mirror of
https://github.com/GenderDysphoria/GenderDysphoria.fyi.git
synced 2025-01-31 07:16:17 +00:00
126 lines
3.3 KiB
HCL
126 lines
3.3 KiB
HCL
|
|
# -----------------------------------------------------------------------------------------------------------
|
|
# Cloudfront Configuration
|
|
|
|
resource "aws_cloudfront_distribution" "site" {
|
|
origin {
|
|
domain_name = aws_s3_bucket.src.bucket_regional_domain_name
|
|
origin_id = "S3-Website-${aws_s3_bucket.src.website_endpoint}"
|
|
|
|
custom_origin_config {
|
|
origin_protocol_policy = "http-only"
|
|
http_port = "80"
|
|
https_port = "443"
|
|
origin_ssl_protocols = ["SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"]
|
|
}
|
|
}
|
|
|
|
enabled = true
|
|
is_ipv6_enabled = true
|
|
default_root_object = "index.html"
|
|
|
|
aliases = [
|
|
var.domain,
|
|
"www.${var.domain}"
|
|
]
|
|
|
|
default_cache_behavior {
|
|
allowed_methods = ["GET", "HEAD"]
|
|
cached_methods = ["GET", "HEAD"]
|
|
target_origin_id = "S3-Website-${aws_s3_bucket.src.website_endpoint}"
|
|
|
|
forwarded_values {
|
|
query_string = false
|
|
|
|
cookies {
|
|
forward = "none"
|
|
}
|
|
}
|
|
|
|
lambda_function_association {
|
|
event_type = "origin-request"
|
|
lambda_arn = aws_lambda_function.index_redirect.qualified_arn
|
|
include_body = false
|
|
}
|
|
|
|
viewer_protocol_policy = "redirect-to-https"
|
|
min_ttl = 0
|
|
default_ttl = 86400
|
|
max_ttl = 31536000
|
|
}
|
|
|
|
restrictions {
|
|
geo_restriction {
|
|
restriction_type = "none"
|
|
}
|
|
}
|
|
|
|
viewer_certificate {
|
|
acm_certificate_arn = aws_acm_certificate.cert.arn
|
|
ssl_support_method = "sni-only"
|
|
minimum_protocol_version = "TLSv1.1_2016"
|
|
}
|
|
|
|
# viewer_certificate {
|
|
# cloudfront_default_certificate = true
|
|
# }
|
|
|
|
tags = {
|
|
Name = "Main Site"
|
|
Site = var.site
|
|
}
|
|
}
|
|
|
|
# -----------------------------------------------------------------------------------------------------------
|
|
# Domains
|
|
|
|
resource "aws_route53_record" "site" {
|
|
name = var.domain
|
|
zone_id = aws_route53_zone.zone.zone_id
|
|
type = "A"
|
|
|
|
alias {
|
|
name = aws_cloudfront_distribution.site.domain_name
|
|
zone_id = aws_cloudfront_distribution.site.hosted_zone_id
|
|
evaluate_target_health = false
|
|
}
|
|
}
|
|
|
|
resource "aws_route53_record" "www" {
|
|
name = "www.${var.domain}"
|
|
zone_id = aws_route53_zone.zone.zone_id
|
|
type = "A"
|
|
|
|
alias {
|
|
name = aws_cloudfront_distribution.site.domain_name
|
|
zone_id = aws_cloudfront_distribution.site.hosted_zone_id
|
|
evaluate_target_health = false
|
|
}
|
|
}
|
|
|
|
# -----------------------------------------------------------------------------------------------------------
|
|
# Lambda Subdirectory index.html Redirect
|
|
|
|
data "archive_file" "index_redirect" {
|
|
type = "zip"
|
|
output_path = ".terraform/tmp/lambda/index_redirect.zip"
|
|
source_file = "${path.module}/files/index_redirect.js"
|
|
}
|
|
|
|
resource "aws_lambda_function" "index_redirect" {
|
|
description = "index.html subdirectory redirect"
|
|
filename = "${path.module}/files/index_redirect.js.zip"
|
|
function_name = "${var.site}-index-redirect"
|
|
handler = "index_redirect.handler"
|
|
source_code_hash = data.archive_file.index_redirect.output_base64sha256
|
|
publish = true
|
|
role = aws_iam_role.lambda_redirect.arn
|
|
runtime = "nodejs10.x"
|
|
|
|
tags = {
|
|
Name = "${var.site}-index-redirect"
|
|
Site = var.site
|
|
}
|
|
}
|
|
|