From 19ad7d66e9db73e766dbf8ebc0a476641145e40f Mon Sep 17 00:00:00 2001
From: developomp <developomp@gmail.com>
Date: Mon, 25 Sep 2023 16:31:29 +0900
Subject: [PATCH] chore: use terraform

---
 .editorconfig                   |  3 ++
 .github/workflows/terraform.yml | 37 +++++++++++++++
 .gitignore                      | 42 ++++++++++++++++--
 .husky/terraform                |  4 ++
 .terraform.lock.hcl             | 25 +++++++++++
 .vscode/extensions.json         |  3 +-
 CONTRIBUTING.md                 |  1 +
 main.tf                         | 79 +++++++++++++++++++++++++++++++++
 8 files changed, 190 insertions(+), 4 deletions(-)
 create mode 100644 .github/workflows/terraform.yml
 create mode 100755 .husky/terraform
 create mode 100644 .terraform.lock.hcl
 create mode 100644 main.tf

diff --git a/.editorconfig b/.editorconfig
index c20de85..95a1f1d 100644
--- a/.editorconfig
+++ b/.editorconfig
@@ -2,3 +2,6 @@ root = true
 
 [*]
 indent_style = space
+
+[*.tf]
+tab_width = 2
diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml
new file mode 100644
index 0000000..df2ebbd
--- /dev/null
+++ b/.github/workflows/terraform.yml
@@ -0,0 +1,37 @@
+name: Terraform
+
+on:
+  push:
+    branches:
+      - master
+
+permissions:
+  contents: read
+
+jobs:
+  terraform:
+    name: Terraform
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        shell: bash
+    steps:
+      - name: Checkout Repo
+        uses: actions/checkout@v3
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v2
+        with:
+          cli_config_credentials_token: ${{ secrets.TERRAFORM_TOKEN }}
+
+      - name: Configure AWS credentials
+        uses: aws-actions/configure-aws-credentials@v1
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          aws-region: us-west-1 # just a random region (also used in main.tf)
+
+      - run: terraform init
+      - run: terraform fmt -check
+      - run: terraform plan -input=false
+      - run: terraform apply -auto-approve -input=false
diff --git a/.gitignore b/.gitignore
index aa7f28d..8c4d4a5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,8 +5,8 @@ build
 vite.config.js.timestamp-*
 vite.config.ts.timestamp-*
 
-# Created by https://www.toptal.com/developers/gitignore/api/node,macos,firebase,turbo
-# Edit at https://www.toptal.com/developers/gitignore?templates=node,macos,firebase,turbo
+# Created by https://www.toptal.com/developers/gitignore/api/node,macos,firebase,turbo,terraform
+# Edit at https://www.toptal.com/developers/gitignore?templates=node,macos,firebase,turbo,terraform
 
 ### Firebase ###
 .idea
@@ -189,8 +189,44 @@ dist
 # SvelteKit build / generate output
 .svelte-kit
 
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sensitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+*.tfvars
+*.tfvars.json
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+
 ### Turbo ###
 # Turborepo task cache
 .turbo
 
-# End of https://www.toptal.com/developers/gitignore/api/node,macos,firebase,turbo
+# End of https://www.toptal.com/developers/gitignore/api/node,macos,firebase,turbo,terraform
diff --git a/.husky/terraform b/.husky/terraform
new file mode 100755
index 0000000..5664901
--- /dev/null
+++ b/.husky/terraform
@@ -0,0 +1,4 @@
+#!/usr/bin/env sh
+. "$(dirname -- "$0")/_/husky.sh"
+
+terraform fmt -check
diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl
new file mode 100644
index 0000000..7be38b4
--- /dev/null
+++ b/.terraform.lock.hcl
@@ -0,0 +1,25 @@
+# This file is maintained automatically by "terraform init".
+# Manual edits may be lost in future updates.
+
+provider "registry.terraform.io/hashicorp/aws" {
+  version     = "5.17.0"
+  constraints = "~> 5.0"
+  hashes = [
+    "h1:U+EDfeUqefebA1h7KyBMD1xH0h311LMi7wijPDPkC/0=",
+    "zh:0087b9dd2c9c638fd63e527e5b9b70988008e263d480a199f180efe5a4f070f0",
+    "zh:0fd532a4fd03ddef11f0502ff9fe4343443e1ae805cb088825a71d6d48906ec7",
+    "zh:16411e731100cd15f7e165f53c23be784b2c86c2fcfd34781e0642d17090d342",
+    "zh:251d520927e77f091e2ec6302e921d839a2430ac541c6a461aed7c08fb5eae12",
+    "zh:4919e69682dc2a8c32d44f6ebc038a52c9f40af9c61cb574b64e322800d6a794",
+    "zh:5334c60759d5f76bdc51355d1a3ebcc451d4d20f632f5c73b6e55c52b5dc9e52",
+    "zh:7341a2b7247572eba0d0486094a870b872967702ec0ac7af728c2df2c30af4e5",
+    "zh:81d1b1cb2cac6b3922a05adab69543b678f344a01debd54500263700dad7a288",
+    "zh:882bc8e15ef6d4020a07321ec4c056977c5c1d96934118032922561d29504d43",
+    "zh:8cd4871ef2b03fd916de1a6dc7eb8a81a354c421177d4334a2e3308e50215e41",
+    "zh:97e12fe6529b21298adf1046c5e20ac35d0569c836a6f385ff041e257e00cfd2",
+    "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+    "zh:9f5baf5d59b9f3cf5504d1fa975f10f27da3791896a9e18ece47c258bac17634",
+    "zh:dffafba6731ac1db1c540bdbd6a8c878486b71de9d0ca1d23c5c00a6c3c14d80",
+    "zh:fa7440c3c15a42fc5731444d324ced75407d417bfe3184661ae47d40a9718dce",
+  ]
+}
diff --git a/.vscode/extensions.json b/.vscode/extensions.json
index 882f523..18e7faf 100644
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -9,6 +9,7 @@
         "unifiedjs.vscode-mdx",
         "svelte.svelte-vscode",
         "redhat.vscode-xml",
-        "github.vscode-github-actions"
+        "github.vscode-github-actions",
+        "4ops.terraform"
     ]
 }
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 0c961c6..b5a788d 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -32,6 +32,7 @@
 2. Install the following
    - [NodeJS](https://nodejs.org)
    - [pnpm](https://pnpm.io/installation)
+   - [terraform CLI](https://developer.hashicorp.com/terraform/downloads)
 3. Install Dependencies
    ```
    pnpm install
diff --git a/main.tf b/main.tf
new file mode 100644
index 0000000..204c8bf
--- /dev/null
+++ b/main.tf
@@ -0,0 +1,79 @@
+terraform {
+  required_providers {
+    # https://registry.terraform.io/providers/hashicorp/aws/latest/docs
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 5.0"
+    }
+  }
+}
+
+# required although unused
+provider "aws" {
+  region = "us-west-1" # just a random region (also used in .github/workflows/terraform.yml)
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/route53_zone
+data "aws_route53_zone" "developomp_com" {
+  name = "developomp.com"
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record
+resource "aws_route53_record" "main" {
+  allow_overwrite = true
+  zone_id = data.aws_route53_zone.developomp_com.zone_id
+  name    = data.aws_route53_zone.developomp_com.name
+  type    = "A"
+  ttl     = 60
+  records = ["151.101.1.195", "151.101.65.195"]
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record
+resource "aws_route53_record" "main_acme_challenge" {
+  allow_overwrite = true
+  zone_id = data.aws_route53_zone.developomp_com.zone_id
+  name    = "_acme-challenge.${data.aws_route53_zone.developomp_com.name}"
+  type    = "TXT"
+  ttl     = 60
+  records = ["FCcgOpnrCBEMv1m4Z9NRqa4FlOW78CUVrfUQgGfb14o"]
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record
+resource "aws_route53_record" "blog" {
+  allow_overwrite = true
+  zone_id = data.aws_route53_zone.developomp_com.zone_id
+  name    = "blog.${data.aws_route53_zone.developomp_com.name}"
+  type    = "A"
+  ttl     = 60
+  records = ["199.36.158.100"]
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record
+resource "aws_route53_record" "blog_acme_challenge" {
+  allow_overwrite = true
+  zone_id = data.aws_route53_zone.developomp_com.zone_id
+  name    = "_acme-challenge.blog.${data.aws_route53_zone.developomp_com.name}"
+  type    = "TXT"
+  ttl     = 60
+  records = ["RXaOhzFg2U4ZtEU_Dj_2ylAX3D8xXpdRCq1KjoaB9Sc"]
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record
+resource "aws_route53_record" "portfolio" {
+  allow_overwrite = true
+  zone_id = data.aws_route53_zone.developomp_com.zone_id
+  name    = "portfolio.${data.aws_route53_zone.developomp_com.name}"
+  type    = "A"
+  ttl     = 60
+  records = ["199.36.158.100"]
+}
+
+# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/route53_record
+resource "aws_route53_record" "portfolio_acme_challenge" {
+  allow_overwrite = true
+  zone_id = data.aws_route53_zone.developomp_com.zone_id
+  name    = "_acme-challenge.portfolio.${data.aws_route53_zone.developomp_com.name}"
+  type    = "TXT"
+  ttl     = 60
+  records = ["YxFtDJ-Qf1yE8KX2mzf4cbfkPBR74IbbWX_0l5gGnLg"]
+}