6.8 KiB
6.8 KiB
🚀 Quick Start Deployment Guide
This guide provides a step-by-step process to set up all prerequisites and deploy the Miracles In Motion application to production.
Prerequisites
- Azure subscription with Contributor or Owner role
- Azure CLI installed and configured
- Cloudflare account (for DNS/CDN)
- Stripe account (for payments)
- Domain name registered (miraclesinmotion.org)
Step 1: Azure Setup
1.1 Login to Azure
az login
az account set --subscription "Your Subscription ID"
1.2 Create Resource Group
az group create \
--name rg-miraclesinmotion-prod \
--location eastus2
1.3 Deploy Infrastructure
cd infrastructure
# Update main-production.parameters.json with your values
# Then deploy:
az deployment group create \
--resource-group rg-miraclesinmotion-prod \
--template-file main-production.bicep \
--parameters main-production.parameters.json \
--parameters stripePublicKey="pk_live_YOUR_KEY"
Step 2: MS Entra (Azure AD) Setup
2.1 Run Setup Script
PowerShell (Windows):
.\scripts\setup-azure-entra.ps1 `
-StaticWebAppName "YOUR_STATIC_WEB_APP_NAME" `
-AzureResourceGroup "rg-miraclesinmotion-prod"
Bash (Linux/Mac):
chmod +x scripts/setup-azure-entra.sh
./scripts/setup-azure-entra.sh
2.2 Configure Authentication in Azure Portal
- Navigate to Static Web App → Authentication
- Click Add identity provider
- Select Microsoft
- Enter your App Registration ID (from setup script)
- Save
2.3 Assign Users to Roles
- Go to Microsoft Entra ID → App registrations → Your app
- Go to App roles
- Assign users to Admin, Volunteer, or Resource roles
Step 3: Cloudflare Setup
3.1 Run Setup Script
PowerShell (Windows):
.\scripts\setup-cloudflare.ps1 `
-Domain "miraclesinmotion.org" `
-StaticWebAppName "YOUR_STATIC_WEB_APP_NAME" `
-AzureResourceGroup "rg-miraclesinmotion-prod" `
-CloudflareApiToken "YOUR_CLOUDFLARE_API_TOKEN"
Bash (Linux/Mac):
chmod +x scripts/setup-cloudflare.sh
export STATIC_WEB_APP_NAME="YOUR_STATIC_WEB_APP_NAME"
export AZURE_RESOURCE_GROUP="rg-miraclesinmotion-prod"
./scripts/setup-cloudflare.sh
3.2 Verify DNS Propagation
Wait 24-48 hours for DNS propagation, then verify:
dig miraclesinmotion.org
dig www.miraclesinmotion.org
Step 4: Stripe Configuration
4.1 Get Stripe Keys
- Go to Stripe Dashboard
- Navigate to Developers → API keys
- Copy your Publishable key and Secret key
4.2 Configure Webhooks
- Go to Developers → Webhooks
- Click + Add endpoint
- Set URL:
https://miraclesinmotion.org/api/webhooks/stripe - Select events:
payment_intent.succeeded,payment_intent.payment_failed - Copy the Webhook signing secret
4.3 Store Secrets in Key Vault
KEY_VAULT_NAME="YOUR_KEY_VAULT_NAME"
az keyvault secret set \
--vault-name $KEY_VAULT_NAME \
--name "stripe-publishable-key" \
--value "pk_live_YOUR_KEY"
az keyvault secret set \
--vault-name $KEY_VAULT_NAME \
--name "stripe-secret-key" \
--value "sk_live_YOUR_KEY"
az keyvault secret set \
--vault-name $KEY_VAULT_NAME \
--name "stripe-webhook-secret" \
--value "whsec_YOUR_SECRET"
Step 5: Environment Configuration
5.1 Create Environment File
cp env.production.template .env.production
5.2 Update Environment Variables
Edit .env.production with your actual values:
- Azure Client ID (from Step 2)
- Azure Tenant ID (from Step 2)
- Stripe keys (from Step 4)
- Cosmos DB endpoint
- Application Insights connection string
- Key Vault URL
- SignalR connection string
Step 6: Verify Prerequisites
6.1 Run Deployment Checklist
PowerShell:
.\scripts\deployment-checklist.ps1 `
-ResourceGroupName "rg-miraclesinmotion-prod" `
-StaticWebAppName "YOUR_STATIC_WEB_APP_NAME" `
-FunctionAppName "YOUR_FUNCTION_APP_NAME"
This will verify:
- ✅ Azure CLI and login
- ✅ Resource group exists
- ✅ Static Web App exists
- ✅ Function App exists
- ✅ Key Vault exists
- ✅ Cosmos DB exists
- ✅ Application Insights exists
- ✅ Azure AD App Registration exists
- ✅ Cloudflare DNS configured
- ✅ Stripe keys configured
- ✅ Environment variables configured
Step 7: Deploy Application
7.1 Build Application
npm install --legacy-peer-deps
npm run build
7.2 Deploy to Azure
.\deploy-production-full.ps1 `
-ResourceGroupName "rg-miraclesinmotion-prod" `
-CustomDomain "miraclesinmotion.org" `
-StripePublicKey "pk_live_YOUR_KEY"
Step 8: Post-Deployment Verification
8.1 Verify Application
- Navigate to
https://miraclesinmotion.org - Test authentication flow
- Test donation flow
- Verify API endpoints
- Check Application Insights for errors
8.2 Verify Security
- Check SSL certificate is valid
- Verify HTTPS redirects work
- Test role-based access control
- Verify secrets are stored in Key Vault
8.3 Verify Performance
- Check page load times
- Verify CDN is working (Cloudflare)
- Check API response times
- Monitor Application Insights
Troubleshooting
Authentication Not Working
- Verify app registration redirect URIs include your domain
- Check Static Web App authentication configuration in Azure Portal
- Verify user roles are assigned in Azure AD
- Check browser console for errors
DNS Not Resolving
- Verify nameservers are updated at domain registrar
- Wait 24-48 hours for DNS propagation
- Check Cloudflare DNS records
- Verify CNAME records point to correct Azure endpoint
SSL Certificate Issues
- Verify Cloudflare SSL mode is "Full (strict)"
- Check Azure Static Web App custom domain configuration
- Wait for SSL certificate provisioning (up to 24 hours)
Stripe Webhook Not Working
- Verify webhook endpoint URL is correct
- Check webhook signing secret
- Verify Function App is receiving webhook events
- Check Function App logs for errors
Next Steps
After successful deployment:
- Set up monitoring and alerts
- Configure backup and disaster recovery
- Set up CI/CD pipeline
- Schedule regular security audits
- Set up performance monitoring
- Configure log retention policies
- Set up cost alerts
Support
For issues or questions:
- Check DEPLOYMENT_PREREQUISITES.md for detailed documentation
- Review Azure Portal logs
- Check Application Insights for errors
- Contact the development team
Last Updated: January 2025 Maintained by: Miracles In Motion Development Team