point root domain to new websites

Tietokilta · May 19, 2024 · 6ef96e7 · 6ef96e7
1 parent f247d94
commit 6ef96e7
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 12 deletions.
diff --git a/main.tf b/main.tf
@@ -146,7 +146,7 @@ module "web" {
   acme_account_key           = module.common.acme_account_key
   root_zone_name             = module.dns_prod.root_zone_name
   dns_resource_group_name    = module.dns_prod.resource_group_name
-  subdomain                  = "alpha"
+  subdomain                  = "@"
   mongo_connection_string    = module.mongodb.db_connection_string
   google_oauth_client_id     = module.keyvault.google_oauth_client_id
   google_oauth_client_secret = module.keyvault.google_oauth_client_secret

diff --git a/modules/dns/root/main.tf b/modules/dns/root/main.tf
@@ -8,14 +8,6 @@ resource "azurerm_dns_zone" "root_zone" {
   resource_group_name = azurerm_resource_group.dns_rg.name
 }
 
-# A record for main website
-resource "azurerm_dns_a_record" "root_a" {
-  name                = "@"
-  resource_group_name = azurerm_resource_group.dns_rg.name
-  zone_name           = azurerm_dns_zone.root_zone.name
-  ttl                 = 300
-  records             = ["130.233.48.30"]
-}
 
 # record for old website
 resource "azurerm_dns_a_record" "old_a" {

diff --git a/modules/web/dns.tf b/modules/web/dns.tf
@@ -10,7 +10,8 @@ terraform {
 }
 
 locals {
-  fqdn = var.subdomain == "@" ? var.root_zone_name : "${var.subdomain}.${var.root_zone_name}"
+  fqdn         = var.subdomain == "@" ? var.root_zone_name : "${var.subdomain}.${var.root_zone_name}"
+  asuid_domain = var.subdomain == "@" ? "" : ".${var.subdomain}"
 }
 
 # A record for the web app
@@ -24,7 +25,18 @@ resource "azurerm_dns_a_record" "tikweb_a" {
 
 # Azure verification key
 resource "azurerm_dns_txt_record" "tikweb_asuid" {
-  name                = "asuid.${var.subdomain}"
+  name                = "asuid${local.asuid_domain}"
+  resource_group_name = var.dns_resource_group_name
+  zone_name           = var.root_zone_name
+  ttl                 = 300
+
+  record {
+    value = azurerm_linux_web_app.web.custom_domain_verification_id
+  }
+}
+# Azure verification key for www
+resource "azurerm_dns_txt_record" "tikweb_asuid_www" {
+  name                = "asuid.www${local.asuid_domain}"
   resource_group_name = var.dns_resource_group_name
   zone_name           = var.root_zone_name
   ttl                 = 300
@@ -36,7 +48,7 @@ resource "azurerm_dns_txt_record" "tikweb_asuid" {
 
 # Reporting-only DMARC policy
 resource "azurerm_dns_txt_record" "tikweb_dmarc" {
-  name                = "_dmarc.${var.subdomain}"
+  name                = "_dmarc${local.asuid_domain}"
   resource_group_name = var.dns_resource_group_name
   zone_name           = var.root_zone_name
   ttl                 = 300