Remove unneeded tf for AWS site.

runatlantis.io/terraform/main.tf

@@ -1,7 +1,5 @@
-// This project sets up a static website at https://www.runatlantis.io and a
-// redirect from the root domain runatlantis.io to https://www.runatlantis.io.
-// We use S3 to host the site, ACM for the SSL cert and CloudFront to front it.
-// The site is generated by Hugo (see website/src).
+// This project sets up DNS entries for runatlantis.io. The site is hosted
+// on Netlify.
 
 provider "aws" {
   region = "us-east-1"
@@ -23,15 +21,10 @@ variable "root_domain_name" {
   default = "runatlantis.io"
 }
 
-// First, set up the regular domain: www.runatlantis.io
-
-// We want AWS to host our zone so its nameservers can point to our CloudFront
-// distribution.
 resource "aws_route53_zone" "zone" {
   name = "${var.root_domain_name}"
 }
 
-// This Route53 record will point at our CloudFront distribution.
 resource "aws_route53_record" "www" {
   zone_id = "${aws_route53_zone.zone.zone_id}"
   name    = "${var.www_domain_name}"
@@ -40,103 +33,14 @@ resource "aws_route53_record" "www" {
   records = ["runatlantis.netlify.com"]
 }
 
-// Use the AWS Certificate Manager to create an SSL cert for our domain.
-// This resource won't be created until you receive the email verifying you
-// own the domain and you click on the confirmation link.
-resource "aws_acm_certificate" "certificate" {
-  // We want a wildcard cert so we can host subdomains later.
-  domain_name       = "*.${var.root_domain_name}"
-  validation_method = "EMAIL"
-
-  // We also want the cert to be valid for the root domain even though we'll be
-  // redirecting to the www. domain immediately.
-  subject_alternative_names = ["${var.root_domain_name}"]
-}
-
-// Now we're going to create an S3 bucket to hold our static website.
-
-// Create an S3 Bucket that holds the website data. CloudFront will pull the
-// website from this bucket.
-resource "aws_s3_bucket" "www" {
-  bucket = "${var.www_domain_name}"
-  acl    = "public-read"
-  policy = "${data.template_file.www_s3_bucket_policy.rendered}"
-
-  website {
-    index_document = "index.html"
-    error_document = "404.html"
-  }
-}
-
-// This template allows us to de-duplicates the IAM policy we need to apply
-// to our S3 bucket to allow it to be readable by the world (since we want
-// everyone to be able to see our site).
-data "template_file" "www_s3_bucket_policy" {
-  template = "${file("s3_bucket_policy.json")}"
-
-  vars {
-    domain_name = "${var.www_domain_name}"
-  }
-}
-
-// Finally we're ready to create our CloudFront distribution. I've moved this
-// into a module because we need two of them (the second for the root domain)
-// and there's a lot of code that would have been duplicated.
-module "www_distribution" {
-  source = "./modules/cloudfront_distribution"
-
-  // CloudFront will use our SSL cert.
-  acm_certificate_arn = "${aws_acm_certificate.certificate.arn}"
-  cnames              = ["${var.www_domain_name}"]
-
-  // CloudFront uses the S3 bucket's "website endpoint" to pull the actual
-  // content for our website.
-  domain_name = "${aws_s3_bucket.www.website_endpoint}"
-
-  origin_id = "runatlantis_s3_bucket"
-}
-
-// We've set up our www.runatlantis.io domain, but we also want people to be
-// able to type runatlantis.io or https://runatlantis.io and get redirected
-// to https://www.runatlantis.io.
-// To do this, we need to set up an S3 bucket like before but have it just
-// redirect to https://www.runatlantis.io. We then need to set up a CloudFront
-// distribution to host that redirect.
-
-resource "aws_s3_bucket" "root" {
-  bucket = "${var.root_domain_name}"
-  acl    = "public-read"
-  policy = "${data.template_file.root_s3_bucket_policy.rendered}"
-
-  website {
-    // Note this redirect. Here's where the magic happens.
-    redirect_all_requests_to = "https://${var.www_domain_name}"
-  }
-}
-
-data "template_file" "root_s3_bucket_policy" {
-  template = "${file("s3_bucket_policy.json")}"
-
-  vars {
-    domain_name = "${var.root_domain_name}"
-  }
-}
-
-module "root_distribution" {
-  source              = "./modules/cloudfront_distribution"
-  acm_certificate_arn = "${aws_acm_certificate.certificate.arn}"
-  cnames              = ["${var.root_domain_name}"]
-  domain_name         = "${aws_s3_bucket.root.website_endpoint}"
-  origin_id           = "root_s3_bucket"
-}
-
 resource "aws_route53_record" "root" {
   zone_id = "${aws_route53_zone.zone.zone_id}"
 
   // Note the name is blank here.
   name    = ""
   type    = "A"
   ttl     = "300"
+  // This IP is for Netlify.
   records = ["104.198.14.52"]
 }
 
@@ -146,7 +50,7 @@ resource "aws_route53_record" "mailgun_txt_0" {
   name    = ""
   type    = "TXT"
   ttl     = "300"
-  records = ["v=spf1 include:mailgun.org ~all"]
+  records = ["v=spf1 include:mailgun.org include:servers.mcsv.net ~all"]
 }
 
 resource "aws_route53_record" "mailgun_txt_1" {
@@ -172,3 +76,11 @@ resource "aws_route53_record" "mailgun_cname" {
   ttl     = "300"
   records = ["mailgun.org"]
 }
+
+resource "aws_route53_record" "mailchimp_cname" {
+  zone_id = "${aws_route53_zone.zone.zone_id}"
+  name    = "k1._domainkey"
+  type    = "CNAME"
+  ttl     = "300"
+  records = ["dkim.mcsv.net"]
+}