Blame
|
1 | # P2-5a: Wildcard DNS Infrastructure |
||||||
| 2 | ||||||||
| 3 | ## Status: Complete |
|||||||
| 4 | ||||||||
| 5 | ## Branch |
|||||||
| 6 | `feat/P2-5a-wildcard-infra` (from `phase-2`) |
|||||||
| 7 | ||||||||
| 8 | ## Changes |
|||||||
| 9 | - **`infra/__main__.py`**: Added a second `DnsComponent` instance for `*.wikibot.io` |
|||||||
| 10 | - No changes to `infra/components/dns.py` — the existing component already supports wildcard domains |
|||||||
| 11 | ||||||||
| 12 | ## New Resources (7) |
|||||||
| 13 | | Resource | Type | |
|||||||
| 14 | |----------|------| |
|||||||
| 15 | | `wildcard` | DnsComponent (parent) | |
|||||||
| 16 | | `wildcard-cert` | ACM Certificate for `*.wikibot.io` | |
|||||||
| 17 | | `wildcard-cert-validation` | Route 53 CNAME for DNS validation | |
|||||||
| 18 | | `wildcard-cert-validated` | ACM CertificateValidation | |
|||||||
| 19 | | `wildcard-domain` | API Gateway v2 DomainName | |
|||||||
| 20 | | `wildcard-mapping` | API Gateway v2 ApiMapping | |
|||||||
| 21 | | `wildcard-dns` | Route 53 A record (alias to API Gateway) | |
|||||||
| 22 | ||||||||
| 23 | ## Verification |
|||||||
| 24 | - `pulumi preview` passes: +7 to create, 65 unchanged |
|||||||
| 25 | - `dev.wikibot.io` resources untouched |
|||||||
| 26 | - New export: `wildcard_domain_url` = `https://*.wikibot.io` |
|||||||
| 27 | ||||||||
| 28 | ## Design Notes |
|||||||
| 29 | - Separate cert for wildcard (not modifying dev cert) — simplest approach, avoids risk to existing setup |
|||||||
| 30 | - Wildcard A record + API mapping both point to the existing `otterwiki_apigw` API Gateway and stage |
|||||||
| 31 | - Multi-tenant routing (`username.wikibot.io`) will be handled at the application layer (P2-5b) |
|||||||