From 65ad192c8ec4bb322606bd7f709c7ffd63f835b2 Mon Sep 17 00:00:00 2001 From: Tyler Kellen Date: Mon, 6 Mar 2017 17:16:56 -0500 Subject: [PATCH] initial commit --- .gitignore | 2 + README.md | 13 + terraform.tf | 81 ++++ terraform.tfstate | 544 +++++++++++++++++++++++++++ terraform.tfvars | 28 ++ terraform/modules/aws/subnet/main.tf | 91 +++++ terraform/modules/aws/vpc/main.tf | 17 + terraform/services/email.tf | 15 + terraform/services/main.tf | 2 + terraform/websites/bocoup.tf | 36 ++ terraform/websites/main.tf | 2 + 11 files changed, 831 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100644 terraform.tf create mode 100644 terraform.tfstate create mode 100644 terraform.tfvars create mode 100644 terraform/modules/aws/subnet/main.tf create mode 100644 terraform/modules/aws/vpc/main.tf create mode 100644 terraform/services/email.tf create mode 100644 terraform/services/main.tf create mode 100644 terraform/websites/bocoup.tf create mode 100644 terraform/websites/main.tf diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ebec91b --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +.terraform +*.tfstate.backup diff --git a/README.md b/README.md new file mode 100644 index 0000000..fef4a43 --- /dev/null +++ b/README.md @@ -0,0 +1,13 @@ +# Bocoup Foundation Inc +> our infrastructure, as code + +## Setup +1. Install [AWSCLI] & [Terraform] +2. Log into AWS EC2 console, create a key pair titled "default". + Download the key and add to your ssh-agent: `ssh-add /path/to/key.pem` +3. Ensure `~/.aws/credentials` has a profile with administrative + access keys that match `name` in `terraform.tfvars` +4. Provision your infrastructure: `terraform apply` + +[AWSCLI]: http://docs.aws.amazon.com/cli/latest/userguide/installing.html +[Terraform]: https://www.terraform.io/downloads.html diff --git a/terraform.tf b/terraform.tf new file mode 100644 index 0000000..08384ef --- /dev/null +++ b/terraform.tf @@ -0,0 +1,81 @@ +variable "name" { } +variable "domain" { } +variable "aws_region" { } +variable "vpc_cidr" { } +variable "azs" { type = "list" } +variable "key_name" { } +variable "subnet_cidrs" { type = "list" } + +## +# Provide credentials for AWS from ~/.aws/credentials +# with the correct profile name. +# +provider "aws" { + profile = "${var.name}" + region = "${var.aws_region}" +} + +## +# AMI for Ubuntu 16 +# +data "aws_ami" "ubuntu" { + most_recent = true + filter { + name = "name" + values = ["ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170303"] + } + filter { + name = "virtualization-type" + values = ["hvm"] + } + # Canonical + owners = ["099720109477"] +} + +## +# Network for our entire infrastructure. +# +module "vpc" { + source = "./terraform/modules/aws/vpc" + name = "${var.name}" + cidr = "${var.vpc_cidr}" +} + +## +# Subnets within our network. +# +module "subnet" { + source = "./terraform/modules/aws/subnet" + name = "${var.name}-public" + azs = "${var.azs}" + vpc_id = "${module.vpc.id}" + cidrs = "${var.subnet_cidrs}" +} + +## +# DNS zone for primary domain. +# +resource "aws_route53_zone" "main" { + name = "${var.domain}" + lifecycle { + prevent_destroy = true + } +} + +## +# All Bocoup Foundation Inc webites. +# +module "websites" { + source = "./terraform/websites" + domain = "${var.domain}" + domain_zone_id = "${aws_route53_zone.main.id}" +} + +## +# All Bocoup Foundation Inc services. +# +module "services" { + source = "./terraform/services" + domain = "${var.domain}" + domain_zone_id = "${aws_route53_zone.main.id}" +} diff --git a/terraform.tfstate b/terraform.tfstate new file mode 100644 index 0000000..69fc880 --- /dev/null +++ b/terraform.tfstate @@ -0,0 +1,544 @@ +{ + "version": 3, + "terraform_version": "0.8.6", + "serial": 5, + "lineage": "2fb33f8e-5877-459d-b505-8604fac18324", + "modules": [ + { + "path": [ + "root" + ], + "outputs": {}, + "resources": { + "aws_route53_zone.main": { + "type": "aws_route53_zone", + "depends_on": [], + "primary": { + "id": "ZMB5TTOYIPLBU", + "attributes": { + "comment": "Managed by Terraform", + "force_destroy": "false", + "id": "ZMB5TTOYIPLBU", + "name": "bocoup.org", + "name_servers.#": "4", + "name_servers.0": "ns-1213.awsdns-23.org", + "name_servers.1": "ns-1812.awsdns-34.co.uk", + "name_servers.2": "ns-229.awsdns-28.com", + "name_servers.3": "ns-955.awsdns-55.net", + "tags.%": "0", + "zone_id": "ZMB5TTOYIPLBU" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "data.aws_ami.ubuntu": { + "type": "aws_ami", + "depends_on": [], + "primary": { + "id": "ami-09b3691f", + "attributes": { + "architecture": "x86_64", + "block_device_mappings.#": "3", + "block_device_mappings.1634610537.device_name": "/dev/sdb", + "block_device_mappings.1634610537.ebs.%": "0", + "block_device_mappings.1634610537.no_device": "", + "block_device_mappings.1634610537.virtual_name": "ephemeral0", + "block_device_mappings.2547816212.device_name": "/dev/sda1", + "block_device_mappings.2547816212.ebs.%": "6", + "block_device_mappings.2547816212.ebs.delete_on_termination": "true", + "block_device_mappings.2547816212.ebs.encrypted": "false", + "block_device_mappings.2547816212.ebs.iops": "0", + "block_device_mappings.2547816212.ebs.snapshot_id": "snap-0f37e2dee210bea56", + "block_device_mappings.2547816212.ebs.volume_size": "8", + "block_device_mappings.2547816212.ebs.volume_type": "gp2", + "block_device_mappings.2547816212.no_device": "", + "block_device_mappings.2547816212.virtual_name": "", + "block_device_mappings.3850042718.device_name": "/dev/sdc", + "block_device_mappings.3850042718.ebs.%": "0", + "block_device_mappings.3850042718.no_device": "", + "block_device_mappings.3850042718.virtual_name": "ephemeral1", + "creation_date": "2017-03-03T22:33:42.000Z", + "filter.#": "2", + "filter.3703915239.name": "name", + "filter.3703915239.values.#": "1", + "filter.3703915239.values.0": "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170303", + "filter.490168357.name": "virtualization-type", + "filter.490168357.values.#": "1", + "filter.490168357.values.0": "hvm", + "hypervisor": "xen", + "id": "ami-09b3691f", + "image_id": "ami-09b3691f", + "image_location": "099720109477/ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170303", + "image_type": "machine", + "most_recent": "true", + "name": "ubuntu/images/hvm-ssd/ubuntu-xenial-16.04-amd64-server-20170303", + "owner_id": "099720109477", + "owners.#": "1", + "owners.0": "099720109477", + "product_codes.#": "0", + "public": "true", + "root_device_name": "/dev/sda1", + "root_device_type": "ebs", + "sriov_net_support": "simple", + "state": "available", + "state_reason.%": "2", + "state_reason.code": "UNSET", + "state_reason.message": "UNSET", + "tags.#": "0", + "virtualization_type": "hvm" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + } + }, + "depends_on": [] + }, + { + "path": [ + "root", + "services" + ], + "outputs": {}, + "resources": { + "aws_route53_record.bocoup-org_MX_bocoup-com": { + "type": "aws_route53_record", + "depends_on": [], + "primary": { + "id": "ZMB5TTOYIPLBU_bocoup.org_MX", + "attributes": { + "fqdn": "bocoup.org", + "health_check_id": "", + "id": "ZMB5TTOYIPLBU_bocoup.org_MX", + "name": "bocoup.org", + "records.#": "7", + "records.1381267138": "30 aspmx4.googlemail.com.", + "records.1925581449": "30 aspmx3.googlemail.com.", + "records.1949217063": "20 alt1.aspmx.l.google.com.", + "records.254817220": "20 alt2.aspmx.l.google.com.", + "records.3589455233": "30 aspmx5.googlemail.com.", + "records.4116758986": "30 aspmx2.googlemail.com.", + "records.894547479": "10 aspmx.l.google.com.", + "set_identifier": "", + "ttl": "1", + "type": "MX", + "zone_id": "ZMB5TTOYIPLBU" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "" + } + }, + "depends_on": [] + }, + { + "path": [ + "root", + "subnet" + ], + "outputs": { + "ids": { + "sensitive": false, + "type": "list", + "value": [ + "subnet-282ccb60", + "subnet-0c1c3e57", + "subnet-bba63ede" + ] + }, + "route_table_id": { + "sensitive": false, + "type": "string", + "value": "rtb-b473e4cd" + } + }, + "resources": { + "aws_internet_gateway.main": { + "type": "aws_internet_gateway", + "depends_on": [], + "primary": { + "id": "igw-8c4345eb", + "attributes": { + "id": "igw-8c4345eb", + "tags.%": "1", + "tags.Name": "bocoup-foundation-public", + "vpc_id": "vpc-1c0f4d7a" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_network_acl.main": { + "type": "aws_network_acl", + "depends_on": [ + "aws_subnet.main" + ], + "primary": { + "id": "acl-402e3326", + "attributes": { + "egress.#": "1", + "egress.296684381.action": "allow", + "egress.296684381.cidr_block": "0.0.0.0/0", + "egress.296684381.from_port": "0", + "egress.296684381.icmp_code": "0", + "egress.296684381.icmp_type": "0", + "egress.296684381.protocol": "-1", + "egress.296684381.rule_no": "100", + "egress.296684381.to_port": "0", + "id": "acl-402e3326", + "ingress.#": "1", + "ingress.296684381.action": "allow", + "ingress.296684381.cidr_block": "0.0.0.0/0", + "ingress.296684381.from_port": "0", + "ingress.296684381.icmp_code": "0", + "ingress.296684381.icmp_type": "0", + "ingress.296684381.protocol": "-1", + "ingress.296684381.rule_no": "100", + "ingress.296684381.to_port": "0", + "subnet_ids.#": "3", + "subnet_ids.1602800214": "subnet-bba63ede", + "subnet_ids.2855024129": "subnet-282ccb60", + "subnet_ids.876880344": "subnet-0c1c3e57", + "tags.%": "1", + "tags.Name": "bocoup-foundation-public", + "vpc_id": "vpc-1c0f4d7a" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_route.main": { + "type": "aws_route", + "depends_on": [ + "aws_internet_gateway.main", + "aws_route_table.main" + ], + "primary": { + "id": "r-rtb-b473e4cd1080289494", + "attributes": { + "destination_cidr_block": "0.0.0.0/0", + "destination_prefix_list_id": "", + "gateway_id": "igw-8c4345eb", + "id": "r-rtb-b473e4cd1080289494", + "instance_id": "", + "instance_owner_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-b473e4cd", + "state": "active", + "vpc_peering_connection_id": "" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_route_table.main": { + "type": "aws_route_table", + "depends_on": [], + "primary": { + "id": "rtb-b473e4cd", + "attributes": { + "id": "rtb-b473e4cd", + "propagating_vgws.#": "0", + "route.#": "1", + "route.1007086394.cidr_block": "0.0.0.0/0", + "route.1007086394.gateway_id": "igw-8c4345eb", + "route.1007086394.instance_id": "", + "route.1007086394.nat_gateway_id": "", + "route.1007086394.network_interface_id": "", + "route.1007086394.vpc_peering_connection_id": "", + "tags.%": "1", + "tags.Name": "bocoup-foundation-public", + "vpc_id": "vpc-1c0f4d7a" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_route_table_association.main.0": { + "type": "aws_route_table_association", + "depends_on": [ + "aws_route_table.main", + "aws_subnet.main" + ], + "primary": { + "id": "rtbassoc-2cb49754", + "attributes": { + "id": "rtbassoc-2cb49754", + "route_table_id": "rtb-b473e4cd", + "subnet_id": "subnet-282ccb60" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_route_table_association.main.1": { + "type": "aws_route_table_association", + "depends_on": [ + "aws_route_table.main", + "aws_subnet.main" + ], + "primary": { + "id": "rtbassoc-29b49751", + "attributes": { + "id": "rtbassoc-29b49751", + "route_table_id": "rtb-b473e4cd", + "subnet_id": "subnet-0c1c3e57" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_route_table_association.main.2": { + "type": "aws_route_table_association", + "depends_on": [ + "aws_route_table.main", + "aws_subnet.main" + ], + "primary": { + "id": "rtbassoc-2bb49753", + "attributes": { + "id": "rtbassoc-2bb49753", + "route_table_id": "rtb-b473e4cd", + "subnet_id": "subnet-bba63ede" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_subnet.main.0": { + "type": "aws_subnet", + "depends_on": [], + "primary": { + "id": "subnet-282ccb60", + "attributes": { + "availability_zone": "us-east-1a", + "cidr_block": "10.100.0.0/24", + "id": "subnet-282ccb60", + "map_public_ip_on_launch": "true", + "tags.%": "1", + "tags.Name": "bocoup-foundation-public-0", + "vpc_id": "vpc-1c0f4d7a" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_subnet.main.1": { + "type": "aws_subnet", + "depends_on": [], + "primary": { + "id": "subnet-0c1c3e57", + "attributes": { + "availability_zone": "us-east-1b", + "cidr_block": "10.100.1.0/24", + "id": "subnet-0c1c3e57", + "map_public_ip_on_launch": "true", + "tags.%": "1", + "tags.Name": "bocoup-foundation-public-1", + "vpc_id": "vpc-1c0f4d7a" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_subnet.main.2": { + "type": "aws_subnet", + "depends_on": [], + "primary": { + "id": "subnet-bba63ede", + "attributes": { + "availability_zone": "us-east-1c", + "cidr_block": "10.100.2.0/24", + "id": "subnet-bba63ede", + "map_public_ip_on_launch": "true", + "tags.%": "1", + "tags.Name": "bocoup-foundation-public-2", + "vpc_id": "vpc-1c0f4d7a" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + } + }, + "depends_on": [] + }, + { + "path": [ + "root", + "vpc" + ], + "outputs": { + "cidr": { + "sensitive": false, + "type": "string", + "value": "10.100.0.0/16" + }, + "id": { + "sensitive": false, + "type": "string", + "value": "vpc-1c0f4d7a" + } + }, + "resources": { + "aws_vpc.main": { + "type": "aws_vpc", + "depends_on": [], + "primary": { + "id": "vpc-1c0f4d7a", + "attributes": { + "cidr_block": "10.100.0.0/16", + "default_network_acl_id": "acl-7c2e331a", + "default_route_table_id": "rtb-bf73e4c6", + "default_security_group_id": "sg-242dd85b", + "dhcp_options_id": "dopt-16fab871", + "enable_classiclink": "false", + "enable_dns_hostnames": "true", + "enable_dns_support": "true", + "id": "vpc-1c0f4d7a", + "instance_tenancy": "default", + "main_route_table_id": "rtb-bf73e4c6", + "tags.%": "1", + "tags.Name": "bocoup-foundation" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + } + }, + "depends_on": [] + }, + { + "path": [ + "root", + "websites" + ], + "outputs": {}, + "resources": { + "aws_route53_record.bocoup-org_A_bocoup-com": { + "type": "aws_route53_record", + "depends_on": [ + "aws_s3_bucket.bocoup-org", + "aws_s3_bucket.bocoup-org" + ], + "primary": { + "id": "ZMB5TTOYIPLBU_bocoup.org_A", + "attributes": { + "alias.#": "1", + "alias.2781413164.evaluate_target_health": "false", + "alias.2781413164.name": "s3-website-us-east-1.amazonaws.com", + "alias.2781413164.zone_id": "Z3AQBSTGFYJSTF", + "fqdn": "bocoup.org", + "health_check_id": "", + "id": "ZMB5TTOYIPLBU_bocoup.org_A", + "name": "bocoup.org", + "records.#": "0", + "set_identifier": "", + "ttl": "0", + "type": "A", + "zone_id": "ZMB5TTOYIPLBU" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_route53_record.bocoup-org_CNAME_www-bocoup-com": { + "type": "aws_route53_record", + "depends_on": [], + "primary": { + "id": "ZMB5TTOYIPLBU_www_CNAME", + "attributes": { + "fqdn": "www.bocoup.org", + "health_check_id": "", + "id": "ZMB5TTOYIPLBU_www_CNAME", + "name": "www", + "records.#": "1", + "records.4026520158": "bocoup.com", + "set_identifier": "", + "ttl": "1", + "type": "CNAME", + "zone_id": "ZMB5TTOYIPLBU" + }, + "meta": { + "schema_version": "2" + }, + "tainted": false + }, + "deposed": [], + "provider": "" + }, + "aws_s3_bucket.bocoup-org": { + "type": "aws_s3_bucket", + "depends_on": [], + "primary": { + "id": "bocoup.org", + "attributes": { + "acceleration_status": "", + "acl": "private", + "arn": "arn:aws:s3:::bocoup.org", + "bucket": "bocoup.org", + "bucket_domain_name": "bocoup.org.s3.amazonaws.com", + "force_destroy": "false", + "hosted_zone_id": "Z3AQBSTGFYJSTF", + "id": "bocoup.org", + "region": "us-east-1", + "request_payer": "BucketOwner", + "tags.%": "0", + "versioning.#": "1", + "versioning.0.enabled": "false", + "versioning.0.mfa_delete": "false", + "website.#": "1", + "website.0.error_document": "", + "website.0.index_document": "", + "website.0.redirect_all_requests_to": "bocoup.com", + "website.0.routing_rules": "", + "website_domain": "s3-website-us-east-1.amazonaws.com", + "website_endpoint": "bocoup.org.s3-website-us-east-1.amazonaws.com" + }, + "meta": {}, + "tainted": false + }, + "deposed": [], + "provider": "" + } + }, + "depends_on": [] + } + ] +} diff --git a/terraform.tfvars b/terraform.tfvars new file mode 100644 index 0000000..87e800c --- /dev/null +++ b/terraform.tfvars @@ -0,0 +1,28 @@ +# A name (used as a prefix in many places) for this infrastructure. +name = "bocoup-foundation" + +# The primary domain associated with this infrastructure. +domain = "bocoup.org" + +# The AWS region where this infrastructure resides. +aws_region = "us-east-1" + +# This is the name of the default keypair key to use for all instances. +key_name = "default" + +# This is the network all of our services are hosted in. +vpc_cidr = "10.100.0.0/16" + +# This is all of the availability zones we will create subnets for +azs = [ + "us-east-1a", + "us-east-1b", + "us-east-1c" +] + +# Subnets to define within the VPC, one for each AZ. +subnet_cidrs = [ + "10.100.0.0/24", + "10.100.1.0/24", + "10.100.2.0/24" +] diff --git a/terraform/modules/aws/subnet/main.tf b/terraform/modules/aws/subnet/main.tf new file mode 100644 index 0000000..f63b25d --- /dev/null +++ b/terraform/modules/aws/subnet/main.tf @@ -0,0 +1,91 @@ +## +# This modules manages subnets for a VPC. +# +variable "name" { } +variable "azs" { type = "list" } +variable "vpc_id" { } +variable "cidrs" { type = "list" } + +output "ids" { value = ["${aws_subnet.main.*.id}"] } +output "route_table_id" { value = "${aws_route_table.main.id}" } + +## +# Create one subnet for each availablity zone. +# +resource "aws_subnet" "main" { + count = "${length(var.cidrs)}" + vpc_id = "${var.vpc_id}" + cidr_block = "${element(var.cidrs, count.index)}" + availability_zone = "${element(var.azs, count.index)}" + map_public_ip_on_launch = true + tags { + Name = "${var.name}-${count.index}" + } +} + +## +# Configure ACL to allow all inbound and outbound traffic. Further access +# control is managed by security groups. +# +resource "aws_network_acl" "main" { + vpc_id = "${var.vpc_id}" + subnet_ids = ["${aws_subnet.main.*.id}"] + ingress { + protocol = -1 + rule_no = 100 + action = "allow" + cidr_block = "0.0.0.0/0" + from_port = 0 + to_port = 0 + } + egress { + protocol = -1 + rule_no = 100 + action = "allow" + cidr_block = "0.0.0.0/0" + from_port = 0 + to_port = 0 + } + tags { + Name = "${var.name}" + } +} + +## +# Create a gateway to the internet. +# +resource "aws_internet_gateway" "main" { + vpc_id = "${var.vpc_id}" + tags { + Name = "${var.name}" + } +} + +## +# Create a route table for subnets. +# +resource "aws_route_table" "main" { + vpc_id = "${var.vpc_id}" + tags { + Name = "${var.name}" + } +} + +## +# Create an entry in each of our route tables that provides internet access +# via the gateway defined above. +# +resource "aws_route" "main" { + route_table_id = "${aws_route_table.main.id}" + destination_cidr_block = "0.0.0.0/0" + gateway_id = "${aws_internet_gateway.main.id}" +} + +## +# Associate route tables with subnets. +# +resource "aws_route_table_association" "main" { + count = "${length(var.cidrs)}" + subnet_id = "${element(aws_subnet.main.*.id, count.index)}" + route_table_id = "${aws_route_table.main.id}" +} diff --git a/terraform/modules/aws/vpc/main.tf b/terraform/modules/aws/vpc/main.tf new file mode 100644 index 0000000..1ec25df --- /dev/null +++ b/terraform/modules/aws/vpc/main.tf @@ -0,0 +1,17 @@ +## +# This module manages a VPC for all of our infrastructure to exist in. +# +variable "name" { default = "vpc" } +variable "cidr" { } + +output "id" { value = "${aws_vpc.main.id}" } +output "cidr" { value = "${aws_vpc.main.cidr_block}" } + +resource "aws_vpc" "main" { + cidr_block = "${var.cidr}" + enable_dns_hostnames = true + enable_dns_support = true + tags { + Name = "${var.name}" + } +} diff --git a/terraform/services/email.tf b/terraform/services/email.tf new file mode 100644 index 0000000..83bc289 --- /dev/null +++ b/terraform/services/email.tf @@ -0,0 +1,15 @@ +resource "aws_route53_record" "bocoup-org_MX_bocoup-com" { + zone_id = "${var.domain_zone_id}" + name = "${var.domain}" + type = "MX" + ttl = "1" + records = [ + "20 alt1.aspmx.l.google.com.", + "20 alt2.aspmx.l.google.com.", + "30 aspmx2.googlemail.com.", + "30 aspmx3.googlemail.com.", + "30 aspmx4.googlemail.com.", + "30 aspmx5.googlemail.com.", + "10 aspmx.l.google.com." + ] +} diff --git a/terraform/services/main.tf b/terraform/services/main.tf new file mode 100644 index 0000000..2295b82 --- /dev/null +++ b/terraform/services/main.tf @@ -0,0 +1,2 @@ +variable "domain" { } +variable "domain_zone_id" { } diff --git a/terraform/websites/bocoup.tf b/terraform/websites/bocoup.tf new file mode 100644 index 0000000..02119f8 --- /dev/null +++ b/terraform/websites/bocoup.tf @@ -0,0 +1,36 @@ +## +# A temporary bucket for redirecting apex bocoup.org to bocoup.com. +# This can go away when there is an actual bocoup.org website. +# +resource "aws_s3_bucket" "bocoup-org" { + bucket = "bocoup.org" + website { + redirect_all_requests_to = "bocoup.com" + } +} + +## +# A DNS entry to connect apex bocoup.org to bucket above. +# This allows redirecting to bocoup.com without a server. +# +resource "aws_route53_record" "bocoup-org_A_bocoup-com" { + zone_id = "${var.domain_zone_id}" + type = "A" + name = "bocoup.org" + alias { + name = "${aws_s3_bucket.bocoup-org.website_domain}" + zone_id = "${aws_s3_bucket.bocoup-org.hosted_zone_id}" + evaluate_target_health = false + } +} + +## +# Redirect www.bocoup.org to bocoup.com +# +resource "aws_route53_record" "bocoup-org_CNAME_www-bocoup-com" { + zone_id = "${var.domain_zone_id}" + type = "CNAME" + name = "www" + ttl = "1" + records = ["bocoup.com"] +} diff --git a/terraform/websites/main.tf b/terraform/websites/main.tf new file mode 100644 index 0000000..2295b82 --- /dev/null +++ b/terraform/websites/main.tf @@ -0,0 +1,2 @@ +variable "domain" { } +variable "domain_zone_id" { }