commit c98363857166f52c0072d816f9ab2e8b1d6da6ab
Author: Conner McCall <conner@clockwork.com>
Date:   Thu Aug 20 07:33:33 2020 -0500

    change: initial commit
    
    contains sloped.me domain records and
    backend configuration

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..1eed3c7
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,32 @@
+### Terraform ###
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+
+# Ignore any .tfvars files that are generated automatically for each Terraform run. Most
+# .tfvars files are managed as part of configuration and so should be included in
+# version control.
+#
+# example.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+plan
+out.plan
+terraform.tfvars
diff --git a/remote-backend/README.md b/remote-backend/README.md
new file mode 100644
index 0000000..f5667a6
--- /dev/null
+++ b/remote-backend/README.md
@@ -0,0 +1,6 @@
+# tf-backend-support
+These files are used to prepare our terraform backend environment. They create an S3 bucket for storing terraform remote state, another S3 bucket for storing logs of the changes to terraform state for auditing purposes, and creates a DynamoDB table used by terraform for locking and consistency. These configs are only run once to initialize the environment, so these resources are available for the rest of our terraform configs to store remote state and handle locking for to allow for safe use across a team.
+
+NOTE: there is a known issue with the DynamoDB table disabled ttl attribute,
+but you can still `terraform apply` config updates to the two s3 buckets even with this error:
+https://github.com/terraform-providers/terraform-provider-aws/issues/10304
diff --git a/remote-backend/main.tf b/remote-backend/main.tf
new file mode 100644
index 0000000..90b9f3d
--- /dev/null
+++ b/remote-backend/main.tf
@@ -0,0 +1,97 @@
+# Get the AWS accountID
+data "aws_caller_identity" "current" {
+}
+
+
+# Create S3 buckets for logging and tfstate
+resource "aws_s3_bucket" "tflogs" {
+  bucket = var.s3bucketlogs
+  acl    = "log-delivery-write"
+
+  tags = {
+    Name        = var.s3bucketlogs
+    "ManagedBy" = "terraform"
+  }
+
+  # Enable server-side encryption by default
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
+}
+
+resource "aws_s3_bucket" "tfstate" {
+  bucket = var.s3bucketstate
+
+  tags = {
+    Name        = var.s3bucketstate
+    "ManagedBy" = "terraform"
+  }
+
+  logging {
+    target_bucket = aws_s3_bucket.tflogs.id
+    target_prefix = "log/"
+  }
+
+  versioning {
+    enabled = true
+  }
+
+  lifecycle {
+    prevent_destroy = true
+  }
+
+  # Enable server-side encryption by default
+  server_side_encryption_configuration {
+    rule {
+      apply_server_side_encryption_by_default {
+        sse_algorithm = "AES256"
+      }
+    }
+  }
+}
+
+resource "aws_s3_bucket_policy" "tfstate" {
+  bucket = aws_s3_bucket.tfstate.id
+  policy = <<POLICY
+{
+  "Statement":[
+    {
+      "Action": "s3:*",
+      "Effect": "Allow",
+      "Principal": {"AWS": ["arn:aws:iam::${data.aws_caller_identity.current.account_id}:root"]},
+      "Resource": "arn:aws:s3:::${var.s3bucketstate}/*",
+      "Sid": "AddUserPerms"
+    }
+  ],
+  "Version": "2012-10-17"
+}
+POLICY
+
+}
+
+# Create DynamoDB table for locking and consistency checking
+resource "aws_dynamodb_table" "terraform-dynamodb-table-slopedme" {
+  name           = "terraform-dynamodb-table-slopedme"
+  billing_mode   = "PAY_PER_REQUEST"
+  read_capacity  = 0
+  write_capacity = 0
+  hash_key       = "LockID"
+
+  attribute {
+    name = "LockID"
+    type = "S"
+  }
+
+  tags = {
+    Name        = "terraform-dynamodb-table-slopedme"
+    "ManagedBy" = "terraform"
+  }
+}
+
+output "accountid" {
+  value = data.aws_caller_identity.current.account_id
+}
diff --git a/remote-backend/out.tfplan b/remote-backend/out.tfplan
new file mode 100644
index 0000000..a236edc
Binary files /dev/null and b/remote-backend/out.tfplan differ
diff --git a/remote-backend/provider.tf b/remote-backend/provider.tf
new file mode 100644
index 0000000..a70e233
--- /dev/null
+++ b/remote-backend/provider.tf
@@ -0,0 +1,4 @@
+provider "aws" {
+  region  = var.AWS_REGION
+  profile = "cw-terraform"
+}
diff --git a/remote-backend/variables.tf b/remote-backend/variables.tf
new file mode 100644
index 0000000..bfe0568
--- /dev/null
+++ b/remote-backend/variables.tf
@@ -0,0 +1,18 @@
+variable "AWS_REGION" {
+  default = "us-east-1"
+}
+
+variable "s3bucketstate" {
+  type    = string
+  default = "slopedme-tf-state"
+}
+
+variable "s3bucketlogs" {
+  type    = string
+  default = "slopedme-tf-logs"
+}
+
+variable "dynamodb-terraform-table" {
+  type    = string
+  default = "terraform-dynamodb-table"
+}
diff --git a/remote-backend/versions.tf b/remote-backend/versions.tf
new file mode 100644
index 0000000..ac97c6a
--- /dev/null
+++ b/remote-backend/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}
diff --git a/route53/outputs.tf b/route53/outputs.tf
new file mode 100644
index 0000000..2001692
--- /dev/null
+++ b/route53/outputs.tf
@@ -0,0 +1,4 @@
+output "sloped-me_hosted_zone_id" {
+  description = "DNS Zone for sloped.me"
+  value       = aws_route53_zone.sloped-me.zone_id
+}
diff --git a/route53/provider.tf b/route53/provider.tf
new file mode 100644
index 0000000..6326129
--- /dev/null
+++ b/route53/provider.tf
@@ -0,0 +1,15 @@
+provider "aws" {
+  region  = var.AWS_REGION
+  profile = "cw-terraform"
+}
+
+terraform {
+  backend "s3" {
+    profile        = "cw-terraform"
+    bucket         = "slopedme-tf-state"
+    encrypt        = true
+    dynamodb_table = "terraform-dynamodb-table"
+    region         = "us-east-1"
+    key            = "route53/terraform.tfstate"
+  }
+}
diff --git a/route53/sloped-me.tf b/route53/sloped-me.tf
new file mode 100644
index 0000000..8b575e5
--- /dev/null
+++ b/route53/sloped-me.tf
@@ -0,0 +1,87 @@
+resource "aws_route53_zone" "sloped-me" {
+    name       = "sloped.me"
+}
+resource "aws_route53_record" "sloped-me-A" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "sloped.me"
+    type    = "A"
+    records = ["104.236.108.131"]
+    ttl     = "604800"
+
+}
+
+resource "aws_route53_record" "sloped-me-MX" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "sloped.me"
+    type    = "MX"
+    records = ["10 in1-smtp.messagingengine.com", "20 in2-smtp.messagingengine.com"]
+    ttl     = "604800"
+
+}
+
+resource "aws_route53_record" "sloped-me-TXT" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "sloped.me"
+    type    = "TXT"
+    records = ["v=spf1 include:spf.messagingengine.com ?all"]
+    ttl     = "300"
+
+}
+
+resource "aws_route53_record" "wildcard-sloped-me-MX" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "*.sloped.me"
+    type    = "MX"
+    records = ["10 in1-smtp.messagingengine.com", "20 in2-smtp.messagingengine.com"]
+    ttl     = "86400"
+
+}
+
+resource "aws_route53_record" "fm1-_domainkey-sloped-me-CNAME" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "fm1._domainkey.sloped.me"
+    type    = "CNAME"
+    records = ["fm1.sloped.me.dkim.fmhosted.com"]
+    ttl     = "300"
+
+}
+
+resource "aws_route53_record" "fm2-_domainkey-sloped-me-CNAME" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "fm2._domainkey.sloped.me"
+    type    = "CNAME"
+    records = ["fm2.sloped.me.dkim.fmhosted.com"]
+    ttl     = "300"
+
+}
+
+resource "aws_route53_record" "fm3-_domainkey-sloped-me-CNAME" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "fm3._domainkey.sloped.me"
+    type    = "CNAME"
+    records = ["fm3.sloped.me.dkim.fmhosted.com"]
+    ttl     = "300"
+
+}
+
+resource "aws_route53_record" "www-sloped-me-CNAME" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "www.sloped.me"
+    type    = "CNAME"
+    records = ["sloped.me"]
+    ttl     = "300"
+
+}
+
+resource "aws_route53_record" "cw-sloped-me-NS" {
+    zone_id = aws_route53_zone.sloped-me.zone_id
+    name    = "cw.sloped.me"
+    type    = "NS"
+    records = [    "ns-36.awsdns-04.com",
+                    "ns-619.awsdns-13.net",
+                    "ns-1252.awsdns-28.org",
+                    "ns-1862.awsdns-40.co.uk"
+                    ]
+    ttl     = "300"
+
+}
diff --git a/route53/vars.tf b/route53/vars.tf
new file mode 100644
index 0000000..c098f9d
--- /dev/null
+++ b/route53/vars.tf
@@ -0,0 +1,8 @@
+variable "AWS_REGION" {
+  default = "us-east-1"
+}
+
+variable "ttl" {
+  default = "300"
+}
+