diff options
author | Vincent Ambo <mail@tazj.in> | 2023-06-07T11·28+0300 |
---|---|---|
committer | tazjin <tazjin@tvl.su> | 2023-06-09T12·21+0000 |
commit | fb7db9b692c763bb15870d64e03661e9858feab0 (patch) | |
tree | 27f03891d3379e754a81c17c18dff5f0d433b2d5 /corp/ops/yandex | |
parent | 1e70cd1c4fc029242eced15caa111cf47fd43484 (diff) |
feat(corp/ops): configure hosting setup for backend domain r/6247
Change-Id: Ia0298e3be2e16ac5dbc2b8aec1e840aa3af947e9 Reviewed-on: https://cl.tvl.fyi/c/depot/+/8719 Reviewed-by: tazjin <tazjin@tvl.su> Tested-by: BuildkiteCI
Diffstat (limited to 'corp/ops/yandex')
-rw-r--r-- | corp/ops/yandex/rih.tf | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/corp/ops/yandex/rih.tf b/corp/ops/yandex/rih.tf index f15c1432d247..cf54fc81f8dc 100644 --- a/corp/ops/yandex/rih.tf +++ b/corp/ops/yandex/rih.tf @@ -103,3 +103,67 @@ resource "yandex_serverless_container" "rih_backend" { url = "cr.yandex/crpkcq65tn6bhq6puq2o/rih-backend:a4sdm3gn9l41xv3lyr5642mpd9m0fdhg" } } + +resource "yandex_api_gateway" "rih_gateway" { + name = "rih-gateway" + folder_id = local.rih_folder_id + + custom_domains { + fqdn = "api.russiaishiring.com" + certificate_id = yandex_cm_certificate.api_russiaishiring_com.id + } + + depends_on = [ + yandex_cm_certificate.api_russiaishiring_com, + yandex_dns_recordset.acme_api_russiaishiring_com, + ] + + spec = <<-EOT + openapi: "3.0.0" + info: + version: 1.0.0 + title: RIH API + paths: + /{proxy+}: + x-yc-apigateway-any-method: + x-yc-apigateway-integration: + type: serverless_containers + container_id: ${yandex_serverless_container.rih_backend.id} + service_account_id: ${yandex_iam_service_account.rih_backend.id} + parameters: + - explode: false + in: path + name: proxy + required: false + schema: + default: '-' + type: string + style: simple + EOT +} + +resource "yandex_cm_certificate" "api_russiaishiring_com" { + folder_id = local.rih_folder_id + name = "api-russiaishiring-com" + domains = ["api.russiaishiring.com"] + + managed { + challenge_type = "DNS_CNAME" + } +} + +resource "yandex_dns_recordset" "acme_api_russiaishiring_com" { + zone_id = yandex_dns_zone.russiaishiring_com.id + name = yandex_cm_certificate.api_russiaishiring_com.challenges[0].dns_name + type = yandex_cm_certificate.api_russiaishiring_com.challenges[0].dns_type + data = [yandex_cm_certificate.api_russiaishiring_com.challenges[0].dns_value] + ttl = 60 +} + +resource "yandex_dns_recordset" "cname_api_russiaishiring_com" { + zone_id = yandex_dns_zone.russiaishiring_com.id + name = "api.russiaishiring.com." + type = "CNAME" + data = [yandex_api_gateway.rih_gateway.domain] + ttl = 600 +} |