Commit 02320e6e authored by Alejandro Rodriguez's avatar Alejandro Rodriguez

Merge branch 'apex-domain-redirects' into 'master'

Add support for apex domain redirects

See merge request !982
parents 22da0bc8 e02ab67a
......@@ -66,7 +66,7 @@ format:
script: |
set +o pipefail
echo "running tf format" # there's no output for empty builds otherwise
fmt_diff=$(git diff-tree --no-commit-id --name-only -r ${CI_COMMIT_SHA} | grep '\.tf$' | xargs -I{} terraform fmt -write=false {} | sed '/^\s*$/d')
fmt_diff=$(git diff-tree --no-commit-id --name-only -r ${CI_COMMIT_SHA} | grep '\.tf$' | xargs -I{} bash -c 'cd "$(dirname {})" && terraform fmt -write=false "$(basename {})"' | sed '/^\s*$/d')
if test -n "$fmt_diff"; then
echo "******* Terraform formatting error:"
echo ""
......
......@@ -15,6 +15,7 @@ provider "aws" {
locals {
zones = {
"gitlab.org" = "${var.gitlab_org_zone_id}"
"gitlab.io" = "${var.gitlab_io_zone_id}"
}
}
......@@ -28,6 +29,16 @@ resource "aws_route53_record" "default" {
records = ["${lookup(var.tls_domains, each.key, "nonssl.global.fastly.net")}"]
}
resource "aws_route53_record" "a_records" {
for_each = var.apex_redirects
zone_id = "${local.zones[regex("[\\w-]+\\.[\\w-]+$", each.key)]}"
name = each.key
type = "A"
ttl = "300"
records = var.tls_apex_domains_ips[each.key]
}
resource "fastly_service_v1" "redirects" {
name = "Domain redirects"
......@@ -39,7 +50,7 @@ resource "fastly_service_v1" "redirects" {
}
dynamic "domain" {
for_each = var.redirects
for_each = merge(var.redirects, var.apex_redirects)
content {
name = domain.key
......@@ -47,7 +58,7 @@ resource "fastly_service_v1" "redirects" {
}
dynamic "condition" {
for_each = var.redirects
for_each = merge(var.redirects, var.apex_redirects)
content {
name = "${condition.key} request"
......@@ -58,7 +69,7 @@ resource "fastly_service_v1" "redirects" {
}
dynamic "condition" {
for_each = var.redirects
for_each = merge(var.redirects, var.apex_redirects)
content {
name = "${condition.key} response"
......@@ -69,7 +80,7 @@ resource "fastly_service_v1" "redirects" {
}
dynamic "response_object" {
for_each = var.redirects
for_each = merge(var.redirects, var.apex_redirects)
content {
name = "${response_object.key} response"
......@@ -80,7 +91,7 @@ resource "fastly_service_v1" "redirects" {
}
dynamic "header" {
for_each = var.redirects
for_each = merge(var.redirects, var.apex_redirects)
content {
name = "${header.key} location"
......
variable "gitlab_org_zone_id" {}
variable "gitlab_io_zone_id" {}
variable "redirects" {
type = "map"
......@@ -8,6 +9,15 @@ variable "redirects" {
}
}
variable "apex_redirects" {
type = "map"
default = {
"gitlab.org" = "https://about.gitlab.com/"
"gitlab.io" = "https://about.gitlab.com/"
}
}
# For now you have to manually create the TLS domains you want to support in
# Fastly and specify here the corresponding certificate host. If you don't need
# to support TLS you can ommit the entry and we'll use nonssl.global.fastly.net
......@@ -19,3 +29,22 @@ variable "tls_domains" {
"api.gitlab.org" = "h3.shared.global.fastly.net"
}
}
variable "tls_apex_domains_ips" {
type = "map"
default = {
"gitlab.org" = [
"151.101.2.49",
"151.101.66.49",
"151.101.194.49",
"151.101.130.49"
]
"gitlab.io" = [
"151.101.2.49",
"151.101.66.49",
"151.101.194.49",
"151.101.130.49"
]
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment