diff --git a/apps/snippets/infra/global/main.tf b/apps/snippets/infra/global/main.tf deleted file mode 100644 index c45d6b5e..00000000 --- a/apps/snippets/infra/global/main.tf +++ /dev/null @@ -1,80 +0,0 @@ -provider "aws" { - region = "${var.region}" -} - -terraform { - backend "s3" { - bucket = "snippets-shared-tf-state" - key = "snippets-cdn" - region = "us-west-2" - } -} - -locals { - log-bucket = "snippets-cdn-logs-${data.aws_caller_identity.current.account_id}" -} - -data "aws_caller_identity" current {} - -resource "aws_s3_bucket" "snippets-logging" { - bucket = "${local.log-bucket}" - region = "${var.region}" - acl = "log-delivery-write" - - tags { - Name = "${local.log-bucket}" - Region = "${var.region}" - Terraform = "true" - } - - lifecycle_rule { - enabled = true - - expiration { - days = 90 - } - - noncurrent_version_expiration { - days = 1 - } - } - - -} - - -module "snippets-cdn-stage" { - source = "./stage_cdn" - environment = "stage" - - # Commented out because snippets.cdn.mozilla.net is used, uncomment - # once everything is fully tested - #aliases = [ "snippets-prod-cdn.moz.works", "snippets.cdn.mozilla.net"] - aliases = ["snippets-stage-cdn.moz.works"] - - comment = "Used by Firefox (stage)" - log_bucket = "${aws_s3_bucket.snippets-logging.bucket_domain_name}" - log_prefix = "snippets-stage/" - - certificate_arn = "arn:aws:acm:us-east-1:236517346949:certificate/3a7ae4ad-3b7b-449a-a5ea-0238295dc6fd" - origin_domain_name = "snippets-stage-us-west.s3.amazonaws.com" - default_cache_target_origin_id = "snippets.allizom.org" - ordered_cache_target_origin_id = "S3-snippets-stage-us-west" -} - - -module "snippets-cdn-prod" { - source = "./prod_cdn" - environment = "prod" - - aliases = [ "snippets-prod-cdn.moz.works", "snippets.cdn.mozilla.net"] - - comment = "Used by Firefox (prod)" - log_bucket = "${aws_s3_bucket.snippets-logging.bucket_domain_name}" - log_prefix = "snippets-prod/" - - certificate_arn = "arn:aws:acm:us-east-1:236517346949:certificate/615f7c6a-b0a8-466e-886c-8d0064f07c6d" - origin_domain_name = "snippets-prod-us-west.s3.amazonaws.com" - default_cache_target_origin_id = "snippets.mozilla.com" - ordered_cache_target_origin_id = "S3-snippets-prod-us-west" -} diff --git a/apps/snippets/infra/global/prod_cdn/main.tf b/apps/snippets/infra/global/prod_cdn/main.tf deleted file mode 100644 index a9d922bf..00000000 --- a/apps/snippets/infra/global/prod_cdn/main.tf +++ /dev/null @@ -1,121 +0,0 @@ -resource "aws_cloudfront_distribution" "snippets" { - enabled = "${var.enabled}" - aliases = "${var.aliases}" - price_class = "PriceClass_100" - comment = "${var.comment}" - http_version = "http1.1" - is_ipv6_enabled = false - wait_for_deployment = true - - logging_config { - include_cookies = false - bucket = "${var.log_bucket}" - prefix = "${var.log_prefix}" - } - - default_cache_behavior = { - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cached_methods = ["GET", "HEAD", "OPTIONS"] - target_origin_id = "${var.default_cache_target_origin_id}" - - forwarded_values { - query_string = true - headers = ["Origin"] - - cookies { - forward = "none" - } - } - - viewer_protocol_policy = "redirect-to-https" - compress = true - min_ttl = "0" - max_ttl = "31536000" - default_ttl = "86400" - } - - custom_error_response { - error_code = 403 - response_code = 200 - error_caching_min_ttl = 60 - response_page_path = "/us-west/empty.json" - } - - # Cache behavior with precedence 0 - ordered_cache_behavior { - path_pattern = "media/*" - target_origin_id = "${var.ordered_cache_target_origin_id}" - - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cached_methods = ["GET", "HEAD", "OPTIONS"] - - forwarded_values { - query_string = false - - cookies { - forward = "none" - } - } - - viewer_protocol_policy = "redirect-to-https" - compress = true - min_ttl = "0" - max_ttl = "31536000" - default_ttl = "86400" - } - - # Cache behavior with precedence 1 - ordered_cache_behavior { - path_pattern = "us-west/*" - target_origin_id = "${var.ordered_cache_target_origin_id}" - - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cached_methods = ["GET", "HEAD", "OPTIONS"] - - forwarded_values { - query_string = false - - cookies { - forward = "none" - } - } - - viewer_protocol_policy = "redirect-to-https" - compress = true - min_ttl = "0" - max_ttl = "31536000" - default_ttl = "86400" - } - - origin { - domain_name = "${var.default_cache_target_origin_id}" - origin_id = "${var.default_cache_target_origin_id}" - - custom_origin_config { - http_port = "80" - https_port = "443" - origin_keepalive_timeout = "5" - origin_protocol_policy = "match-viewer" - origin_read_timeout = "30" - origin_ssl_protocols = ["TLSv1", "SSLv3"] - } - } - - origin { - domain_name = "${var.origin_domain_name}" - origin_id = "${var.ordered_cache_target_origin_id}" - } - - restrictions { - geo_restriction { - restriction_type = "none" - } - } - - viewer_certificate { - acm_certificate_arn = "${var.certificate_arn}" - cloudfront_default_certificate = false - minimum_protocol_version = "TLSv1" - ssl_support_method = "sni-only" - } -} diff --git a/apps/snippets/infra/global/prod_cdn/outputs.tf b/apps/snippets/infra/global/prod_cdn/outputs.tf deleted file mode 100644 index 685fe25f..00000000 --- a/apps/snippets/infra/global/prod_cdn/outputs.tf +++ /dev/null @@ -1,7 +0,0 @@ -output "cdn_id" { - value = "${aws_cloudfront_distribution.snippets.id}" -} - -output "cdn_domain_name" { - value = "${aws_cloudfront_distribution.snippets.domain_name}" -} diff --git a/apps/snippets/infra/global/prod_cdn/variables.tf b/apps/snippets/infra/global/prod_cdn/variables.tf deleted file mode 100644 index afae1aed..00000000 --- a/apps/snippets/infra/global/prod_cdn/variables.tf +++ /dev/null @@ -1,27 +0,0 @@ -variable "region" { - default = "us-west-2" -} - -variable "enabled" { - default = true -} - -variable "aliases" { - type = "list" -} - -variable "comment" {} - -variable "environment" {} - -variable "certificate_arn" {} - -variable "log_bucket" {} - -variable "log_prefix" {} - -variable "default_cache_target_origin_id" {} - -variable "ordered_cache_target_origin_id" {} - -variable "origin_domain_name" {} diff --git a/apps/snippets/infra/global/stage_cdn/main.tf b/apps/snippets/infra/global/stage_cdn/main.tf deleted file mode 100644 index 98906a13..00000000 --- a/apps/snippets/infra/global/stage_cdn/main.tf +++ /dev/null @@ -1,136 +0,0 @@ -resource "aws_cloudfront_distribution" "snippets" { - enabled = "${var.enabled}" - aliases = "${var.aliases}" - price_class = "PriceClass_100" - comment = "${var.comment}" - http_version = "http1.1" - is_ipv6_enabled = false - wait_for_deployment = true - - logging_config { - include_cookies = false - bucket = "${var.log_bucket}" - prefix = "${var.log_prefix}" - } - - default_cache_behavior = { - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cached_methods = ["GET", "HEAD", "OPTIONS"] - target_origin_id = "${var.default_cache_target_origin_id}" - - forwarded_values { - query_string = true - headers = ["Origin"] - - cookies { - forward = "none" - } - } - - viewer_protocol_policy = "redirect-to-https" - compress = true - min_ttl = "0" - max_ttl = "31536000" - default_ttl = "86400" - } - - custom_error_response { - error_code = 403 - response_code = 200 - error_caching_min_ttl = 60 - response_page_path = "/us-west/empty.json" - } - - # Cache behavior with precedence 0 - ordered_cache_behavior { - path_pattern = "media/*" - target_origin_id = "${var.ordered_cache_target_origin_id}" - - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cached_methods = ["GET", "HEAD", "OPTIONS"] - - forwarded_values { - query_string = false - - cookies { - forward = "none" - } - } - - viewer_protocol_policy = "redirect-to-https" - compress = true - min_ttl = "0" - max_ttl = "31536000" - default_ttl = "86400" - } - - # Cache behavior with precedence 1 - ordered_cache_behavior { - path_pattern = "us-west/*" - target_origin_id = "${var.ordered_cache_target_origin_id}" - - allowed_methods = ["GET", "HEAD", "OPTIONS"] - cached_methods = ["GET", "HEAD", "OPTIONS"] - - forwarded_values { - query_string = false - - cookies { - forward = "none" - } - } - - viewer_protocol_policy = "redirect-to-https" - compress = true - min_ttl = "0" - max_ttl = "31536000" - default_ttl = "86400" - } - - origin { - domain_name = "${var.default_cache_target_origin_id}" - origin_id = "${var.default_cache_target_origin_id}" - - custom_origin_config { - http_port = "80" - https_port = "443" - origin_keepalive_timeout = "5" - origin_protocol_policy = "match-viewer" - origin_read_timeout = "30" - origin_ssl_protocols = ["TLSv1", "SSLv3"] - } - } - - origin { - domain_name = "${var.origin_domain_name}" - origin_id = "${var.ordered_cache_target_origin_id}" - } - - restrictions { - geo_restriction { - restriction_type = "none" - } - } - - viewer_certificate { - acm_certificate_arn = "${var.certificate_arn}" - cloudfront_default_certificate = false - minimum_protocol_version = "TLSv1" - ssl_support_method = "sni-only" - } -} - -data "aws_route53_zone" "zone" { - name = "moz.works" -} - -resource "aws_route53_record" "snippet_stage_cnames" { - count = "${length(var.aliases)}" - - zone_id = "${data.aws_route53_zone.zone.zone_id}" - name = "${var.aliases[count.index]}" - type = "CNAME" - ttl = 300 - - records = ["${aws_cloudfront_distribution.snippets.domain_name}"] -} diff --git a/apps/snippets/infra/global/stage_cdn/outputs.tf b/apps/snippets/infra/global/stage_cdn/outputs.tf deleted file mode 100644 index 685fe25f..00000000 --- a/apps/snippets/infra/global/stage_cdn/outputs.tf +++ /dev/null @@ -1,7 +0,0 @@ -output "cdn_id" { - value = "${aws_cloudfront_distribution.snippets.id}" -} - -output "cdn_domain_name" { - value = "${aws_cloudfront_distribution.snippets.domain_name}" -} diff --git a/apps/snippets/infra/global/stage_cdn/variables.tf b/apps/snippets/infra/global/stage_cdn/variables.tf deleted file mode 100644 index afae1aed..00000000 --- a/apps/snippets/infra/global/stage_cdn/variables.tf +++ /dev/null @@ -1,27 +0,0 @@ -variable "region" { - default = "us-west-2" -} - -variable "enabled" { - default = true -} - -variable "aliases" { - type = "list" -} - -variable "comment" {} - -variable "environment" {} - -variable "certificate_arn" {} - -variable "log_bucket" {} - -variable "log_prefix" {} - -variable "default_cache_target_origin_id" {} - -variable "ordered_cache_target_origin_id" {} - -variable "origin_domain_name" {} diff --git a/apps/snippets/infra/global/variables.tf b/apps/snippets/infra/global/variables.tf deleted file mode 100644 index e70c3ee3..00000000 --- a/apps/snippets/infra/global/variables.tf +++ /dev/null @@ -1,4 +0,0 @@ - -variable "region" { - default = "us-west-2" -} diff --git a/apps/snippets/infra/multi_region/tf/alerting/alerting.tf b/apps/snippets/infra/multi_region/tf/alerting/alerting.tf deleted file mode 100644 index 1ac80ab7..00000000 --- a/apps/snippets/infra/multi_region/tf/alerting/alerting.tf +++ /dev/null @@ -1,43 +0,0 @@ -variable "fqdn" {} - -variable "name" {} - -variable "region" {} - -resource "aws_route53_health_check" "health_check" { - fqdn = "${var.fqdn}" - port = 443 - type = "HTTPS" - resource_path = "/healthz/" - failure_threshold = "3" - request_interval = "30" - cloudwatch_alarm_name = "" - cloudwatch_alarm_region = "" - - tags = { - Name = "${var.name}" - } -} - -/* -# TODO: alarm_actions are per region :-( - we'll need to create the sns action in ap-northeast-1 etc -resource "aws_cloudwatch_metric_alarm" "alarm" { - alarm_name = "${var.name}" - comparison_operator = "LessThanThreshold" - evaluation_periods = "1" - metric_name = "HealthCheckStatus" - namespace = "AWS/Route53" - period = "60" - statistic = "Minimum" - threshold = "3" - alarm_actions = [ - "arn:aws:sns:us-east-1:236517346949:MozillaMarketingSlack", - "arn:aws:sns:us-east-1:236517346949:eeaws" - ] - dimensions { - HealthCheckId = "${aws_route53_health_check.health_check.id}" - } -} -*/ - diff --git a/apps/snippets/infra/multi_region/tf/cache/cache.tf b/apps/snippets/infra/multi_region/tf/cache/cache.tf deleted file mode 100644 index fb4d083c..00000000 --- a/apps/snippets/infra/multi_region/tf/cache/cache.tf +++ /dev/null @@ -1,35 +0,0 @@ -variable "region" {} - -variable "region_short" {} - -variable "cache_node_size" {} - -variable "cache_port" {} - -variable "cache_num_nodes" {} - -variable "cache_param_group" {} - -variable "cache_engine_version" {} - -variable "cache_subnet_ids" {} - -variable "cache_security_group" {} - -resource "aws_elasticache_subnet_group" "shared-redis-subnet-group" { - name = "shared-redis-subnet-group" - # https://github.com/hashicorp/terraform/issues/57#issuecomment-100372002 - subnet_ids = ["${split(",", var.cache_subnet_ids)}"] -} - -resource "aws_elasticache_replication_group" "shared-redis-rg" { - replication_group_id = "shared-redis" - replication_group_description = "Shared redis cluster" - node_type = "${var.cache_node_size}" - number_cache_clusters = "${var.cache_num_nodes}" - port = "${var.cache_port}" - parameter_group_name = "${var.cache_param_group}" - engine_version = "${var.cache_engine_version}" - subnet_group_name = "${aws_elasticache_subnet_group.shared-redis-subnet-group.name}" - security_group_ids = ["${var.cache_security_group}"] -} diff --git a/apps/snippets/infra/multi_region/tf/snippets.tf b/apps/snippets/infra/multi_region/tf/snippets.tf deleted file mode 100644 index c49c71bb..00000000 --- a/apps/snippets/infra/multi_region/tf/snippets.tf +++ /dev/null @@ -1,41 +0,0 @@ -provider "aws" { - region = "${var.region}" -} - -terraform { - backend "s3" { - bucket = "snippets-shared-tf-state" - key = "tf-state" - region = "us-west-2" - } -} - -##### Buckets - -module "prod-alerts" { - source = "../tf/alerting" - region = "${var.region}" - fqdn = "${var.fqdn_prod}" - name = "${var.alarm_name_prod}" -} - -# do we want stage alerts? -module "stage-alerts" { - source = "../tf/alerting" - region = "${var.region}" - fqdn = "${var.fqdn_stage}" - name = "${var.alarm_name_stage}" -} - -module "redis" { - source = "../tf/cache" - region = "${var.region}" - region_short = "${var.region_short}" - cache_node_size = "${var.cache_node_size}" - cache_port = "${var.cache_port}" - cache_num_nodes = "${var.cache_num_nodes}" - cache_param_group = "${var.cache_param_group}" - cache_engine_version = "${var.cache_engine_version}" - cache_subnet_ids = "${var.cache_subnet_ids}" - cache_security_group = "${var.cache_security_group}" -} diff --git a/apps/snippets/infra/multi_region/tf/storage/storage.tf b/apps/snippets/infra/multi_region/tf/storage/storage.tf deleted file mode 100644 index 5d9b0921..00000000 --- a/apps/snippets/infra/multi_region/tf/storage/storage.tf +++ /dev/null @@ -1,63 +0,0 @@ -variable "region" {} - -variable "environment" {} - -variable "region_short" {} - -resource "aws_s3_bucket" "logs" { - bucket = "snippets-${var.environment}-${var.region_short}-logs" - region = "${var.region}" - acl = "log-delivery-write" -} - -resource "aws_s3_bucket" "bundles" { - depends_on = ["aws_s3_bucket.logs"] - bucket = "snippets-${var.environment}-${var.region_short}" - region = "${var.region}" - acl = "public-read" - - policy = <