Skip to content

Commit

Permalink
Change Entra ID domain name
Browse files Browse the repository at this point in the history
  • Loading branch information
FooBarWidget committed Sep 18, 2024
1 parent dd437fa commit a1026cd
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 3 deletions.
22 changes: 20 additions & 2 deletions docs/infrastructure-bootstrapping.md
Original file line number Diff line number Diff line change
Expand Up @@ -114,7 +114,25 @@ cd ..
Register the domain `fullstaqruby.org`. Configure it to use the Azure DNS zone.
## Step 10: Run initial Ansible
## Step 10: Setup Entra ID custom domain
1. In Entra ID, go to "Manage" -> "Custom domain names".
2. Add `fullstaqruby.org`. You will see a domain verification value under "Destination or points to address". Copy that.
3. Edit `terraform/variables.tf` and fill in the `entra_id_domain_validation_value`.
4. Run Terraform:
```bash
cd terraform
terraform init
terraform apply
cd ..
```
5. Finish verifying the Entra ID `fullstaqruby.org` domain, then set it as the primary domain.
6. Edit all Entra ID users' properties and switch them to the new domain (use the dropdown under "User principal name").
7. Delete the old Entra ID domain.

## Step 11: Run initial Ansible

Make sure the Azure CLI is logged in, then:

Expand All @@ -124,7 +142,7 @@ ansible-playbook -i hosts.ini -v main.yml
cd ..
```

## Step 11: Populate Github Actions secrets and variables
## Step 12: Populate Github Actions secrets and variables

In the [fullstaq-ruby/server-edition](https://github.com/fullstaq-ruby/server-edition/settings/secrets) repo, create the following environments:

Expand Down
5 changes: 4 additions & 1 deletion terraform/dns.tf
Original file line number Diff line number Diff line change
Expand Up @@ -38,14 +38,17 @@ resource "azurerm_dns_cname_record" "website_gh_pages_www" {
ttl = 86400
}

resource "azurerm_dns_txt_record" "website_google_verification" {
resource "azurerm_dns_txt_record" "website_verification" {
name = "@"
zone_name = azurerm_dns_zone.website.name
resource_group_name = azurerm_dns_zone.website.resource_group_name
ttl = 86400
record {
value = "google-site-verification=usrLESAOrudLzVFrFcTxPGqMikectAoaWT8aJe0cLFc"
}
record {
value = var.entra_id_domain_validation_value
}
}

resource "azurerm_dns_txt_record" "website_dmarc" {
Expand Down
5 changes: 5 additions & 0 deletions terraform/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,11 @@ variable "dns_name" {
default = "fullstaqruby.org"
}

variable "entra_id_domain_validation_value" {
type = string
default = "MS=ms10083350"
}

variable "storage_account_prefix" {
type = string
default = "fsruby2"
Expand Down

0 comments on commit a1026cd

Please sign in to comment.