Format, enable CORS on couch helm chart
This commit is contained in:
parent
b13ebfb409
commit
3321b23071
|
@ -11,11 +11,12 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
|
|||
}
|
||||
|
||||
default_cache_behavior {
|
||||
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
|
||||
cached_methods = ["GET", "HEAD"]
|
||||
target_origin_id = "abb.gmem.ca"
|
||||
viewer_protocol_policy = "redirect-to-https"
|
||||
cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6"
|
||||
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
|
||||
cached_methods = ["GET", "HEAD"]
|
||||
target_origin_id = "abb.gmem.ca"
|
||||
compress = true
|
||||
viewer_protocol_policy = "redirect-to-https"
|
||||
cache_policy_id = aws_cloudfront_cache_policy.api-by-becki.id
|
||||
response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63"
|
||||
}
|
||||
|
||||
|
@ -28,7 +29,7 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
|
|||
aliases = ["api-by-becki.gmem.ca"]
|
||||
viewer_certificate {
|
||||
acm_certificate_arn = aws_acm_certificate.api-by-becki.arn
|
||||
ssl_support_method = "sni-only"
|
||||
ssl_support_method = "sni-only"
|
||||
}
|
||||
|
||||
|
||||
|
@ -39,6 +40,12 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
|
|||
}
|
||||
}
|
||||
|
||||
resource "aws_cloudfront_cache_policy" "api-by-becki" {
|
||||
default_ttl = 300
|
||||
max_ttl = 604800
|
||||
min_ttl = 1
|
||||
}
|
||||
|
||||
resource "aws_acm_certificate" "api-by-becki" {
|
||||
domain_name = "api-by-becki.gmem.ca"
|
||||
validation_method = "DNS"
|
||||
|
@ -46,7 +53,7 @@ resource "aws_acm_certificate" "api-by-becki" {
|
|||
}
|
||||
|
||||
resource "aws_acm_certificate_validation" "api-by-becki" {
|
||||
certificate_arn = aws_acm_certificate.api-by-becki.arn
|
||||
certificate_arn = aws_acm_certificate.api-by-becki.arn
|
||||
validation_record_fqdns = [for record in aws_route53_record.api-by-becki-acm : record.fqdn]
|
||||
provider = aws.virginia
|
||||
provider = aws.virginia
|
||||
}
|
|
@ -13,11 +13,11 @@ resource "aws_route53_record" "api-by-becki" {
|
|||
resource "aws_route53_record" "api-by-becki-primary" {
|
||||
zone_id = aws_route53_zone.gmemca.zone_id
|
||||
name = "api-by-becki"
|
||||
type = "A"
|
||||
type = "A"
|
||||
|
||||
alias {
|
||||
name = "${aws_cloudfront_distribution.api-by-becki.domain_name}"
|
||||
zone_id = "${aws_cloudfront_distribution.api-by-becki.hosted_zone_id}"
|
||||
name = aws_cloudfront_distribution.api-by-becki.domain_name
|
||||
zone_id = aws_cloudfront_distribution.api-by-becki.hosted_zone_id
|
||||
evaluate_target_health = false
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,6 +17,6 @@ terraform {
|
|||
}
|
||||
|
||||
provider "aws" {
|
||||
alias = "virginia"
|
||||
alias = "virginia"
|
||||
region = "us-east-1"
|
||||
}
|
|
@ -12,8 +12,9 @@ ingress:
|
|||
annotations:
|
||||
kubernetes.io/ingress.class: nginx
|
||||
cert-manager.io/issuer: "letsencrypt-prod"
|
||||
nginx.ingress.kubernetes.io/enable-cors: "true"
|
||||
nginx.ingress.kubernetes.io/proxy-body-size: 10m
|
||||
tls:
|
||||
- secretName: couch-tls
|
||||
hosts:
|
||||
- abb.gmem.ca
|
||||
- abb.gmem.ca
|
||||
|
|
Loading…
Reference in a new issue