d-bis/miracles_in_motion
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
miracles_in_motion/docs/deployment/DEPLOYMENT_SETUP_README.md
defiQUG f5eb036ee9 chore: organize project structure and cleanup root directory 
- Move all deployment documentation to docs/deployment/ (16 files)
- Move all phase documentation to docs/phases/ (9 files)
- Move deployment scripts to scripts/ (3 PowerShell scripts)
- Remove temporary deployment zip files (5 files)
- Remove duplicate documentation files
- Create documentation indexes for better navigation
- Clean up root directory to essential files only
- Update documentation references

Root directory reduced from ~50+ files to 20 essential files.
All documentation properly organized and indexed.
2025-11-12 08:23:49 -08:00

6.9 KiB
Raw Permalink Blame History

🚀 Deployment Setup - Complete Prerequisites Guide

This document provides an overview of all the deployment prerequisites and setup scripts that have been created for the Miracles In Motion application.

📚 Documentation

Main Documentation Files

  1. DEPLOYMENT_PREREQUISITES.md - Comprehensive guide covering:

    • Azure infrastructure setup
    • MS Entra (Azure AD) configuration
    • Cloudflare setup
    • Stripe configuration
    • Environment variables
    • Pre-deployment checklist
    • Post-deployment verification
    • Troubleshooting guide

  2. QUICK_START_DEPLOYMENT.md - Step-by-step quick start guide for deployment

🛠️ Setup Scripts

PowerShell Scripts (Windows)

  1. scripts/setup-azure-entra.ps1 - MS Entra (Azure AD) setup

    • Creates app registration
    • Configures redirect URIs
    • Sets up API permissions
    • Creates app roles (Admin, Volunteer, Resource)
    • Stores configuration in Key Vault

  2. scripts/setup-cloudflare.ps1 - Cloudflare configuration

    • Creates DNS records (CNAME)
    • Configures SSL/TLS settings
    • Sets up security settings
    • Configures speed optimizations
    • Adds custom domain to Azure Static Web App

  3. scripts/deployment-checklist.ps1 - Pre-deployment verification

    • Checks Azure CLI installation
    • Verifies Azure login
    • Checks resource group existence
    • Verifies all Azure resources
    • Checks Azure AD app registration
    • Verifies Cloudflare DNS
    • Checks Stripe configuration
    • Validates environment variables

Bash Scripts (Linux/Mac)

  1. scripts/setup-azure-entra.sh - MS Entra (Azure AD) setup (Bash version)
  2. scripts/setup-cloudflare.sh - Cloudflare configuration (Bash version)

📋 Configuration Files

Infrastructure

  1. infrastructure/main-production.bicep - Enhanced with:

    • Azure AD configuration parameters
    • Key Vault secrets for Azure AD
    • Static Web App configuration
    • Function App configuration
    • Cosmos DB configuration
    • Application Insights configuration
    • SignalR configuration

  2. infrastructure/main-production.parameters.json - Updated with:

    • Azure AD Client ID parameter
    • Azure AD Tenant ID parameter
    • Azure AD Client Secret parameter
    • Stripe public key parameter
    • Custom domain configuration

Application Configuration

  1. staticwebapp.config.json - Updated with:

    • Role-based route protection
    • Azure AD authentication configuration
    • Security headers
    • Custom domain forwarding

  2. env.production.template - Environment variable template with:

    • Azure configuration
    • Stripe configuration
    • Cosmos DB configuration
    • Application Insights configuration
    • Key Vault configuration
    • SignalR configuration
    • Cloudflare configuration
    • Salesforce configuration (optional)
    • Email configuration (optional)

🚀 Quick Start

1. Azure Setup

# Login to Azure
az login

# Create resource group
az group create --name rg-miraclesinmotion-prod --location eastus2

# Deploy infrastructure
cd infrastructure
az deployment group create \
  --resource-group rg-miraclesinmotion-prod \
  --template-file main-production.bicep \
  --parameters main-production.parameters.json

2. MS Entra Setup

PowerShell:

.\scripts\setup-azure-entra.ps1 -StaticWebAppName "YOUR_APP_NAME"

Bash:

./scripts/setup-azure-entra.sh

3. Cloudflare Setup

PowerShell:

.\scripts\setup-cloudflare.ps1 -CloudflareApiToken "YOUR_TOKEN"

Bash:

./scripts/setup-cloudflare.sh

4. Verify Prerequisites

PowerShell:

.\scripts\deployment-checklist.ps1

5. Deploy Application

.\deploy-production-full.ps1

📝 Checklist

Pre-Deployment

  • Azure subscription created and active
  • Resource group created
  • Infrastructure deployed via Bicep
  • Azure AD app registration created
  • Users assigned to app roles
  • Cloudflare account created
  • DNS records configured
  • SSL/TLS configured
  • Stripe account created
  • Stripe keys obtained
  • Webhook configured
  • Environment variables configured
  • Key Vault secrets stored
  • All prerequisites verified

Post-Deployment

  • Application deployed successfully
  • Authentication working
  • DNS resolving correctly
  • SSL certificates valid
  • Stripe integration working
  • API endpoints functional
  • Monitoring configured
  • Logs being collected
  • Alerts configured
  • Backup strategy in place

🔒 Security Best Practices

  1. Never commit secrets to source control
  2. Use Key Vault for all secrets
  3. Enable MFA for all Azure accounts
  4. Regularly rotate API keys and secrets
  5. Monitor for suspicious activity
  6. Keep dependencies updated
  7. Use HTTPS everywhere
  8. Implement rate limiting
  9. Regular security audits
  10. Follow principle of least privilege

🆘 Troubleshooting

Common Issues

  1. Authentication Not Working

    • Verify app registration redirect URIs
    • Check Static Web App authentication configuration
    • Verify user roles are assigned
    • Check browser console for errors

  2. DNS Not Resolving

    • Verify nameservers are updated
    • Wait for DNS propagation (24-48 hours)
    • Check Cloudflare DNS records
    • Verify CNAME records

  3. SSL Certificate Issues

    • Verify Cloudflare SSL mode is "Full (strict)"
    • Check Azure Static Web App custom domain configuration
    • Wait for SSL certificate provisioning

  4. Stripe Webhook Not Working

    • Verify webhook endpoint URL
    • Check webhook signing secret
    • Verify Function App is receiving events
    • Check Function App logs

📞 Support

For issues or questions:

  • Check DEPLOYMENT_PREREQUISITES.md for detailed documentation
  • Review Azure Portal logs
  • Check Application Insights for errors
  • Contact the development team

🔄 Updates

This setup has been created with the following updates:

  • Enhanced Bicep infrastructure with Azure AD support
  • Updated staticwebapp.config.json with authentication
  • Created comprehensive deployment documentation
  • Created setup scripts for Azure AD and Cloudflare
  • Created deployment checklist script
  • Created environment variable templates
  • Updated deployment parameters

📅 Last Updated

January 2025

👥 Maintained By

Miracles In Motion Development Team

Note: All scripts and configurations have been tested and are ready for production use. Make sure to review and update all placeholder values before deployment.

Reference in New Issue View Git Blame Copy Permalink