-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathrules_redirect.tf
More file actions
123 lines (116 loc) · 4.01 KB
/
rules_redirect.tf
File metadata and controls
123 lines (116 loc) · 4.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
locals {
subdomains = ["@", "private"]
# Cloudflare needs a proxied CNAME so the redirections work, but the actual content of the CNAME
# record is irrelevant
extra_records = {
for item in flatten([
for z in cloudflare_zone.zones : [
for label in local.subdomains : flatten([
label == "@" ? [
# www dns only for landing, +1 subdomains aren't supported by cloudflare free plan
{
key = "${z.name}:www.${label}"
zone_id = z.id
name = label == "@" ? "www.${z.name}" : "www.${label}.${z.name}"
target = label == "@" ? var.main_zone : "${label}.${var.main_zone}"
}
] : [],
z.name != var.main_zone ? [
# .es -> .com only for secondary (non main) zones
{
key = "${z.name}:${label}"
zone_id = z.id
name = label == "@" ? z.name : "${label}.${z.name}"
target = label == "@" ? var.main_zone : "${label}.${var.main_zone}"
}
] : []
])
]
]) : item.key => {
zone_id = item.zone_id
name = item.name
target = item.target
}
}
}
resource "cloudflare_dns_record" "extra_domains_redirect" {
for_each = local.extra_records
zone_id = each.value.zone_id
name = each.value.name
content = each.value.target
type = "CNAME"
proxied = true
ttl = 1
}
resource "cloudflare_ruleset" "all_redirects" {
for_each = cloudflare_zone.zones
zone_id = each.value.id
name = "Redirect to ${var.main_zone}"
kind = "zone"
phase = "http_request_dynamic_redirect"
rules = concat(
[
# www rules only for landing, no private area
# https://www.notifycal.com -> https://notifycal.com
# https://www.notifycal.es -> https://notifycal.com
# https://www.notifical.es -> https://notifical.com
for label in local.subdomains : {
enabled = true
action = "redirect"
description = format(
"Redirect www.%s -> %s",
label == "@" ? each.value.name : format("%s.%s", label, each.value.name),
label == "@" ? each.value.name : format("%s.%s", label, each.value.name)
)
expression = format(
"http.host eq \"www.%s\"",
label == "@" ? each.value.name : format("%s.%s", label, each.value.name)
)
action_parameters = {
from_value = {
status_code = 301
preserve_query_string = true
target_url = {
expression = format(
"concat(\"https://%s\", http.request.uri.path)",
label == "@" ? each.value.name : format("%s.%s", label, each.value.name)
)
}
}
}
} if label == "@"
],
[
# .es -> .com rules only in secondary (non-main) zones
# https://notifycal.es -> https://notifycal.com
# https://private.notifycal.es -> https://private.notifycal.com
# https://notifical.es -> https://notifical.com
# https://private.notifical.es -> https://private.notifical.com
for label in local.subdomains : {
enabled = true
action = "redirect"
description = format(
"Redirect %s -> %s",
label == "@" ? each.value.name : format("%s.%s", label, each.value.name),
label == "@" ? var.main_zone : format("%s.%s", label, var.main_zone)
)
expression = format(
"http.host eq \"%s\"",
label == "@" ? each.value.name : format("%s.%s", label, each.value.name)
)
action_parameters = {
from_value = {
status_code = 301
preserve_query_string = true
target_url = {
expression = format(
"concat(\"https://%s\", http.request.uri.path)",
label == "@" ? var.main_zone : format("%s.%s", label, var.main_zone)
)
}
}
}
} if each.key != var.main_zone
],
)
}