Skip to content

Feat/prsd 1544 maintenance page #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open

Feat/prsd 1544 maintenance page #184

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
ec9b71e
PRSD-1544: first pass adding page to s3 bucket
JasminConterioSW Sep 22, 2025
5751f28
PRSD-1544: edit the aws_s3_object
JasminConterioSW Sep 22, 2025
02c970a
PRSD-1544: first pass at adding a second origin to the cloudfront dis…
JasminConterioSW Sep 22, 2025
bb575cf
PRSD-1544: remove the public access block on the s3 bucket
JasminConterioSW Sep 22, 2025
538b41f
PRSD-1544: re-add the public access block on the s3 bucket and add a …
JasminConterioSW Sep 24, 2025
13b028f
PRSD-1544: Add the custom heading to the second origin
JasminConterioSW Sep 24, 2025
f3e58da
PRSD-1544: First pass and adding maintenance_mode_on variable
JasminConterioSW Sep 24, 2025
6aad795
PRSD-1544: Fix formatting
JasminConterioSW Sep 25, 2025
d5a28eb
PRSD-1544: Update viewer_protocol_policy to "redirect-to-https"
JasminConterioSW Sep 29, 2025
589447f
PRSD-1544: Add SSE-S3 (default?) encryption to the bucket
JasminConterioSW Sep 29, 2025
429cf6e
PRSD-1544: Add bucket versioning and ignore logging
JasminConterioSW Sep 29, 2025
17b7cd7
Merge branch 'main' into feat/prsd-1544-maintenance-page
JasminConterioSW Sep 29, 2025
470ea34
PRSD-1544: Turn off the s3 bucket public access block
JasminConterioSW Oct 2, 2025
e8ce130
PRSD-1544: Replace deprecated website_endpoint attribute
JasminConterioSW Oct 2, 2025
5210931
PRSD-1544: Add a cache_policy_id
JasminConterioSW Oct 2, 2025
1132024
PRSD-1544: Update path for S3 bucket objects
JasminConterioSW Oct 2, 2025
06ee8f0
PRSD-1544: Fix path pattern based on maintenance_mode_on variable
JasminConterioSW Oct 2, 2025
e37b6ba
Merge branch 'main' into feat/prsd-1544-maintenance-page
JasminConterioSW Oct 2, 2025
b2888c7
PRSD-1544: Rename encryption configuration
JasminConterioSW Oct 2, 2025
e6a26f6
PRSD-1544: Version serving unstyled page at "/maintenance"
JasminConterioSW Oct 6, 2025
a26fbd6
PRSD-1544: Finding the stylesheet but not the other files yet
JasminConterioSW Oct 6, 2025
6d6a210
PRSD-1544: Finding the fonts and images
JasminConterioSW Oct 6, 2025
7fb9671
PRSD-1544: Add a cloudfront function to re-write the urls to "/mainte…
JasminConterioSW Oct 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 21 additions & 0 deletions terraform/modules/frontdoor/cloudfront.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
locals {
origin_id = "origin-${var.environment_name}"
maintenance_origin_id = "maintenance-origin-${var.environment_name}"
}

#tfsec:ignore:aws-cloudfront-enable-logging: TODO we will be implementing logging later
Expand Down Expand Up @@ -44,6 +45,26 @@ resource "aws_cloudfront_distribution" "main" {
}
}

origin {
domain_name = aws_s3_bucket.maintenance_page_bucket.website_endpoint
origin_id = local.maintenance_origin_id

custom_origin_config {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So I think this comes down to whether we're using a website endpoint or a REST endpoint for the s3 bucket. If we use a website endpoint then we can't use OAC or OAI according to the AWS docs, and we need to make the bucket public (but can still restrict using IAM I think).

Alternatively we can use a REST endpoint. The terraform docs (https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution#origin-arguments) suggest we don't want to use this block for s3 origins in that case - looks like EPB used s3_origin_config instead with a origin_access_identity which they then use in the IAM policy for the bucket.

Note that if we do that I think we need to use error pages in cloudfront to do redirects rather than setting up redirects on the bucket itself, as they're not supported for REST endpoints.

http_port = 80
https_port = 443
origin_protocol_policy = "http-only"
origin_ssl_protocols = ["TLSv1.2"]
}
}

ordered_cache_behavior {
allowed_methods = ["GET", "HEAD"]
cached_methods = ["GET", "HEAD"]
path_pattern = "/maintenance"
target_origin_id = local.maintenance_origin_id
viewer_protocol_policy = "allow-all"
}

viewer_certificate {
cloudfront_default_certificate = var.ssl_certs_created ? false : true
acm_certificate_arn = var.ssl_certs_created ? var.cloudfront_certificate_arn : null
Expand Down
33 changes: 33 additions & 0 deletions terraform/modules/frontdoor/maintenance_page.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@

resource "aws_s3_bucket" "maintenance_page_bucket" {
bucket = "${var.environment_name}-maintenance-page-bucket"
}

resource "aws_s3_bucket_public_access_block" "maintenance_page_bucket_public_access" {
bucket = aws_s3_bucket.maintenance_page_bucket.id

block_public_acls = false
block_public_policy = false
ignore_public_acls = false
restrict_public_buckets = false
}

resource "aws_s3_bucket_website_configuration" "maintenance_page_bucket_website" {
bucket = aws_s3_bucket.maintenance_page_bucket.id

index_document {
suffix = "index.html"
}

error_document {
key = "index.html"
}
}

resource "aws_s3_object" "maintenance_page" {
for_each = fileset("maintenance_page", "**")

bucket = aws_s3_bucket.maintenance_page_bucket.id
key = each.value
source = "maintenance_page/${each.value}"
}
Binary file added terraform/modules/frontdoor/maintenance_page/assets/fonts/bold-b542beb274-v2.woff2
View file
Open in desktop
Binary file not shown.
Binary file added terraform/modules/frontdoor/maintenance_page/assets/fonts/light-94a07e06a1-v2.woff2
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions terraform/modules/frontdoor/maintenance_page/assets/images/govuk-crest.svg
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
3 changes: 3 additions & 0 deletions terraform/modules/frontdoor/maintenance_page/govuk-frontend-5.11.2.min.css
View file
Open in desktop

Large diffs are not rendered by default.

98 changes: 98 additions & 0 deletions terraform/modules/frontdoor/maintenance_page/index.html
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
<!DOCTYPE html>
<html lang="en" class="govuk-template govuk-template--rebranded">
<head>
<meta charset="utf-8">
<title>Sorry, the service is unavailable - Private Rented Sector Database - GOV.UK</title>
<meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
<meta name="theme-color" content="#1d70b8">
<link rel="stylesheet" href="./govuk-frontend-5.11.2.min.css">
</head>
<body class="govuk-template__body">
<a href="#main-content" class="govuk-skip-link" data-module="govuk-skip-link">Skip to main content</a>
<header class="govuk-header" data-module="govuk-header">
<div class="govuk-header__container govuk-width-container">
<div class="govuk-header__logo">
<a href="/" class="govuk-header__link govuk-header__link--homepage">
<svg
focusable="false"
role="img"
xmlns="http://www.w3.org/2000/svg"
viewBox="0 0 324 60"
height="30"
width="162"
fill="currentcolor" class="govuk-header__logotype" aria-label="GOV.UK">
<title>GOV.UK</title>
<g>
<circle cx="20" cy="17.6" r="3.7"/>
<circle cx="10.2" cy="23.5" r="3.7"/>
<circle cx="3.7" cy="33.2" r="3.7"/>
<circle cx="31.7" cy="30.6" r="3.7"/>
<circle cx="43.3" cy="17.6" r="3.7"/>
<circle cx="53.2" cy="23.5" r="3.7"/>
<circle cx="59.7" cy="33.2" r="3.7"/>
<circle cx="31.7" cy="30.6" r="3.7"/>
<path d="M33.1,9.8c.2-.1.3-.3.5-.5l4.6,2.4v-6.8l-4.6,1.5c-.1-.2-.3-.3-.5-.5l1.9-5.9h-6.7l1.9,5.9c-.2.1-.3.3-.5.5l-4.6-1.5v6.8l4.6-2.4c.1.2.3.3.5.5l-2.6,8c-.9,2.8,1.2,5.7,4.1,5.7h0c3,0,5.1-2.9,4.1-5.7l-2.6-8ZM37,37.9s-3.4,3.8-4.1,6.1c2.2,0,4.2-.5,6.4-2.8l-.7,8.5c-2-2.8-4.4-4.1-5.7-3.8.1,3.1.5,6.7,5.8,7.2,3.7.3,6.7-1.5,7-3.8.4-2.6-2-4.3-3.7-1.6-1.4-4.5,2.4-6.1,4.9-3.2-1.9-4.5-1.8-7.7,2.4-10.9,3,4,2.6,7.3-1.2,11.1,2.4-1.3,6.2,0,4,4.6-1.2-2.8-3.7-2.2-4.2.2-.3,1.7.7,3.7,3,4.2,1.9.3,4.7-.9,7-5.9-1.3,0-2.4.7-3.9,1.7l2.4-8c.6,2.3,1.4,3.7,2.2,4.5.6-1.6.5-2.8,0-5.3l5,1.8c-2.6,3.6-5.2,8.7-7.3,17.5-7.4-1.1-15.7-1.7-24.5-1.7h0c-8.8,0-17.1.6-24.5,1.7-2.1-8.9-4.7-13.9-7.3-17.5l5-1.8c-.5,2.5-.6,3.7,0,5.3.8-.8,1.6-2.3,2.2-4.5l2.4,8c-1.5-1-2.6-1.7-3.9-1.7,2.3,5,5.2,6.2,7,5.9,2.3-.4,3.3-2.4,3-4.2-.5-2.4-3-3.1-4.2-.2-2.2-4.6,1.6-6,4-4.6-3.7-3.7-4.2-7.1-1.2-11.1,4.2,3.2,4.3,6.4,2.4,10.9,2.5-2.8,6.3-1.3,4.9,3.2-1.8-2.7-4.1-1-3.7,1.6.3,2.3,3.3,4.1,7,3.8,5.4-.5,5.7-4.2,5.8-7.2-1.3-.2-3.7,1-5.7,3.8l-.7-8.5c2.2,2.3,4.2,2.7,6.4,2.8-.7-2.3-4.1-6.1-4.1-6.1h10.6,0Z"/>
</g>
<circle class="govuk-logo-dot" cx="226" cy="36" r="7.3"/>
<path d="M93.94 41.25c.4 1.81 1.2 3.21 2.21 4.62 1 1.4 2.21 2.41 3.61 3.21s3.21 1.2 5.22 1.2 3.61-.4 4.82-1c1.4-.6 2.41-1.4 3.21-2.41.8-1 1.4-2.01 1.61-3.01s.4-2.01.4-3.01v.14h-10.86v-7.02h20.07v24.08h-8.03v-5.56c-.6.8-1.38 1.61-2.19 2.41-.8.8-1.81 1.2-2.81 1.81-1 .4-2.21.8-3.41 1.2s-2.41.4-3.81.4a18.56 18.56 0 0 1-14.65-6.63c-1.6-2.01-3.01-4.41-3.81-7.02s-1.4-5.62-1.4-8.83.4-6.02 1.4-8.83a20.45 20.45 0 0 1 19.46-13.65c3.21 0 4.01.2 5.82.8 1.81.4 3.61 1.2 5.02 2.01 1.61.8 2.81 2.01 4.01 3.21s2.21 2.61 2.81 4.21l-7.63 4.41c-.4-1-1-1.81-1.61-2.61-.6-.8-1.4-1.4-2.21-2.01-.8-.6-1.81-1-2.81-1.4-1-.4-2.21-.4-3.61-.4-2.01 0-3.81.4-5.22 1.2-1.4.8-2.61 1.81-3.61 3.21s-1.61 2.81-2.21 4.62c-.4 1.81-.6 3.71-.6 5.42s.8 5.22.8 5.22Zm57.8-27.9c3.21 0 6.22.6 8.63 1.81 2.41 1.2 4.82 2.81 6.62 4.82S170.2 24.39 171 27s1.4 5.62 1.4 8.83-.4 6.02-1.4 8.83-2.41 5.02-4.01 7.02-4.01 3.61-6.62 4.82-5.42 1.81-8.63 1.81-6.22-.6-8.63-1.81-4.82-2.81-6.42-4.82-3.21-4.41-4.01-7.02-1.4-5.62-1.4-8.83.4-6.02 1.4-8.83 2.41-5.02 4.01-7.02 4.01-3.61 6.42-4.82 5.42-1.81 8.63-1.81Zm0 36.73c1.81 0 3.61-.4 5.02-1s2.61-1.81 3.61-3.01 1.81-2.81 2.21-4.41c.4-1.81.8-3.61.8-5.62 0-2.21-.2-4.21-.8-6.02s-1.2-3.21-2.21-4.62c-1-1.2-2.21-2.21-3.61-3.01s-3.21-1-5.02-1-3.61.4-5.02 1c-1.4.8-2.61 1.81-3.61 3.01s-1.81 2.81-2.21 4.62c-.4 1.81-.8 3.61-.8 5.62 0 2.41.2 4.21.8 6.02.4 1.81 1.2 3.21 2.21 4.41s2.21 2.21 3.61 3.01c1.4.8 3.21 1 5.02 1Zm36.32 7.96-12.24-44.15h9.83l8.43 32.77h.4l8.23-32.77h9.83L200.3 58.04h-12.24Zm74.14-7.96c2.18 0 3.51-.6 3.51-.6 1.2-.6 2.01-1 2.81-1.81s1.4-1.81 1.81-2.81a13 13 0 0 0 .8-4.01V13.9h8.63v28.15c0 2.41-.4 4.62-1.4 6.62-.8 2.01-2.21 3.61-3.61 5.02s-3.41 2.41-5.62 3.21-4.62 1.2-7.02 1.2-5.02-.4-7.02-1.2c-2.21-.8-4.01-1.81-5.62-3.21s-2.81-3.01-3.61-5.02-1.4-4.21-1.4-6.62V13.9h8.63v26.95c0 1.61.2 3.01.8 4.01.4 1.2 1.2 2.21 2.01 2.81.8.8 1.81 1.4 2.81 1.81 0 0 1.34.6 3.51.6Zm34.22-36.18v18.92l15.65-18.92h10.82l-15.03 17.32 16.03 26.83h-10.21l-11.44-20.21-5.62 6.22v13.99h-8.83V13.9"/>
</svg>
</a>
</div>
</div>
</header>
<div class="govuk-width-container">
<main class="govuk-main-wrapper govuk-main-wrapper--l" id="main-content" role="main">
<div class="govuk-grid-row">
<div class="govuk-grid-column-two-thirds">
<h1 class="govuk-heading-l">Sorry, the service is unavailable</h1>
<p class="govuk-body">Please try again later</p>
</div>
</div>
</main>
</div>
<footer class="govuk-footer">
<div class="govuk-width-container">
<svg focusable="false" role="presentation" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 64 60" height="30" width="32" fill="currentcolor" class="govuk-footer__crown">
<g>
<circle cx="20" cy="17.6" r="3.7"/>
<circle cx="10.2" cy="23.5" r="3.7"/>
<circle cx="3.7" cy="33.2" r="3.7"/>
<circle cx="31.7" cy="30.6" r="3.7"/>
<circle cx="43.3" cy="17.6" r="3.7"/>
<circle cx="53.2" cy="23.5" r="3.7"/>
<circle cx="59.7" cy="33.2" r="3.7"/>
<circle cx="31.7" cy="30.6" r="3.7"/>
<path d="M33.1,9.8c.2-.1.3-.3.5-.5l4.6,2.4v-6.8l-4.6,1.5c-.1-.2-.3-.3-.5-.5l1.9-5.9h-6.7l1.9,5.9c-.2.1-.3.3-.5.5l-4.6-1.5v6.8l4.6-2.4c.1.2.3.3.5.5l-2.6,8c-.9,2.8,1.2,5.7,4.1,5.7h0c3,0,5.1-2.9,4.1-5.7l-2.6-8ZM37,37.9s-3.4,3.8-4.1,6.1c2.2,0,4.2-.5,6.4-2.8l-.7,8.5c-2-2.8-4.4-4.1-5.7-3.8.1,3.1.5,6.7,5.8,7.2,3.7.3,6.7-1.5,7-3.8.4-2.6-2-4.3-3.7-1.6-1.4-4.5,2.4-6.1,4.9-3.2-1.9-4.5-1.8-7.7,2.4-10.9,3,4,2.6,7.3-1.2,11.1,2.4-1.3,6.2,0,4,4.6-1.2-2.8-3.7-2.2-4.2.2-.3,1.7.7,3.7,3,4.2,1.9.3,4.7-.9,7-5.9-1.3,0-2.4.7-3.9,1.7l2.4-8c.6,2.3,1.4,3.7,2.2,4.5.6-1.6.5-2.8,0-5.3l5,1.8c-2.6,3.6-5.2,8.7-7.3,17.5-7.4-1.1-15.7-1.7-24.5-1.7h0c-8.8,0-17.1.6-24.5,1.7-2.1-8.9-4.7-13.9-7.3-17.5l5-1.8c-.5,2.5-.6,3.7,0,5.3.8-.8,1.6-2.3,2.2-4.5l2.4,8c-1.5-1-2.6-1.7-3.9-1.7,2.3,5,5.2,6.2,7,5.9,2.3-.4,3.3-2.4,3-4.2-.5-2.4-3-3.1-4.2-.2-2.2-4.6,1.6-6,4-4.6-3.7-3.7-4.2-7.1-1.2-11.1,4.2,3.2,4.3,6.4,2.4,10.9,2.5-2.8,6.3-1.3,4.9,3.2-1.8-2.7-4.1-1-3.7,1.6.3,2.3,3.3,4.1,7,3.8,5.4-.5,5.7-4.2,5.8-7.2-1.3-.2-3.7,1-5.7,3.8l-.7-8.5c2.2,2.3,4.2,2.7,6.4,2.8-.7-2.3-4.1-6.1-4.1-6.1h10.6,0Z"/>
</g>
</svg>
<div class="govuk-footer__meta">
<div class="govuk-footer__meta-item govuk-footer__meta-item--grow">
<h2 class="govuk-visually-hidden">Support links</h2>
<div class="govuk-footer__meta-custom">
<span>If you need help using this private beta, get in touch by email:</span>
<a class="govuk-footer__link" href="mailto: [email protected]">[email protected]</a>
<span>.</span>
<br>
<span>Or by phone: 03034447000</span>
</div>
<div class="govuk-footer__meta-custom">
<span>Built by</span>
<a class="govuk-footer__link" href="https://www.gov.uk/government/organisations/ministry-of-housing-communities-local-government">Ministry of Housing, Communities, and Local Government (MHCLG)</a>
</div>
<svg aria-hidden="true" focusable="false" class="govuk-footer__licence-logo" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 483.2 195.7" height="17" width="41">
<path fill="currentColor" d="M421.5 142.8V.1l-50.7 32.3v161.1h112.4v-50.7zm-122.3-9.6A47.12 47.12 0 0 1 221 97.8c0-26 21.1-47.1 47.1-47.1 16.7 0 31.4 8.7 39.7 21.8l42.7-27.2A97.63 97.63 0 0 0 268.1 0c-36.5 0-68.3 20.1-85.1 49.7A98 98 0 0 0 97.8 0C43.9 0 0 43.9 0 97.8s43.9 97.8 97.8 97.8c36.5 0 68.3-20.1 85.1-49.7a97.76 97.76 0 0 0 149.6 25.4l19.4 22.2h3v-87.8h-80l24.3 27.5zM97.8 145c-26 0-47.1-21.1-47.1-47.1s21.1-47.1 47.1-47.1 47.2 21 47.2 47S123.8 145 97.8 145"/>
</svg>
<span class="govuk-footer__licence-description">
<span>All content is available under the</span>
<a class="govuk-footer__link" rel="license" href="https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/">Open Government Licence v3.0</a>
<span >, except where otherwise stated</span>
</span>
</div>
<div class="govuk-footer__meta-item">
<a class="govuk-footer__link govuk-footer__copyright-logo" href="https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/">&#x00A9 Crown copyright</a>
</div>
</div>
</div>
</footer>
</body>
</html>
Loading