
validation_record_fqdns = [ aws_route53_record.project_athens_xyz_cert.fqdn ]
}

24
infra/load-balancer/project-athens-xyz-cert.tf Normal file
View File

@ -0,0 +1,24 @@
# Base certificate for project athens
#####################################
resource "aws_acm_certificate" "project_athens_xyz" {
domain_name = "*.project-athens.xyz"
subject_alternative_names = [ "project-athens.xyz" ]
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
resource "aws_route53_record" "project_athens_xyz_cert" {
zone_id = var.project_athens_zone
name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type
records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ]
ttl = 300
}
resource "aws_acm_certificate_validation" "project_athens_xyz" {
certificate_arn = aws_acm_certificate.project_athens_xyz.arn
validation_record_fqdns = [ aws_route53_record.project_athens_xyz_cert.fqdn ]
}

29
infra/load-balancer/shockrah-xyz-cert.tf Normal file
View File

@ -0,0 +1,29 @@
# Base cerificate for shockrah_xyz
##################################
resource "aws_acm_certificate" "shockrah_xyz" {
domain_name = "*.shockrah.xyz"
subject_alternative_names = [ "shockrah.xyz" ]
validation_method = "DNS"
lifecycle {
create_before_destroy = true
}
}
# DNS RECORDS
#############
resource "aws_route53_record" "shockrah_xyz_cert" {
zone_id = var.shockrah_zone
name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name
type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type
records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ]
ttl = 300
}
# Validation configuration blocks used by terraform
###################################################
resource "aws_acm_certificate_validation" "shockrah_xyz" {
certificate_arn = aws_acm_certificate.shockrah_xyz.arn
validation_record_fqdns = [ aws_route53_record.shockrah_xyz_cert.fqdn ]
}