Support for multiple domain names using Terraform
To create an infrastructure to support multiple website domain names using Terraform:
Delegate the domain name
You can use Yandex Cloud DNS to manage the domain.
To delegate a domain to Cloud DNS, in your account on your domain registrar's website, specify the DNS server addresses in the domain settings:
ns1.yandexcloud.netns2.yandexcloud.net
Delegation does not take effect immediately. Internet provider servers normally update records within 24 hours (86,400 seconds). This depends on the TTL value which specifies how long domain records are cached.
You can check domain delegation using Whoisdig utility:
dig +short NS example.com
Result:
ns2.yandexcloud.net.
ns1.yandexcloud.net.
Create the infrastructure
-
Prepare your infrastructure description files:
Ready-made configurationManually-
Clone the repository containing the configuration files.
git clone https://github.com/yandex-cloud-examples/yc-s3-static-website-multiple-domain.git -
Navigate to the repository directory. It should now contain the following files:
index.html: Website home page file.website-multiple-domain.tf: New infrastructure configuration.website-multiple-domain.auto.tfvars: User data file.
-
Create a folder for configuration files.
-
In the folder, create:
-
website-multiple-domain.tfconfiguration file:website-multiple-domain.tf
# Declaring variables with sensitive data variable "main_domain" { type = string } variable "extra_domain" { type = string } variable "folder_id" { type = string } locals { test = [ yandex_dns_zone.zone1.id, yandex_dns_zone.zone2.id] } # Configuring the provider terraform { required_providers { yandex = { source = "yandex-cloud/yandex" } } required_version = ">=0.136.0" } # Creating buckets resource "yandex_storage_bucket" "main-bucket" { bucket = var.main_domain folder_id = var.folder_id anonymous_access_flags { read = true list = true config_read = false } website { index_document = "index.html" error_document = "error.html" } https { certificate_id = data.yandex_cm_certificate.example_by_id.id } depends_on = [data.yandex_cm_certificate.example_by_id] } resource "yandex_storage_bucket" "extra-bucket" { bucket = var.extra_domain folder_id = var.folder_id anonymous_access_flags { read = true list = true config_read = false } website { redirect_all_requests_to = "https://${var.main_domain}" } https { certificate_id = data.yandex_cm_certificate.example_by_id.id } depends_on = [data.yandex_cm_certificate.example_by_id] } # Uploading the main page to the bucket resource "yandex_storage_object" "index-page" { bucket = yandex_storage_bucket.main-bucket.id key = "index.html" source = "index.html" } # Creating DNS zones and resource records resource "yandex_dns_zone" "zone1" { name = "main-domain-zone" zone = "${var.main_domain}." public = true } resource "yandex_dns_recordset" "rs1" { zone_id = yandex_dns_zone.zone1.id name = "@" type = "CNAME" ttl = 600 data = ["${var.main_domain}.website.yandexcloud.net"] } resource "yandex_dns_zone" "zone2" { name = "extra-domain-zone" zone = "${var.extra_domain}." public = true } resource "yandex_dns_recordset" "rs2" { zone_id = yandex_dns_zone.zone2.id name = "@" type = "CNAME" ttl = 600 data = ["${var.extra_domain}.website.yandexcloud.net"] } # Creating a Let's Encrypt TLS certificate resource "yandex_cm_certificate" "example" { name = "multidomains-cert" domains = ["${var.main_domain}", "${var.extra_domain}"] managed { challenge_type = "DNS_CNAME" challenge_count = 2 # for each domain } } resource "yandex_dns_recordset" "example" { count = yandex_cm_certificate.example.managed[0].challenge_count zone_id = element(local.test, count.index - 1) name = yandex_cm_certificate.example.challenges[count.index].dns_name type = yandex_cm_certificate.example.challenges[count.index].dns_type data = [yandex_cm_certificate.example.challenges[count.index].dns_value] ttl = 600 } data "yandex_cm_certificate" "example_by_id" { depends_on = [yandex_dns_recordset.example] certificate_id = yandex_cm_certificate.example.id } -
website-multiple-domain.auto.tfvarsuser data file:website-multiple-domain.auto.tfvars
folder_id = "<folder_ID>" main_domain = "<main_domain>" extra_domain = "<additional_domain>" -
Website home page file
index.html:index.html
<!DOCTYPE html> <html> <head> <title>My site</title> </head> <body> <h1>This is my site!</h1> </body> </html>
-
For more information on the properties of resources used in Terraform, see these provider guides:
- Bucket: yandex_storage_bucket
- Object: yandex_storage_object
- DNS zone: yandex_dns_zone
- DNS resource record: yandex_dns_recordset
- TLS certificate: yandex_cm_certificate
-
-
In the
website-multiple-domain.auto.tfvarsfile, set the following user-defined properties:folder_id: Folder ID.main_domain: Main domain, e.g.,example.com.extra_domain: Additional domain, e.g.,example2.com.
-
Create the resources:
-
In the terminal, navigate to the configuration file directory.
-
Make sure the configuration is correct using this command:
terraform validateIf the configuration is valid, you will get this message:
Success! The configuration is valid. -
Run this command:
terraform planYou will see a list of resources and their properties. No changes will be made at this step. Terraform will show any errors in the configuration.
-
Apply the configuration changes:
terraform apply -
Type
yesand press Enter to confirm the changes.
-
Check the performance of several domains
Wait until the TLS certificate is issued and switches to the Issued status. After that, make sure the redirect works: opening the https://example2.com website should take you to https://example.com.