From e2708f9ef93df33bd2ff68a882af3092aa09c4ad Mon Sep 17 00:00:00 2001
From: Paul Buetow <paul@buetow.org>
Date: Sun, 31 Dec 2023 18:23:06 +0200
Subject: refactor bastion to use a generic DNS zone

---
 org-buetow-base/outputs.tf | 11 ++++++-----
 org-buetow-base/zones.tf   |  8 --------
 org-buetow-bastion/main.tf |  8 ++++----
 3 files changed, 10 insertions(+), 17 deletions(-)

diff --git a/org-buetow-base/outputs.tf b/org-buetow-base/outputs.tf
index 7a8df70..5f585fe 100644
--- a/org-buetow-base/outputs.tf
+++ b/org-buetow-base/outputs.tf
@@ -30,14 +30,15 @@ output "allow_outbound_sg_id" {
   value = aws_security_group.allow_outbound.id
 }
 
-output "buetow_cloud_zone_id" {
+output "zone_id" {
   value = data.aws_route53_zone.buetow_cloud.zone_id
 }
 
-#output "buetow_internal_zone_id" {
-#  value = aws_route53_zone.buetow_internal.zone_id
-#}
+output "zone_name" {
+  value = data.aws_route53_zone.buetow_cloud.name
+}
 
-output "buetow_cloud_certificate_arn" {
+output "zone_certificate_arn" {
+  # For buetow.cloud and *.buetow.cloud
   value = "arn:aws:acm:eu-central-1:634617747016:certificate/fbf5627c-9a4c-4c62-9c33-038e140f3f12"
 }
diff --git a/org-buetow-base/zones.tf b/org-buetow-base/zones.tf
index 4f8d945..e565684 100644
--- a/org-buetow-base/zones.tf
+++ b/org-buetow-base/zones.tf
@@ -2,11 +2,3 @@ data "aws_route53_zone" "buetow_cloud" {
   name         = "buetow.cloud."
   private_zone = false
 }
-
-#resource "aws_route53_zone" "buetow_internal" {
-#  name = "buetow.internal"
-#
-#  vpc {
-#    vpc_id = aws_vpc.vpc.id
-#  }
-#}
diff --git a/org-buetow-bastion/main.tf b/org-buetow-bastion/main.tf
index 4adb49d..f3b4c90 100644
--- a/org-buetow-bastion/main.tf
+++ b/org-buetow-bastion/main.tf
@@ -45,16 +45,16 @@ resource "aws_instance" "bastion" {
 }
 
 resource "aws_route53_record" "a_record" {
-  zone_id = data.terraform_remote_state.base.outputs.buetow_cloud_zone_id
-  name    = "bastion.buetow.cloud"
+  zone_id = data.terraform_remote_state.base.outputs.zone_id
+  name    = "bastion.${data.terraform_remote_state.base.outputs.zone_name}"
   type    = "A"
   ttl     = "300"
   records = [aws_instance.bastion.public_ip]
 }
 
 resource "aws_route53_record" "aaaa_record" {
-  zone_id = data.terraform_remote_state.base.outputs.buetow_cloud_zone_id
-  name    = "bastion.buetow.cloud"
+  zone_id = data.terraform_remote_state.base.outputs.zone_id
+  name    = "bastion.${data.terraform_remote_state.base.outputs.zone_name}"
   type    = "AAAA"
   ttl     = "300"
   records = aws_instance.bastion.ipv6_addresses
-- 
cgit v1.2.3