diff --git a/aws_cloudfront_distributions.tf b/aws_cloudfront_distributions.tf deleted file mode 100644 index 2d99d34..0000000 --- a/aws_cloudfront_distributions.tf +++ /dev/null @@ -1,115 +0,0 @@ -locals { - s3_www_origin_id = "S3-${var.www_domain}" - s3_origin_id = "S3-${var.base_domain}" -} - -resource "aws_cloudfront_distribution" "www_distribution" { - depends_on = [aws_s3_bucket.www_bucket] - - origin { - domain_name = "${var.www_domain}.s3-website.us-east-2.amazonaws.com" - origin_id = local.s3_www_origin_id - origin_path = "/out" - - custom_origin_config { - http_port = 80 - https_port = 443 - origin_protocol_policy = "http-only" - origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"] - } - } - - enabled = true - is_ipv6_enabled = true - aliases = [ - # var.base_domain, - var.www_domain - ] - comment = "${var.www_domain} CloudFront distribution" - - default_cache_behavior { - viewer_protocol_policy = "redirect-to-https" - allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] - cached_methods = ["GET", "HEAD"] - compress = true - target_origin_id = local.s3_www_origin_id - - forwarded_values { - query_string = false - cookies { - forward = "none" - } - } - - min_ttl = 0 - default_ttl = 120 - max_ttl = 86400 - } - - restrictions { - geo_restriction { - restriction_type = "none" - } - } - - viewer_certificate { - # cloudfront_default_certificate = true - acm_certificate_arn = aws_acm_certificate.ssl_certificate.arn - ssl_support_method = "sni-only" - } -} - -# base distribution, redirect to www distribution -resource "aws_cloudfront_distribution" "base_distribution" { - depends_on = [aws_s3_bucket.base_bucket] - - origin { - domain_name = "${var.base_domain}.s3-website.us-east-2.amazonaws.com" - origin_id = local.s3_origin_id - - custom_origin_config { - http_port = 80 - https_port = 443 - origin_protocol_policy = "http-only" - origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"] - } - } - - enabled = true - is_ipv6_enabled = true - aliases = [ - var.base_domain, - ] - comment = "${var.base_domain} CloudFront distribution" - - default_cache_behavior { - viewer_protocol_policy = "redirect-to-https" - allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] - cached_methods = ["GET", "HEAD"] - compress = true - target_origin_id = local.s3_origin_id - - forwarded_values { - query_string = false - cookies { - forward = "none" - } - } - - min_ttl = 0 - default_ttl = 120 - max_ttl = 86400 - } - - restrictions { - geo_restriction { - restriction_type = "none" - } - } - - viewer_certificate { - # cloudfront_default_certificate = true - acm_certificate_arn = aws_acm_certificate.ssl_certificate.arn - ssl_support_method = "sni-only" - } -} diff --git a/aws_route53.tf b/aws_route53.tf deleted file mode 100644 index e69de29..0000000 diff --git a/aws_route53_records.tf b/aws_route53_records.tf deleted file mode 100644 index 33b9ad2..0000000 --- a/aws_route53_records.tf +++ /dev/null @@ -1,23 +0,0 @@ -resource "aws_route53_record" "base_a" { - zone_id = data.aws_route53_zone.base_domain.zone_id - name = var.base_domain - type = "A" - - alias { - name = aws_cloudfront_distribution.base_distribution.domain_name - zone_id = aws_cloudfront_distribution.base_distribution.hosted_zone_id - evaluate_target_health = false - } -} - -resource "aws_route53_record" "www_a" { - zone_id = data.aws_route53_zone.base_domain.zone_id - name = var.www_domain - type = "A" - - alias { - name = aws_cloudfront_distribution.www_distribution.domain_name - zone_id = aws_cloudfront_distribution.www_distribution.hosted_zone_id - evaluate_target_health = false - } -} diff --git a/aws_s3_bucket.tf b/aws_s3_bucket.tf deleted file mode 100644 index 3f8d463..0000000 --- a/aws_s3_bucket.tf +++ /dev/null @@ -1,80 +0,0 @@ -##################################### -# create www.chihtingyeh.com bucket # -##################################### - -resource "aws_s3_bucket" "www_bucket" { - bucket = var.www_domain -} - -# Upload the out/ directory to the bucket -resource "aws_s3_object" "provision_source_files" { - bucket = aws_s3_bucket.www_bucket.id - # upload out folder to the bucket - for_each = fileset("${local.prefix}/", "**/*.*") - - key = "${local.prefix}/${each.key}" - source = "${local.prefix}/${each.value}" - - content_type = lookup(local.content_types, regex("\\.[^.]+$", each.value), null) -} - -resource "aws_s3_bucket_website_configuration" "www_bucket" { - bucket = aws_s3_bucket.www_bucket.id - index_document { - suffix = "index.html" - } - - error_document { - key = "404.html" - } -} - -# Configure Permissions -resource "aws_s3_bucket_public_access_block" "www_bucket" { - bucket = aws_s3_bucket.www_bucket.id - - block_public_acls = false - block_public_policy = false - ignore_public_acls = false - restrict_public_buckets = false -} - -resource "aws_s3_bucket_policy" "site" { - bucket = aws_s3_bucket.www_bucket.id - policy = jsonencode({ - Version = "2012-10-17" - Statement = [ - { - Sid = "PublicReadGetObject" - Effect = "Allow" - Principal = "*" - Action = "s3:GetObject" - Resource = [ - aws_s3_bucket.www_bucket.arn, - "${aws_s3_bucket.www_bucket.arn}/*", - ] - }, - ] - }) - depends_on = [ - aws_s3_bucket_public_access_block.www_bucket - ] -} - - -################################# -# create chihtingyeh.com bucket # -################################# - -resource "aws_s3_bucket" "base_bucket" { - bucket = var.base_domain -} - -resource "aws_s3_bucket_website_configuration" "base_bucket" { - bucket = aws_s3_bucket.base_bucket.id - redirect_all_requests_to { - host_name = var.www_domain - protocol = "https" - } -} - diff --git a/locals.tf b/locals.tf deleted file mode 100644 index ed04fff..0000000 --- a/locals.tf +++ /dev/null @@ -1,25 +0,0 @@ -locals { - dist_dir = "${path.module}/out" - module_name = basename(abspath(path.module)) - prefix = "out" - - content_types = { - ".html" : "text/html", - ".css" : "text/css", - ".js" : "application/javascript", - ".json" : "application/json", - ".xml" : "application/xml", - ".jpg" : "image/jpeg", - ".jpeg" : "image/jpeg", - ".png" : "image/png", - ".gif" : "image/gif", - ".svg" : "image/svg+xml", - ".webp" : "image/webp", - ".ico" : "image/x-icon", - ".woff" : "font/woff", - ".woff2" : "font/woff2", - ".ttf" : "font/ttf", - ".eot" : "application/vnd.ms-fontobject", - ".otf" : "font/otf" - } -} \ No newline at end of file diff --git a/main.tf b/main.tf deleted file mode 100644 index 6e59960..0000000 --- a/main.tf +++ /dev/null @@ -1,4 +0,0 @@ -# Define the provider -provider "aws" { - region = var.aws_region -} \ No newline at end of file diff --git a/outputs.tf b/outputs.tf deleted file mode 100644 index 74326af..0000000 --- a/outputs.tf +++ /dev/null @@ -1,3 +0,0 @@ -output "zone_name_servers" { - value = data.aws_route53_zone.base_domain.name_servers -} \ No newline at end of file diff --git a/provider.tf b/provider.tf deleted file mode 100644 index 19b40a7..0000000 --- a/provider.tf +++ /dev/null @@ -1,5 +0,0 @@ -# CloudFront requires SSL certificates to be provisioned in the North Virginia (us-east-1) region. -provider "aws" { - alias = "acm_provider" - region = "us-east-1" -} \ No newline at end of file diff --git a/terraform.tf b/terraform.tf deleted file mode 100644 index 0f7ed70..0000000 --- a/terraform.tf +++ /dev/null @@ -1,8 +0,0 @@ -terraform { - required_providers { - aws = { - source = "hashicorp/aws" - version = "5.52.0" - } - } -} \ No newline at end of file diff --git a/variables.tf b/variables.tf deleted file mode 100644 index ad89838..0000000 --- a/variables.tf +++ /dev/null @@ -1,17 +0,0 @@ -variable "aws_region" { - description = "The AWS region to deploy resources" - type = string - default = "us-east-2" -} - -variable "www_domain" { - description = "The domain name for the www bucket" - type = string - default = "www.chihtingyeh.com" -} - -variable "base_domain" { - description = "The domain name for the redirect bucket" - type = string - default = "chihtingyeh.com" -} \ No newline at end of file