Adding terraform config

This currently just redirects to the old bible, but at least everything is up and running
2020-02-13 09:46:46 -08:00
commit 3793c0f363
14 changed files with 877 additions and 0 deletions
--- a/terraform/www.tf
+++ b/terraform/www.tf
@@ -0,0 +1,151 @@
+
+resource "aws_s3_bucket" "temp_redirect" {
+  bucket = "${var.site}-redirect"
+  acl    = "public-read"
+
+  website {
+    index_document = "index.html"
+    error_document = "index.html"
+    # redirect_all_requests_to = "https://curvyandtrans.com/p/740D5B/gender-dysphoria/"
+  }
+}
+
+resource "aws_s3_bucket_object" "redirect_page" {
+  bucket       = aws_s3_bucket.temp_redirect.bucket
+  key          = "index.html"
+  acl          = "public-read"
+  content_type = "text/html"
+
+  metadata = {
+    "website-redirect-location" = "https://curvyandtrans.com/p/740D5B/gender-dysphoria/"
+  }
+  content = <<EOF
+<html xmlns="http://www.w3.org/1999/xhtml"><head>
+  <meta http-equiv="refresh" content="0;URL='https://curvyandtrans.com/p/740D5B/gender-dysphoria/'" />
+</head><body></body></html>
+EOF
+}
+
+# -----------------------------------------------------------------------------------------------------------
+# Cloudfront Configuration
+
+resource "aws_cloudfront_distribution" "site" {
+  origin {
+    domain_name = aws_s3_bucket.temp_redirect.bucket_regional_domain_name
+    origin_id   = "S3-Website-${aws_s3_bucket.src.website_endpoint}"
+
+    custom_origin_config {
+      origin_protocol_policy = "http-only"
+      http_port = "80"
+      https_port = "443"
+      origin_ssl_protocols = ["SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"]
+    }
+  }
+
+  enabled             = true
+  is_ipv6_enabled     = true
+  default_root_object = "index.html"
+
+  aliases = [
+    var.domain,
+    "www.${var.domain}"
+  ]
+
+  default_cache_behavior {
+    allowed_methods  = ["GET", "HEAD"]
+    cached_methods   = ["GET", "HEAD"]
+    target_origin_id = "S3-Website-${aws_s3_bucket.src.website_endpoint}"
+
+    forwarded_values {
+      query_string = false
+
+      cookies {
+        forward = "none"
+      }
+    }
+
+    # lambda_function_association {
+    #   event_type   = "origin-request"
+    #   lambda_arn   = aws_lambda_function.index_redirect.qualified_arn
+    #   include_body = false
+    # }
+
+    viewer_protocol_policy = "redirect-to-https"
+    min_ttl                = 0
+    default_ttl            = 86400
+    max_ttl                = 31536000
+  }
+
+  restrictions {
+    geo_restriction {
+      restriction_type = "none"
+    }
+  }
+
+  viewer_certificate {
+    acm_certificate_arn       = aws_acm_certificate.cert.arn
+    ssl_support_method        = "sni-only"
+    minimum_protocol_version  = "TLSv1.1_2016"
+  }
+
+  # viewer_certificate {
+  #   cloudfront_default_certificate = true
+  # }
+
+  tags = {
+    Name = "Main Site"
+    Site = var.site
+  }
+}
+
+# -----------------------------------------------------------------------------------------------------------
+# Domains
+
+resource "aws_route53_record" "site" {
+  name    = var.domain
+  zone_id = aws_route53_zone.zone.zone_id
+  type    = "A"
+
+  alias {
+    name                   = aws_cloudfront_distribution.site.domain_name
+    zone_id                = aws_cloudfront_distribution.site.hosted_zone_id
+    evaluate_target_health = false
+  }
+}
+
+resource "aws_route53_record" "www" {
+  name    = "www.${var.domain}"
+  zone_id = aws_route53_zone.zone.zone_id
+  type    = "A"
+
+  alias {
+    name                   = aws_cloudfront_distribution.site.domain_name
+    zone_id                = aws_cloudfront_distribution.site.hosted_zone_id
+    evaluate_target_health = false
+  }
+}
+
+# -----------------------------------------------------------------------------------------------------------
+# Lambda Subdirectory index.html Redirect
+
+# data "archive_file" "index_redirect" {
+#   type        = "zip"
+#   output_path = "${path.module}/files/index_redirect.js.zip"
+#   source_file = "${path.module}/files/index_redirect.js"
+# }
+
+# resource "aws_lambda_function" "index_redirect" {
+#   description      = "index.html subdirectory redirect"
+#   filename         = "${path.module}/files/index_redirect.js.zip"
+#   function_name    = "folder-index-redirect"
+#   handler          = "index_redirect.handler"
+#   source_code_hash = data.archive_file.index_redirect.output_base64sha256
+#   publish          = true
+#   role             = aws_iam_role.lambda_redirect.arn
+#   runtime          = "nodejs12.x"
+
+#   tags = {
+#     Name   = "${var.site}-index-redirect"
+#     Site = var.site
+#   }
+# }