Compare commits
No commits in common. "d47b2e90eae571d2b53aa4561730ba3f11ebf1e4" and "7fe118d878c1126500d92b3b83ccf4798f1a9103" have entirely different histories.
d47b2e90ea
...
7fe118d878
|
@ -1,32 +0,0 @@
|
||||||
apiVersion: v1
|
|
||||||
data:
|
|
||||||
ADMIN_ROLE_ID: "449317401482231808"
|
|
||||||
API_CACHE_ENTRIES_LIMIT: "100"
|
|
||||||
API_CACHE_EXPIRATION_IN_SECONDS: "10800"
|
|
||||||
API_CACHE_REVALIDATION_WINDOW_IN_SECONDS: "300"
|
|
||||||
AWAIT_MESSAGE_TIMEOUT: "600"
|
|
||||||
CACHE_REVALIDATION_IN_SECONDS: "5"
|
|
||||||
FINAL_CACHE_EXPIRATION_IN_SECONDS: "30"
|
|
||||||
HELPFUL_ROLE_EXEMPT_ID: "734887151056978025"
|
|
||||||
HELPFUL_ROLE_ID: "725027785424240671"
|
|
||||||
HELPFUL_ROLE_POINT_THRESHOLD: "40"
|
|
||||||
INTRO_CHANNEL: "561171851556945920"
|
|
||||||
INTRO_ROLE: "992891679579324498"
|
|
||||||
JOB_POSTINGS_CHANNEL: "598513460019462144"
|
|
||||||
JOIN_LOG_CHANNEL: "452597959066910724"
|
|
||||||
MINIMAL_AMOUNT_OF_WORDS: "5"
|
|
||||||
MINIMAL_COMPENSATION: "15.00"
|
|
||||||
MOD_CHANNEL: "482153306567737345"
|
|
||||||
MOD_ROLE_ID: "465222496891699200"
|
|
||||||
NEW_USER_ROLE: "992891582334382230"
|
|
||||||
NUMBER_OF_ALLOWED_MESSAGES: "5"
|
|
||||||
ONBOARDING_CHANNEL: "963568922026717214"
|
|
||||||
POINT_DECAY_TIMER: "24"
|
|
||||||
POINT_LIMITER_IN_MINUTES: "30"
|
|
||||||
POST_LIMITER_IN_HOURS: "1"
|
|
||||||
REPO_LINK: https://github.com/r-webdev/webdev-support-bot
|
|
||||||
VAR_DETECT_LIMIT: "7200000"
|
|
||||||
kind: ConfigMap
|
|
||||||
metadata:
|
|
||||||
name: webdev-support-bot
|
|
||||||
namespace: default
|
|
Binary file not shown.
|
@ -26,7 +26,7 @@ resource "aws_cloudfront_distribution" "api-by-becki" {
|
||||||
enabled = true
|
enabled = true
|
||||||
is_ipv6_enabled = true
|
is_ipv6_enabled = true
|
||||||
|
|
||||||
aliases = ["api.artbybecki.com"]
|
aliases = ["api-by-becki.gmem.ca", "api.artbybecki.com"]
|
||||||
viewer_certificate {
|
viewer_certificate {
|
||||||
acm_certificate_arn = aws_acm_certificate.api-artbybecki-com.arn
|
acm_certificate_arn = aws_acm_certificate.api-artbybecki-com.arn
|
||||||
ssl_support_method = "sni-only"
|
ssl_support_method = "sni-only"
|
||||||
|
@ -61,9 +61,21 @@ resource "aws_cloudfront_cache_policy" "api" {
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
resource "aws_acm_certificate" "api-by-becki" {
|
||||||
|
domain_name = "api-by-becki.gmem.ca"
|
||||||
|
validation_method = "DNS"
|
||||||
|
provider = aws.virginia
|
||||||
|
}
|
||||||
|
|
||||||
resource "aws_acm_certificate" "api-artbybecki-com" {
|
resource "aws_acm_certificate" "api-artbybecki-com" {
|
||||||
domain_name = "api.artbybecki.com"
|
domain_name = "api.artbybecki.com"
|
||||||
validation_method = "DNS"
|
validation_method = "DNS"
|
||||||
provider = aws.virginia
|
provider = aws.virginia
|
||||||
subject_alternative_names = ["art-by-becki.gmem.ca"]
|
subject_alternative_names = ["api-by-becki.gmem.ca"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_acm_certificate_validation" "api-by-becki" {
|
||||||
|
certificate_arn = aws_acm_certificate.api-artbybecki-com.arn
|
||||||
|
validation_record_fqdns = flatten([[for record in aws_route53_record.api-by-becki-acm : record.fqdn], [for record in cloudflare_record.api-artbybecki-acm : record.hostname]])
|
||||||
|
provider = aws.virginia
|
||||||
}
|
}
|
||||||
|
|
|
@ -60,35 +60,12 @@ resource "aws_route53_record" "gabrielsimmercom-github-verification" {
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "gabrielsimmercom-txt-verifications" {
|
resource "aws_route53_record" "gabrielsimmercom-keybase-verification" {
|
||||||
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
||||||
name = "gabrielsimmer.com"
|
name = "gabrielsimmer.com"
|
||||||
type = "TXT"
|
type = "TXT"
|
||||||
ttl = 300
|
ttl = 300
|
||||||
records = [
|
records = [
|
||||||
"keybase-site-verification=f2MAsoM3HCGQAsYNcWzCy4Ul2kvh79j6etJbL7aQwv8",
|
"keybase-site-verification=f2MAsoM3HCGQAsYNcWzCy4Ul2kvh79j6etJbL7aQwv8"
|
||||||
"v=spf1 include:spf.messagingengine.com ?all"
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "gabrielsimmer-com-mx" {
|
|
||||||
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
|
||||||
name = "gabrielsimmer.com"
|
|
||||||
type = "MX"
|
|
||||||
records = ["10 in1-smtp.messagingengine.com", "20 in2-smtp.messagingengine.com"]
|
|
||||||
ttl = 300
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "gabrielsimmer-com-mail-cname" {
|
|
||||||
for_each = {
|
|
||||||
"fm1._domainkey" = "fm1.gabrielsimmer.com.dkim.fmhosted.com"
|
|
||||||
"fm2._domainkey" = "fm2.gabrielsimmer.com.dkim.fmhosted.com"
|
|
||||||
"fm3._domainkey" = "fm3.gabrielsimmer.com.dkim.fmhosted.com"
|
|
||||||
}
|
|
||||||
|
|
||||||
zone_id = aws_route53_zone.gabrielsimmercom.zone_id
|
|
||||||
name = each.key
|
|
||||||
records = [each.value]
|
|
||||||
type = "CNAME"
|
|
||||||
ttl = 300
|
|
||||||
}
|
|
||||||
|
|
|
@ -2,37 +2,12 @@ resource "aws_route53_zone" "gmemca" {
|
||||||
name = "gmem.ca"
|
name = "gmem.ca"
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "fursona" {
|
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
|
||||||
name = "fursona"
|
|
||||||
type = "CNAME"
|
|
||||||
ttl = 300
|
|
||||||
records = ["cname.vercel-dns.com."]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "atuin" {
|
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
|
||||||
name = "atuin"
|
|
||||||
type = "A"
|
|
||||||
ttl = 3600
|
|
||||||
records = ["100.77.43.133"]
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "n8n" {
|
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
|
||||||
name = "n8n"
|
|
||||||
type = "A"
|
|
||||||
ttl = 3600
|
|
||||||
records = ["100.116.48.47"]
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "hb" {
|
resource "aws_route53_record" "hb" {
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
name = "hb"
|
name = "hb"
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 300
|
ttl = 300
|
||||||
records = ["100.77.43.133"]
|
records = ["100.120.232.77"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "freshrss" {
|
resource "aws_route53_record" "freshrss" {
|
||||||
|
@ -40,7 +15,7 @@ resource "aws_route53_record" "freshrss" {
|
||||||
name = "freshrss"
|
name = "freshrss"
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 300
|
ttl = 300
|
||||||
records = ["100.77.43.133"]
|
records = ["100.120.232.77"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "ntfy" {
|
resource "aws_route53_record" "ntfy" {
|
||||||
|
@ -48,7 +23,7 @@ resource "aws_route53_record" "ntfy" {
|
||||||
name = "ntfy"
|
name = "ntfy"
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 300
|
ttl = 300
|
||||||
records = ["100.77.43.133"]
|
records = ["100.120.232.77"]
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "dref" {
|
resource "aws_route53_record" "dref" {
|
||||||
|
@ -56,7 +31,44 @@ resource "aws_route53_record" "dref" {
|
||||||
name = "dref"
|
name = "dref"
|
||||||
type = "A"
|
type = "A"
|
||||||
ttl = 300
|
ttl = 300
|
||||||
records = ["100.77.43.133"]
|
records = ["100.120.232.77"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "api-by-becki" {
|
||||||
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
|
name = "abb"
|
||||||
|
type = "A"
|
||||||
|
ttl = 300
|
||||||
|
records = ["168.119.154.189"]
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "api-by-becki-primary" {
|
||||||
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
|
name = "api-by-becki"
|
||||||
|
type = "A"
|
||||||
|
|
||||||
|
alias {
|
||||||
|
name = aws_cloudfront_distribution.api-by-becki.domain_name
|
||||||
|
zone_id = aws_cloudfront_distribution.api-by-becki.hosted_zone_id
|
||||||
|
evaluate_target_health = false
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "aws_route53_record" "api-by-becki-acm" {
|
||||||
|
for_each = {
|
||||||
|
for dvo in aws_acm_certificate.api-artbybecki-com.domain_validation_options : dvo.domain_name => {
|
||||||
|
name = dvo.resource_record_name
|
||||||
|
record = dvo.resource_record_value
|
||||||
|
type = dvo.resource_record_type
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
allow_overwrite = true
|
||||||
|
name = each.value.name
|
||||||
|
records = [each.value.record]
|
||||||
|
ttl = 60
|
||||||
|
type = each.value.type
|
||||||
|
zone_id = aws_route53_zone.gmemca.zone_id
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "aws_route53_record" "gmem-ca-mx" {
|
resource "aws_route53_record" "gmem-ca-mx" {
|
||||||
|
@ -87,186 +99,3 @@ resource "aws_route53_record" "gmem-ca-mail-txt" {
|
||||||
records = ["v=spf1 include:spf.messagingengine.com ?all"]
|
records = ["v=spf1 include:spf.messagingengine.com ?all"]
|
||||||
ttl = 300
|
ttl = 300
|
||||||
}
|
}
|
||||||
|
|
||||||
# S3 bucket static site
|
|
||||||
resource "aws_s3_bucket" "gmem-ca-static_site" {
|
|
||||||
bucket = "gmem.ca"
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
Name = "gmem.ca"
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_cloudfront_origin_access_identity" "oai" {
|
|
||||||
comment = "OAI for the static site"
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
resource "aws_s3_bucket_policy" "gmem-ca-static_site" {
|
|
||||||
bucket = aws_s3_bucket.gmem-ca-static_site.id
|
|
||||||
policy = jsonencode({
|
|
||||||
Version = "2012-10-17"
|
|
||||||
Statement = [
|
|
||||||
{
|
|
||||||
Sid = "Restrict access to CloudFront OAI"
|
|
||||||
Effect = "Allow"
|
|
||||||
Principal = {
|
|
||||||
AWS = "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${aws_cloudfront_origin_access_identity.oai.id}"
|
|
||||||
}
|
|
||||||
Action = "s3:GetObject"
|
|
||||||
Resource = "arn:aws:s3:::${aws_s3_bucket.gmem-ca-static_site.bucket}/*"
|
|
||||||
}
|
|
||||||
]
|
|
||||||
})
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_s3_bucket_website_configuration" "gmem-ca-static_site" {
|
|
||||||
bucket = aws_s3_bucket.gmem-ca-static_site.id
|
|
||||||
|
|
||||||
index_document {
|
|
||||||
suffix = "index.html"
|
|
||||||
}
|
|
||||||
|
|
||||||
error_document {
|
|
||||||
key = "error.html"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
output "website_endpoint" {
|
|
||||||
value = aws_s3_bucket_website_configuration.gmem-ca-static_site.website_domain
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_acm_certificate" "gmem-ca-cert" {
|
|
||||||
domain_name = aws_route53_zone.gmemca.name
|
|
||||||
validation_method = "DNS"
|
|
||||||
provider = aws.virginia
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "gmem-ca-cert_validation" {
|
|
||||||
for_each = {
|
|
||||||
for dvo in aws_acm_certificate.gmem-ca-cert.domain_validation_options : dvo.domain_name => {
|
|
||||||
name = dvo.resource_record_name
|
|
||||||
record = dvo.resource_record_value
|
|
||||||
type = dvo.resource_record_type
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
name = each.value.name
|
|
||||||
records = [each.value.record]
|
|
||||||
ttl = 60
|
|
||||||
type = each.value.type
|
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_acm_certificate_validation" "gmem-ca-cert" {
|
|
||||||
certificate_arn = aws_acm_certificate.gmem-ca-cert.arn
|
|
||||||
validation_record_fqdns = [for record in aws_route53_record.gmem-ca-cert_validation : record.fqdn]
|
|
||||||
provider = aws.virginia
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_cloudfront_distribution" "gmem-ca-s3_distribution" {
|
|
||||||
origin {
|
|
||||||
domain_name = aws_s3_bucket.gmem-ca-static_site.bucket_regional_domain_name
|
|
||||||
origin_id = "S3-${aws_s3_bucket.gmem-ca-static_site.id}"
|
|
||||||
|
|
||||||
s3_origin_config {
|
|
||||||
origin_access_identity = aws_cloudfront_origin_access_identity.oai.cloudfront_access_identity_path
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
origin {
|
|
||||||
connection_attempts = 3
|
|
||||||
connection_timeout = 10
|
|
||||||
domain_name = "8vs70xammd.execute-api.eu-west-2.amazonaws.com"
|
|
||||||
origin_id = "8vs70xammd.execute-api.eu-west-2.amazonaws.com"
|
|
||||||
|
|
||||||
custom_origin_config {
|
|
||||||
http_port = 80
|
|
||||||
https_port = 443
|
|
||||||
origin_keepalive_timeout = 5
|
|
||||||
origin_protocol_policy = "https-only"
|
|
||||||
origin_read_timeout = 30
|
|
||||||
origin_ssl_protocols = [
|
|
||||||
"TLSv1.2"
|
|
||||||
]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
enabled = true
|
|
||||||
is_ipv6_enabled = true
|
|
||||||
comment = "S3 Static Site Distribution for gmem.ca"
|
|
||||||
default_root_object = "index.html"
|
|
||||||
|
|
||||||
aliases = [aws_acm_certificate.gmem-ca-cert.domain_name]
|
|
||||||
|
|
||||||
default_cache_behavior {
|
|
||||||
allowed_methods = ["GET", "HEAD", "OPTIONS"]
|
|
||||||
cached_methods = ["GET", "HEAD", "OPTIONS"]
|
|
||||||
target_origin_id = "S3-${aws_s3_bucket.gmem-ca-static_site.id}"
|
|
||||||
response_headers_policy_id = "60669652-455b-4ae9-85a4-c4c02393f86c"
|
|
||||||
|
|
||||||
forwarded_values {
|
|
||||||
query_string = false
|
|
||||||
|
|
||||||
cookies {
|
|
||||||
forward = "none"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
viewer_protocol_policy = "redirect-to-https"
|
|
||||||
min_ttl = 0
|
|
||||||
default_ttl = 3600
|
|
||||||
max_ttl = 86400
|
|
||||||
}
|
|
||||||
|
|
||||||
ordered_cache_behavior {
|
|
||||||
path_pattern = "/.well-known/webfinger*"
|
|
||||||
allowed_methods = ["GET", "HEAD", "OPTIONS"]
|
|
||||||
cached_methods = ["GET", "HEAD", "OPTIONS"]
|
|
||||||
target_origin_id = "8vs70xammd.execute-api.eu-west-2.amazonaws.com"
|
|
||||||
|
|
||||||
forwarded_values {
|
|
||||||
query_string = true
|
|
||||||
headers = ["Origin", "Accept", "Content-Type"]
|
|
||||||
|
|
||||||
cookies {
|
|
||||||
forward = "all"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
viewer_protocol_policy = "redirect-to-https"
|
|
||||||
min_ttl = 0
|
|
||||||
default_ttl = 3600
|
|
||||||
max_ttl = 86400
|
|
||||||
}
|
|
||||||
|
|
||||||
viewer_certificate {
|
|
||||||
acm_certificate_arn = aws_acm_certificate_validation.gmem-ca-cert.certificate_arn
|
|
||||||
ssl_support_method = "sni-only"
|
|
||||||
minimum_protocol_version = "TLSv1.2_2021"
|
|
||||||
}
|
|
||||||
|
|
||||||
restrictions {
|
|
||||||
geo_restriction {
|
|
||||||
restriction_type = "none"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
tags = {
|
|
||||||
Name = "gmem.ca"
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
resource "aws_route53_record" "gmem-ca" {
|
|
||||||
zone_id = aws_route53_zone.gmemca.zone_id
|
|
||||||
name = aws_route53_zone.gmemca.name
|
|
||||||
type = "A"
|
|
||||||
|
|
||||||
alias {
|
|
||||||
name = aws_cloudfront_distribution.gmem-ca-s3_distribution.domain_name
|
|
||||||
zone_id = aws_cloudfront_distribution.gmem-ca-s3_distribution.hosted_zone_id
|
|
||||||
evaluate_target_health = false
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
Loading…
Reference in a new issue