1 files changed, 0 insertions, 69 deletions

diff --git a/bliki.tf b/bliki.tf
index b472c21..735f30a 100644
--- a/bliki.tf
+++ b/bliki.tf
@@ -86,75 +86,6 @@ resource "aws_route53_record" "bliki_validation" {
   ]
 }
 
-resource "aws_cloudfront_distribution" "bliki" {
-  provider = aws.cloudfront
-
-  enabled = true
-  is_ipv6_enabled = true
-
-  aliases = ["grimoire.ca"]
-
-  default_root_object = "index.html"
-
-  price_class = "PriceClass_100"
-
-  origin {
-    origin_id = "bliki"
-
-    # Use the website endpoint, not the bucket endpoint, to get / -> /index.html
-    # translation through S3's website config.
-    domain_name = aws_s3_bucket_website_configuration.bliki.website_endpoint
-
-    custom_origin_config {
-      http_port = 80
-      https_port = 443
-
-      # Because the origin is a non-URL-safe bucket name, S3's default TLS
-      # config doesn't apply. Since we can't provide our own cert, force HTTP.
-      origin_protocol_policy = "http-only"
-      origin_ssl_protocols = ["TLSv1.2"]
-    }
-  }
-
-  default_cache_behavior {
-    target_origin_id = "bliki"
-
-    allowed_methods = ["GET", "HEAD", "OPTIONS"]
-    cached_methods = ["GET", "HEAD"]
-    viewer_protocol_policy = "redirect-to-https"
-
-    compress = true
-
-    min_ttl = 0
-    default_ttl = 900
-    max_ttl = 3600
-
-    forwarded_values {
-      query_string = false
-
-      cookies {
-        forward = "none"
-      }
-    }
-  }
-
-  restrictions {
-    geo_restriction {
-      restriction_type = "none"
-    }
-  }
-
-  viewer_certificate {
-    acm_certificate_arn = aws_acm_certificate.bliki.arn
-    ssl_support_method = "sni-only"
-    minimum_protocol_version = "TLSv1"
-  }
-
-  tags = {
-    Project = "bliki"
-  }
-}
-
 data "aws_route53_zone" "grimoire_ca" {
   name = "grimoire.ca"
 }