terraform: configure marlowe-finance/route53

Create marlowe-finance.io resources: - aws_route53_zone for "marlowe-finance.io" - aws_route53_record (A) for marlowe-finance.io - aws_route53_record (CNAME) for "run.marlowe-finance.io" - aws_route53_record (CNAME) for "play.marlowe-finance.io" This commit also adds `marlowe_finance_production_ip`, the ip address of production.marlowe.iohkdev.io, which the A record from above needs to refer to. Due to the dynamic nature of the terraform configuration the IP unfortunately has to be hard-coded: Refering to machines via $env would lead to DNS records being created for all and any environment getting deployed (alpha, <userX>, ..) but of course this should only ever be applied for production.
IntersectMBO · May 4, 2021 · 5a546ae · 5a546ae
1 parent f6e8876
commit 5a546ae
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 9 deletions.
diff --git a/deployment/terraform/network.tf b/deployment/terraform/network.tf
@@ -121,15 +121,6 @@ resource "aws_route_table_association" "private" {
   route_table_id = aws_route_table.private.*.id[count.index]
 }
 
-# Bastion hosts
-data "template_file" "bastion_user_data" {
-  template = "${file("${path.module}/templates/bastion_configuration.nix")}"
-
-  vars = {
-    ssh_keys   = "${join(" ", formatlist("\"command=\\\"echo 'this host is for forwarding only'\\\",no-X11-forwarding,no-user-rc %s\"", local.bastion_ssh_keys))}"
-    network_id = "canbeanything"
-  }
-}
 
 resource "aws_instance" "bastion" {
   count                       = length(var.azs)
@@ -229,3 +220,42 @@ resource "aws_route53_zone" "plutus_private_zone" {
     Environment = var.env
   }
 }
+
+resource "aws_route53_zone" "marlowe_finance_io_zone" {
+  name = "marlowe-finance.io"
+}
+
+resource "aws_route53_record" "marlowe_finance_top_level" {
+  zone_id = aws_route53_zone.marlowe_finance_io_zone.zone_id
+  name    = "marlowe-finance.io"
+  type    = "A"
+  ttl     = 300
+  records = [var.marlowe_finance_production_ip]
+}
+
+resource "aws_route53_record" "marlowe_finance_play" {
+  zone_id = aws_route53_zone.marlowe_finance_io_zone.zone_id
+  name    = "play.marlowe-finance.io"
+  type    = "CNAME"
+  ttl     = 300
+  records = ["production.marlowe.iohkdev.io"]
+}
+
+resource "aws_route53_record" "marlowe_finance_run" {
+  zone_id = aws_route53_zone.marlowe_finance_io_zone.zone_id
+  name    = "run.marlowe-finance.io"
+  type    = "CNAME"
+  ttl     = 300
+  records = ["production.marlowe-dash.iohkdev.io"]
+}
+
+
+# Bastion hosts
+data "template_file" "bastion_user_data" {
+  template = "${file("${path.module}/templates/bastion_configuration.nix")}"
+
+  vars = {
+    ssh_keys   = "${join(" ", formatlist("\"command=\\\"echo 'this host is for forwarding only'\\\",no-X11-forwarding,no-user-rc %s\"", local.bastion_ssh_keys))}"
+    network_id = "canbeanything"
+  }
+}
diff --git a/deployment/terraform/variables.tf b/deployment/terraform/variables.tf
@@ -78,6 +78,12 @@ variable "private_subnet_cidrs" {
   default = ["10.0.4.0/24", "10.0.5.0/24", "10.0.6.0/24"]
 }
 
+# The public ip address of production.marlowe.iohkdev.io which
+# is used to create a route53 A record for marlowe-finance.io.
+variable "marlowe_finance_production_ip" {
+  default = "52.213.243.4"
+}
+
 variable "azs" {
   default = ["a", "b"]
 }