Support for multiple domain names using Terraform

To create an infrastructure to support multiple website domain names using Terraform:

1. Delegate the domain name.
2. Create your infrastructure.
3. Check the performance of several domains.

Delegate the domain nameDelegate the domain name

You can use Yandex Cloud DNS to manage the domain.

To delegate a domain to Cloud DNS, in your account on your domain registrar's website, specify the DNS server addresses in the domain settings:

• ns1.yandexcloud.net
• ns2.yandexcloud.net

Delegation does not take effect immediately. Internet provider servers normally update records within 24 hours (86,400 seconds). This depends on the TTL value which specifies how long domain records are cached.

You can check domain delegation using Whois or the dig utility:

dig +short NS example.com

Result:

ns2.yandexcloud.net.
ns1.yandexcloud.net.

Create your infrastructureCreate your infrastructure

1. Set up your infrastructure description files:

   Ready-made configuration

   Manually

   1. Clone the repository with configuration files.

      git clone https://github.com/yandex-cloud-examples/yc-s3-static-website-multiple-domain.git
      

   2. Navigate to the repository directory. It should now contain the following files:

      • index.html: Website home page file.
      • website-multiple-domain.tf: New infrastructure configuration.
      • website-multiple-domain.auto.tfvars: User data file.

   1. Create a folder for configuration files.

   2. In the folder, create:

      1. website-multiple-domain.tf configuration file:

         website-multiple-domain.tf

         # Declaring variables with sensitive data
         
         variable "main_domain" {
           type = string
         }
         
         variable "extra_domain" {
           type = string
         }
         
         variable "folder_id" {
           type = string
         }
         
         locals {
           test = [ yandex_dns_zone.zone1.id, yandex_dns_zone.zone2.id]
         }
         
         # Configuring the provider
         
         terraform {
           required_providers {
             yandex = {
               source = "yandex-cloud/yandex"
             }
           }
           required_version = ">=0.136.0"
         }
         
         # Creating buckets
         
         resource "yandex_storage_bucket" "main-bucket" {
           bucket    = var.main_domain
           folder_id = var.folder_id
           anonymous_access_flags {
             read        = true
             list        = true
             config_read = false
           }
           website {
             index_document = "index.html"
             error_document = "error.html"
           }
         
           https {
             certificate_id = data.yandex_cm_certificate.example_by_id.id
           }
         
           depends_on = [data.yandex_cm_certificate.example_by_id]
         }
         
         resource "yandex_storage_bucket" "extra-bucket" {
           bucket    = var.extra_domain
           folder_id = var.folder_id
           anonymous_access_flags {
             read        = true
             list        = true
             config_read = false
           }
           website {
             redirect_all_requests_to = "https://${var.main_domain}"
           }
         
           https {
             certificate_id = data.yandex_cm_certificate.example_by_id.id
           }
         
           depends_on = [data.yandex_cm_certificate.example_by_id]
         }
         
         # Uploading the main page to the bucket
         
         resource "yandex_storage_object" "index-page" {
           bucket     = yandex_storage_bucket.main-bucket.id
           key        = "index.html"
           source     = "index.html"
         }
         
         # Creating DNS zones and resource records
         
         resource "yandex_dns_zone" "zone1" {
           name    = "main-domain-zone"
           zone    = "${var.main_domain}."
           public  = true
         }
         
         resource "yandex_dns_recordset" "rs1" {
           zone_id = yandex_dns_zone.zone1.id
           name    = "@"
           type    = "CNAME"
           ttl     = 600
           data    = ["${var.main_domain}.website.yandexcloud.net"]
         }
         
         resource "yandex_dns_zone" "zone2" {
           name    = "extra-domain-zone"
           zone    = "${var.extra_domain}."
           public  = true
         }
         
         resource "yandex_dns_recordset" "rs2" {
           zone_id = yandex_dns_zone.zone2.id
           name    = "@"
           type    = "CNAME"
           ttl     = 600
           data    = ["${var.extra_domain}.website.yandexcloud.net"]
         }
         
         
         # Creating a Let's Encrypt TLS certificate
         
         resource "yandex_cm_certificate" "example" {
           name    = "multidomains-cert"
           domains = ["${var.main_domain}", "${var.extra_domain}"]
         
           managed {
             challenge_type  = "DNS_CNAME"
             challenge_count = 2 # for each domain
           }
         }
         
         resource "yandex_dns_recordset" "example" {
           count   = yandex_cm_certificate.example.managed[0].challenge_count
           zone_id = element(local.test, count.index - 1)
           name    = yandex_cm_certificate.example.challenges[count.index].dns_name
           type    = yandex_cm_certificate.example.challenges[count.index].dns_type
           data    = [yandex_cm_certificate.example.challenges[count.index].dns_value]
           ttl     = 600
         }
         
         data "yandex_cm_certificate" "example_by_id" {
           depends_on     = [yandex_dns_recordset.example]
           certificate_id = yandex_cm_certificate.example.id
         }
         

      2. website-multiple-domain.auto.tfvars user data file:

         website-multiple-domain.auto.tfvars

         folder_id    = "<folder_ID>"
         main_domain  = "<main_domain>"
         extra_domain = "<additional_domain>"
         

      3. The home page file for the website, index.html:

         index.html

         <!DOCTYPE html>
         <html>
           <head>
             <title>My site</title>
           </head>
           <body>
             <h1>This is my site!</h1>
           </body>
         </html>
         

   Learn more about the properties of Terraform resources in the relevant provider guides:

   • Bucket: yandex_storage_bucket
   • Object: yandex_storage_object
   • DNS zone: yandex_dns_zone
   • DNS resource record: yandex_dns_recordset
   • TLS certificate: yandex_cm_certificate

2. In the website-multiple-domain.auto.tfvars file, set the following user-defined properties:

   • folder_id: Folder ID.
   • main_domain: Main domain, e.g., example.com.
   • extra_domain: Additional domain, e.g., example2.com.

3. Create the resources:

   1. In the terminal, go to the directory where you edited the configuration file.

   2. Make sure the configuration file is correct using this command:

      terraform validate
      

      If the configuration is correct, you will get this message:

      Success! The configuration is valid.
      

   3. Run this command:

      terraform plan
      

      You will see a detailed list of resources. No changes will be made at this step. If the configuration contains any errors, Terraform will show them.

   4. Apply the changes:

      terraform apply
      

   5. Type yes and press Enter to confirm the changes.

Check the performance of several domainsCheck the performance of several domains

Wait until the TLS certificate is issued and switches to the Issued status. After that, make sure the redirect works: opening the https://example2.com website should take you to https://example.com.