01/02: cdn: Remove unused berlin-mirror.

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/02: cdn: Remove unused berlin-mirror.

From:	Chris Marusich
Subject:	01/02: cdn: Remove unused berlin-mirror.
Date:	Sat, 4 May 2019 05:03:35 -0400 (EDT)

marusich pushed a commit to branch master
in repository maintenance.

commit 9e804142b1b584196e0b95f279c2214785dcd205
Author: Chris Marusich <address@hidden>
Date:   Sat May 4 01:34:25 2019 -0700

    cdn: Remove unused berlin-mirror.
    
    The berlin-mirror CloudFront distribution is safe to delete because it
    is not currently being used.  The charlie-distribution CloudFront
    distribution has replaced it.
    
    * cdn/terraform/cloudfront.tf (berlin-mirror, berlin-mirror-id)
    (berlin-mirror-enabled, berlin-mirror-status)
    (berlin-mirror-domain-name): Remove these.
---
 cdn/terraform/cloudfront.tf | 104 --------------------------------------------
 1 file changed, 104 deletions(-)

diff --git a/cdn/terraform/cloudfront.tf b/cdn/terraform/cloudfront.tf
index d9cadda..7d5a4ab 100644
--- a/cdn/terraform/cloudfront.tf
+++ b/cdn/terraform/cloudfront.tf
@@ -62,110 +62,6 @@ locals {
   }
 }
 
-resource "aws_cloudfront_distribution" "berlin-mirror" {
-  enabled = true
-  comment = "Distributed caching proxy for berlin.guixsd.org"
-  origin {
-    domain_name = "berlin.guixsd.org"
-    origin_id = "berlin.guixsd.org"
-    custom_origin_config {
-      http_port = 80 # Required, but not used.
-      https_port = 443
-      # Always use TLS when forwarding requests to the origin.
-      origin_protocol_policy = "https-only"
-      origin_ssl_protocols = ["TLSv1.2"]
-      origin_keepalive_timeout = 60
-      origin_read_timeout = 60
-    }
-  }
-  # The CNAME that will point to this CloudFront distribution.
-  aliases = ["ci.guix.info"]
-  is_ipv6_enabled = true
-  # This is actually the_maximum HTTP version to support. See:
-  # 
https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#http_version
-  http_version = "http2"
-  # Serve requests from all edge locations.
-  price_class = "PriceClass_All"
-  # Do not restrict access.
-  restrictions { geo_restriction { restriction_type = "none" }}
-  # When deleting the distribution, actually delete it.  See:
-  # 
https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#retain_on_delete
-  retain_on_delete = false
-  # By default, don't cache anything.  This is useful because on
-  # berlin.guixsd.org, we run Cuirass, which has many URLs we don't
-  # want to cache.
-  default_cache_behavior = ["${local.do_not_cache_behavior}"]
-  # Cache all the relevant paths published by "guix publish".  See
-  # guix/scripts/publish.scm in the Guix source for details.
-  ordered_cache_behavior = [
-    # /nix-cache-info
-    "${merge(
-      local.default_behavior,
-      map("path_pattern", "/nix-cache-info")
-    )}",
-    # /<hash>.narinfo
-    "${merge(
-      local.default_behavior,
-      map("path_pattern", "/*.narinfo")
-    )}",
-    # /file/<name>/sha256/<hash>
-    "${merge(
-      local.default_behavior,
-      map("path_pattern", "/file/*")
-    )}",
-    # /log/<output>
-    "${merge(
-      local.default_behavior,
-      map("path_pattern", "/log/*")
-    )}",
-    # /nar/gzip/<store-item>
-    # /nar/<store-item>
-    "${merge(
-      local.default_behavior,
-      map("path_pattern", "/nar/*")
-    )}",
-    # Static files for the Cuirass website - this is not part of "guix 
publish".
-    "${merge(
-      local.default_behavior,
-      map("path_pattern", "/static/*")
-    )}"
-  ]
-  # TODO: Maybe set a caching behavior for error responses.
-  # custom_error_response {}
-  viewer_certificate {
-    # Note that "terraform apply" will fail until this certificate is
-    # valid.  See the comment in the definition of
-    # berlin-mirror-certificate for more information.
-    acm_certificate_arn = 
"${aws_acm_certificate.berlin-mirror-certificate.arn}"
-    # This is the recommended value as of 2018-12-28.  See:
-    # 
https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html
-    # 
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
-    minimum_protocol_version = "TLSv1.1_2016"
-    # Use SNI.  Don't use the "vip" (i.e., dedicated IP address)
-    # method, since it's expensive and unnecessary.  See:
-    # 
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-https-dedicated-ip-or-sni.html
-    ssl_support_method = "sni-only"
-  }
-}
-
-output "berlin-mirror-id" {
-  value = "${aws_cloudfront_distribution.berlin-mirror.id}"
-}
-output "berlin-mirror-enabled" {
-  value = "${aws_cloudfront_distribution.berlin-mirror.enabled}"
-}
-output "berlin-mirror-status" {
-  value = "${aws_cloudfront_distribution.berlin-mirror.status}"
-}
-output "berlin-mirror-domain-name" {
-  value = "${aws_cloudfront_distribution.berlin-mirror.domain_name}"
-}
-
-# We plan to migrate to ci.guix.gnu.org.  During the migration, we'll
-# need to have two distributions.  Since the name "berlin mirror"
-# is already taken, let's use something unique.  Since "C" comes after
-# "B", let's use the name "charlie".  B for berlin, C for charlie.
-
 resource "aws_cloudfront_distribution" "charlie-distribution" {
   enabled = true
   comment = "Distributed caching proxy for berlin.guixsd.org"

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (c384185 -> 8accbde), Chris Marusich, 2019/05/04
- 02/02: cdn: Remove unused berlin-mirror-certificate., Chris Marusich, 2019/05/04
- 01/02: cdn: Remove unused berlin-mirror., Chris Marusich <=

Prev by Date: 02/02: cdn: Remove unused berlin-mirror-certificate.
Next by Date: 01/01: cdn: Update the README.org file.
Previous by thread: 02/02: cdn: Remove unused berlin-mirror-certificate.
Next by thread: branch master updated (8accbde -> c95b77c)
Index(es):
- Date
- Thread