Added a custom domain name and validation records.

2025-08-15 20:45:55 +02:00
parent a75743e4e0
commit f21739c250
2 changed files with 48 additions and 1 deletions
--- a/terraform/main.tf
+++ b/terraform/main.tf
@@ -30,6 +30,7 @@ data "azuread_user" "az_lab_admin" {

 locals {
  kv_secret_name = "azure-client-secret"
+  app_name = "${var.project_name}-app"
 }

 resource "azurerm_resource_group" "rg" {
@@ -82,7 +83,7 @@ resource "azurerm_container_app_environment" "env" {
 }

 resource "azurerm_container_app" "app" {
-  name                         = "${var.project_name}-app"
+  name                         = local.app_name
  container_app_environment_id = azurerm_container_app_environment.env.id
  resource_group_name          = azurerm_resource_group.rg.name
  revision_mode                = "Single"
@@ -165,3 +166,37 @@ data "azurerm_container_registry" "acr" {
  name                = "skdomlab"
  resource_group_name = "dom-lab-common"
 }
+
+data "azurerm_dns_zone" "lab_dns_zone" {
+  name                = var.dns_zone_name
+  resource_group_name = var.dns_zone_resource_group_name
+}
+
+resource "azurerm_dns_txt_record" "domain_verification" {
+  name                = "asuid.${var.project_name}"
+  resource_group_name = data.azurerm_dns_zone.lab_dns_zone.resource_group_name
+  zone_name           = data.azurerm_dns_zone.lab_dns_zone.name
+  ttl                 = 300
+
+  record {
+    value = azurerm_container_app.app.custom_domain_verification_id
+  }
+}
+
+resource "azurerm_dns_cname_record" "app_record" {
+  name = var.project_name
+  zone_name = var.dns_zone_name
+  resource_group_name = var.dns_zone_resource_group_name
+  ttl = 300
+
+  record = "${local.app_name}.${azurerm_container_app_environment.env.default_domain}"
+}
+
+resource "azurerm_container_app_custom_domain" "custom_domain" {
+  name = trimsuffix(trimprefix(azurerm_dns_txt_record.domain_verification.fqdn, "asuid."), ".")
+  container_app_id = azurerm_container_app.app.id
+
+  lifecycle {
+    ignore_changes = [ certificate_binding_type, container_app_environment_certificate_id ]
+  }
+}
--- a/terraform/variables.tf
+++ b/terraform/variables.tf
@@ -25,3 +25,15 @@ variable "project_name" {
  description = "The name used to construct Azure resource names."
  type        = string
 }
+
+variable "dns_zone_name" {
+  description = "The name of the DNS zone for domain verification."
+  type        = string
+  default     = "lab.koszewscy.waw.pl"
+}
+
+variable "dns_zone_resource_group_name" {
+  description = "The name of the resource group containing the DNS zone."
+  type        = string
+  default     = "dom-lab-zones"
+}