Splitting certs into lone files
This commit is contained in:
parent
df2406720f
commit
d02b5de48c
@ -1,60 +0,0 @@
|
|||||||
# Here is the TLS cert that we create for the alpha cluster
|
|
||||||
|
|
||||||
# NOTE: for now we're going to use .blog.shockrah.xyz
|
|
||||||
# while we test things out, once everything is up then
|
|
||||||
# we can switch the cert over to use a wildcard
|
|
||||||
|
|
||||||
# Base cerificate for shockrah_xyz
|
|
||||||
##################################
|
|
||||||
resource "aws_acm_certificate" "shockrah_xyz" {
|
|
||||||
domain_name = "*.shockrah.xyz"
|
|
||||||
subject_alternative_names = [ "shockrah.xyz" ]
|
|
||||||
validation_method = "DNS"
|
|
||||||
|
|
||||||
lifecycle {
|
|
||||||
create_before_destroy = true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# Base certificate for project athens
|
|
||||||
#####################################
|
|
||||||
resource "aws_acm_certificate" "project_athens_xyz" {
|
|
||||||
domain_name = "*.project-athens.xyz"
|
|
||||||
subject_alternative_names = [ "project-athens.xyz" ]
|
|
||||||
validation_method = "DNS"
|
|
||||||
|
|
||||||
lifecycle {
|
|
||||||
create_before_destroy = true
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
# DNS RECORDS
|
|
||||||
#############
|
|
||||||
resource "aws_route53_record" "shockrah_xyz_cert" {
|
|
||||||
zone_id = var.shockrah_zone
|
|
||||||
name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name
|
|
||||||
type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type
|
|
||||||
records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ]
|
|
||||||
ttl = 300
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "project_athens_xyz_cert" {
|
|
||||||
zone_id = var.project_athens_zone
|
|
||||||
name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name
|
|
||||||
type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type
|
|
||||||
records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ]
|
|
||||||
ttl = 300
|
|
||||||
}
|
|
||||||
|
|
||||||
# Validation configuration blocks used by terraform
|
|
||||||
###################################################
|
|
||||||
|
|
||||||
resource "aws_acm_certificate_validation" "shockrah_xyz" {
|
|
||||||
certificate_arn = aws_acm_certificate.shockrah_xyz.arn
|
|
||||||
validation_record_fqdns = [ aws_route53_record.shockrah_xyz_cert.fqdn ]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_acm_certificate_validation" "project_athens_xyz" {
|
|
||||||
certificate_arn = aws_acm_certificate.project_athens_xyz.arn
|
|
||||||
validation_record_fqdns = [ aws_route53_record.project_athens_xyz_cert.fqdn ]
|
|
||||||
}
|
|
24
infra/load-balancer/project-athens-xyz-cert.tf
Normal file
24
infra/load-balancer/project-athens-xyz-cert.tf
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# Base certificate for project athens
|
||||||
|
#####################################
|
||||||
|
resource "aws_acm_certificate" "project_athens_xyz" {
|
||||||
|
domain_name = "*.project-athens.xyz"
|
||||||
|
subject_alternative_names = [ "project-athens.xyz" ]
|
||||||
|
validation_method = "DNS"
|
||||||
|
|
||||||
|
lifecycle {
|
||||||
|
create_before_destroy = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "project_athens_xyz_cert" {
|
||||||
|
zone_id = var.project_athens_zone
|
||||||
|
name = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_name
|
||||||
|
type = tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_type
|
||||||
|
records = [ tolist(aws_acm_certificate.project_athens_xyz.domain_validation_options)[0].resource_record_value ]
|
||||||
|
ttl = 300
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_acm_certificate_validation" "project_athens_xyz" {
|
||||||
|
certificate_arn = aws_acm_certificate.project_athens_xyz.arn
|
||||||
|
validation_record_fqdns = [ aws_route53_record.project_athens_xyz_cert.fqdn ]
|
||||||
|
}
|
29
infra/load-balancer/shockrah-xyz-cert.tf
Normal file
29
infra/load-balancer/shockrah-xyz-cert.tf
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
# Base cerificate for shockrah_xyz
|
||||||
|
##################################
|
||||||
|
resource "aws_acm_certificate" "shockrah_xyz" {
|
||||||
|
domain_name = "*.shockrah.xyz"
|
||||||
|
subject_alternative_names = [ "shockrah.xyz" ]
|
||||||
|
validation_method = "DNS"
|
||||||
|
|
||||||
|
lifecycle {
|
||||||
|
create_before_destroy = true
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
# DNS RECORDS
|
||||||
|
#############
|
||||||
|
resource "aws_route53_record" "shockrah_xyz_cert" {
|
||||||
|
zone_id = var.shockrah_zone
|
||||||
|
name = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_name
|
||||||
|
type = tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_type
|
||||||
|
records = [ tolist(aws_acm_certificate.shockrah_xyz.domain_validation_options)[0].resource_record_value ]
|
||||||
|
ttl = 300
|
||||||
|
}
|
||||||
|
|
||||||
|
# Validation configuration blocks used by terraform
|
||||||
|
###################################################
|
||||||
|
resource "aws_acm_certificate_validation" "shockrah_xyz" {
|
||||||
|
certificate_arn = aws_acm_certificate.shockrah_xyz.arn
|
||||||
|
validation_record_fqdns = [ aws_route53_record.shockrah_xyz_cert.fqdn ]
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user