mirror of
https://github.com/dap-ps/infra-dapps.git
synced 2025-02-23 01:18:08 +00:00
Jakub Sokołowski
f294580e31
We have to use Route53 because it provides the option to use an ALIAS type record which works for apex records and can point to a CloudFront distribution in a dynamic way. Without this we'd have to use A records which are static unlike a CNAME, which would eventually become obsolete and take down the site when they do. Details: https://github.com/dap-ps/infra-dapps/issues/18 Signed-off-by: Jakub Sokołowski <jakub@status.im>
68 lines
1.8 KiB
HCL
68 lines
1.8 KiB
HCL
/* Validated Domain -----------------------------*/
|
|
|
|
resource "aws_ses_domain_identity" "dap_ps" {
|
|
domain = var.public_domain
|
|
}
|
|
|
|
resource "aws_ses_domain_dkim" "dap_ps" {
|
|
domain = aws_ses_domain_identity.dap_ps.domain
|
|
}
|
|
|
|
resource "aws_ses_domain_mail_from" "dap_ps" {
|
|
domain = aws_ses_domain_identity.dap_ps.domain
|
|
mail_from_domain = "mail.${aws_ses_domain_identity.dap_ps.domain}"
|
|
}
|
|
|
|
resource "aws_route53_record" "dap_ps_verification" {
|
|
zone_id = aws_route53_zone.dap_ps.zone_id
|
|
name = "_amazonses"
|
|
type = "TXT"
|
|
ttl = 3600
|
|
records = ["${aws_ses_domain_identity.dap_ps.verification_token}"]
|
|
}
|
|
|
|
resource "aws_route53_record" "dap_ps_mail_mx" {
|
|
zone_id = aws_route53_zone.dap_ps.zone_id
|
|
name = "mail"
|
|
type = "MX"
|
|
ttl = 3600
|
|
records = ["10 feedback-smtp.us-east-1.amazonses.com."]
|
|
}
|
|
|
|
resource "aws_route53_record" "dap_ps_mail_spf" {
|
|
zone_id = aws_route53_zone.dap_ps.zone_id
|
|
name = "mail"
|
|
type = "TXT"
|
|
ttl = 3600
|
|
records = ["v= spf1 include:amazonses.com ~all"]
|
|
}
|
|
|
|
resource "aws_route53_record" "dap_ps_dkim" {
|
|
zone_id = aws_route53_zone.dap_ps.zone_id
|
|
ttl = 3600
|
|
type = "CNAME"
|
|
count = 3
|
|
name = "${element(aws_ses_domain_dkim.dap_ps.dkim_tokens, count.index)}._domainkey"
|
|
records = ["${element(aws_ses_domain_dkim.dap_ps.dkim_tokens, count.index)}.dkim.amazonses.com."]
|
|
}
|
|
|
|
/* SES EMail Fowarding --------------------------*/
|
|
|
|
resource "aws_route53_record" "dap_ps_mx" {
|
|
zone_id = aws_route53_zone.dap_ps.zone_id
|
|
name = "@"
|
|
type = "MX"
|
|
ttl = 3600
|
|
records = ["10 inbound-smtp.us-east-1.amazonaws.com."]
|
|
}
|
|
|
|
/* Validated Emails -----------------------------*/
|
|
|
|
resource "aws_ses_email_identity" "jakub" {
|
|
email = "jakub@status.im"
|
|
}
|
|
|
|
resource "aws_ses_email_identity" "andy" {
|
|
email = "andy@status.im"
|
|
}
|