From f51c7c166d31c3502b9177cd533140aed997e10c Mon Sep 17 00:00:00 2001
From: Harry Bairstow <me@harryet.xyz>
Date: Wed, 9 Aug 2023 10:29:14 +0100
Subject: [PATCH] feat: backup domain (#179)

---
 terraform/ecs/main.tf      | 13 ++++++++++
 terraform/ecs/variables.tf | 12 +++++++++
 terraform/main.tf          | 51 +++++++++++++++++++++++---------------
 3 files changed, 56 insertions(+), 20 deletions(-)

diff --git a/terraform/ecs/main.tf b/terraform/ecs/main.tf
index 8c8d7c64..9e184da2 100644
--- a/terraform/ecs/main.tf
+++ b/terraform/ecs/main.tf
@@ -240,6 +240,19 @@ resource "aws_route53_record" "dns_load_balancer" {
   }
 }
 
+
+resource "aws_route53_record" "backup_dns_load_balancer" {
+  zone_id = var.backup_route53_zone_id
+  name    = var.backup_fqdn
+  type    = "A"
+
+  alias {
+    name                   = aws_lb.application_load_balancer.dns_name
+    zone_id                = aws_lb.application_load_balancer.zone_id
+    evaluate_target_health = true
+  }
+}
+
 # Security Groups
 resource "aws_security_group" "app_ingress" {
   name        = "${var.app_name}-ingress-to-app"
diff --git a/terraform/ecs/variables.tf b/terraform/ecs/variables.tf
index 89d2bc0a..f4f66e52 100644
--- a/terraform/ecs/variables.tf
+++ b/terraform/ecs/variables.tf
@@ -52,6 +52,18 @@ variable "acm_certificate_arn" {
   type = string
 }
 
+variable "backup_acm_certificate_arn" {
+  type = string
+}
+
+variable "backup_fqdn" {
+  type = string
+}
+
+variable "backup_route53_zone_id" {
+  type = string
+}
+
 variable "public_subnets" {
   type = set(string)
 }
diff --git a/terraform/main.tf b/terraform/main.tf
index 352fb9a6..c05acb5f 100644
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -2,7 +2,8 @@ locals {
   app_name    = "push"
   environment = terraform.workspace
 
-  fqdn = local.environment == "prod" ? var.public_url : "${local.environment}.${var.public_url}"
+  fqdn        = local.environment == "prod" ? var.public_url : "${local.environment}.${var.public_url}"
+  backup_fqdn = replace(local.fqdn, ".com", ".org")
 
   latest_release_name = data.github_release.latest_release.name
   version             = coalesce(var.image_version, substr(local.latest_release_name, 1, length(local.latest_release_name)))
@@ -66,6 +67,13 @@ module "dns" {
   fqdn             = local.fqdn
 }
 
+module "backup_dns" {
+  source = "github.com/WalletConnect/terraform-modules.git?ref=52a74ee5bcaf5cacb5664c6f88d9dbce28500581//modules/dns"
+
+  hosted_zone_name = replace(var.public_url, ".com", ".org")
+  fqdn             = local.backup_fqdn
+}
+
 module "database_cluster" {
   source  = "terraform-aws-modules/rds-aurora/aws"
   version = "7.7.0"
@@ -143,25 +151,28 @@ module "analytics" {
 module "ecs" {
   source = "./ecs"
 
-  app_name               = "${local.environment}-${local.app_name}"
-  environment            = local.environment
-  prometheus_endpoint    = aws_prometheus_workspace.prometheus.prometheus_endpoint
-  database_url           = local.database_url
-  tenant_database_url    = local.tenant_database_url
-  image                  = "${data.aws_ecr_repository.repository.repository_url}:${local.version}"
-  image_version          = local.version
-  acm_certificate_arn    = module.dns.certificate_arn
-  cpu                    = 512
-  fqdn                   = local.fqdn
-  memory                 = 1024
-  private_subnets        = module.vpc.private_subnets
-  public_subnets         = module.vpc.public_subnets
-  region                 = var.region
-  route53_zone_id        = module.dns.zone_id
-  vpc_cidr               = module.vpc.vpc_cidr_block
-  vpc_id                 = module.vpc.vpc_id
-  telemetry_sample_ratio = local.environment == "prod" ? 0.25 : 1.0
-  allowed_origins        = local.environment == "prod" ? "https://cloud.walletconnect.com" : "*"
+  app_name                   = "${local.environment}-${local.app_name}"
+  environment                = local.environment
+  prometheus_endpoint        = aws_prometheus_workspace.prometheus.prometheus_endpoint
+  database_url               = local.database_url
+  tenant_database_url        = local.tenant_database_url
+  image                      = "${data.aws_ecr_repository.repository.repository_url}:${local.version}"
+  image_version              = local.version
+  acm_certificate_arn        = module.dns.certificate_arn
+  cpu                        = 512
+  fqdn                       = local.fqdn
+  memory                     = 1024
+  private_subnets            = module.vpc.private_subnets
+  public_subnets             = module.vpc.public_subnets
+  region                     = var.region
+  route53_zone_id            = module.dns.zone_id
+  backup_acm_certificate_arn = module.backup_dns.certificate_arn
+  backup_fqdn                = local.backup_fqdn
+  backup_route53_zone_id     = module.backup_dns.zone_id
+  vpc_cidr                   = module.vpc.vpc_cidr_block
+  vpc_id                     = module.vpc.vpc_id
+  telemetry_sample_ratio     = local.environment == "prod" ? 0.25 : 1.0
+  allowed_origins            = local.environment == "prod" ? "https://cloud.walletconnect.com" : "*"
 
   aws_otel_collector_ecr_repository_url = data.aws_ecr_repository.aws_otel_collector.repository_url