Merge pull request #21 from runatlantis/tf-refactor

Use root domain instead of naked domain
runatlantis · Mar 5, 2018 · 4bd6128 · 4bd6128
2 parents e56f555 + 53bb6d5
commit 4bd6128
Showing 1 changed file with 27 additions and 27 deletions.
diff --git a/website/terraform/main.tf b/website/terraform/main.tf
@@ -1,5 +1,5 @@
 // This project sets up a static website at https://www.runatlantis.io and a
-// redirect from the naked domain runatlantis.io to https://www.runatlantis.io.
+// redirect from the root domain runatlantis.io to https://www.runatlantis.io.
 // We use S3 to host the site, ACM for the SSL cert and CloudFront to front it.
 // The site is generated by Hugo (see website/src).
 
@@ -15,11 +15,11 @@ terraform {
   }
 }
 
-variable "domain_name" {
+variable "www_domain_name" {
   default = "www.runatlantis.io"
 }
 
-variable "naked_domain_name" {
+variable "root_domain_name" {
   default = "runatlantis.io"
 }
 
@@ -28,13 +28,13 @@ variable "naked_domain_name" {
 // We want AWS to host our zone so its nameservers can point to our CloudFront
 // distribution.
 resource "aws_route53_zone" "zone" {
-  name = "runatlantis.io"
+  name = "${var.root_domain_name}"
 }
 
 // This Route53 record will point at our CloudFront distribution.
 resource "aws_route53_record" "www" {
   zone_id = "${aws_route53_zone.zone.zone_id}"
-  name    = "www.runatlantis.io"
+  name    = "${var.www_domain_name}"
   type    = "A"
 
   alias = {
@@ -49,20 +49,20 @@ resource "aws_route53_record" "www" {
 // own the domain and you click on the confirmation link.
 resource "aws_acm_certificate" "certificate" {
   // We want a wildcard cert so we can host subdomains later.
-  domain_name       = "*.${var.naked_domain_name}"
+  domain_name       = "*.${var.root_domain_name}"
   validation_method = "EMAIL"
 
-  // We also want the cert to be valid for the naked domain even though we'll be
+  // We also want the cert to be valid for the root domain even though we'll be
   // redirecting to the www. domain immediately.
-  subject_alternative_names = ["${var.naked_domain_name}"]
+  subject_alternative_names = ["${var.root_domain_name}"]
 }
 
 // Now we're going to create an S3 bucket to hold our static website.
 
 // Create an S3 Bucket that holds the website data. CloudFront will pull the
 // website from this bucket.
-resource "aws_s3_bucket" "www_runatlantis_io" {
-  bucket = "${var.domain_name}"
+resource "aws_s3_bucket" "www" {
+  bucket = "${var.www_domain_name}"
   acl    = "public-read"
   policy = "${data.template_file.www_s3_bucket_policy.rendered}"
 
@@ -79,23 +79,23 @@ data "template_file" "www_s3_bucket_policy" {
   template = "${file("s3_bucket_policy.json")}"
 
   vars {
-    domain_name = "${var.domain_name}"
+    domain_name = "${var.www_domain_name}"
   }
 }
 
 // Finally we're ready to create our CloudFront distribution. I've moved this
-// into a module because we need two of them (the second for the naked domain)
+// into a module because we need two of them (the second for the root domain)
 // and there's a lot of code that would have been duplicated.
 module "www_distribution" {
   source = "./modules/cloudfront_distribution"
 
   // CloudFront will use our SSL cert.
   acm_certificate_arn = "${aws_acm_certificate.certificate.arn}"
-  cnames              = ["${var.domain_name}"]
+  cnames              = ["${var.www_domain_name}"]
 
   // CloudFront uses the S3 bucket's "website endpoint" to pull the actual
   // content for our website.
-  domain_name = "${aws_s3_bucket.www_runatlantis_io.website_endpoint}"
+  domain_name = "${aws_s3_bucket.www.website_endpoint}"
 
   origin_id = "runatlantis_s3_bucket"
 }
@@ -107,43 +107,43 @@ module "www_distribution" {
 // redirect to https://www.runatlantis.io. We then need to set up a CloudFront
 // distribution to host that redirect.
 
-resource "aws_s3_bucket" "runatlantis_io" {
-  bucket = "${var.naked_domain_name}"
+resource "aws_s3_bucket" "root" {
+  bucket = "${var.root_domain_name}"
   acl    = "public-read"
-  policy = "${data.template_file.naked_s3_bucket_policy.rendered}"
+  policy = "${data.template_file.root_s3_bucket_policy.rendered}"
 
   website {
     // Note this redirect. Here's where the magic happens.
-    redirect_all_requests_to = "https://www.runatlantis.io"
+    redirect_all_requests_to = "https://${var.www_domain_name}"
   }
 }
 
-data "template_file" "naked_s3_bucket_policy" {
+data "template_file" "root_s3_bucket_policy" {
   template = "${file("s3_bucket_policy.json")}"
 
   vars {
-    domain_name = "${var.naked_domain_name}"
+    domain_name = "${var.root_domain_name}"
   }
 }
 
-module "naked_distribution" {
+module "root_distribution" {
   source              = "./modules/cloudfront_distribution"
   acm_certificate_arn = "${aws_acm_certificate.certificate.arn}"
-  cnames              = ["${var.naked_domain_name}"]
-  domain_name         = "${aws_s3_bucket.runatlantis_io.website_endpoint}"
-  origin_id           = "naked_runatlantis_s3_bucket"
+  cnames              = ["${var.root_domain_name}"]
+  domain_name         = "${aws_s3_bucket.root.website_endpoint}"
+  origin_id           = "root_s3_bucket"
 }
 
-resource "aws_route53_record" "naked" {
+resource "aws_route53_record" "root" {
   zone_id = "${aws_route53_zone.zone.zone_id}"
 
   // Note the name is blank here.
   name = ""
   type = "A"
 
   alias = {
-    name                   = "${module.naked_distribution.domain_name}"
-    zone_id                = "${module.naked_distribution.hosted_zone_id}"
+    name                   = "${module.root_distribution.domain_name}"
+    zone_id                = "${module.root_distribution.hosted_zone_id}"
     evaluate_target_health = false
   }
 }