1

I just followed the procedure to map a single domain to my custom domain:

  1. Create the domain mydomain.com in ORGS
  2. Create the route myapp.mydomain.com in SPACES
  3. Map my app to both myapp.scapp.io and myapp.mydomain.com in SPACES
  4. Add a CNAME DNS entry for mydomain.com with the name myapp and target mapapp.scapp.io (I'm using amazon route 53)

The mapping works, I can access myapp with myapp.mydomain.com, but the address still shows myapp.scapp.io

How can I make the mapping transparent and display myapp.mydomain.com in the address bar ?

Quentin Herzig
  • 103
  • 7
  • 2
    Sounds like you have some URL rewriting within your app. The platform should not touch the host header. Can you give us a bit more information about your application? What buildpack are you using? – Lafunamor Aug 28 '18 at 12:24
  • Hello, thank you for your answer ! I'm running a meteor application on the nodejs buildpack [https://github.com/cloudfoundry/nodejs-buildpack]. As you see in the answer below, I managed to make it "work" using a CNAME and an Alias. But not sure if I'm doing it right. – Quentin Herzig Aug 28 '18 at 12:38

2 Answers2

1

Update:

I managed to make it work on amazon route 53:

  1. Create the domain mydomain.com in ORGS
  2. Create the route myapp.mydomain.com in SPACES

  3. Map my app to both myapp.scapp.io and myapp.mydomain.com in SPACES

  4. Add a CNAME DNS entry for mydomain.com with the name myapp-cname and target myapp.scapp.io

  5. Add a CNAME DNS entry for mydomain.com with the name myapp, enabling Alias and target myapp-cname.mydomain.com

It shows myapp.mydomain.com in the address bar as expected, but I doubt this is the right way to do it.

Quentin Herzig
  • 103
  • 7
0

@UPDATE The issue was coming from my meteor application that did not properly force requests to https. I was using the force-ssl package, but as said in the README:

Meteor bundles (i.e. meteor build) do not include an HTTPS server or certificate. A proxy server that terminates SSL in front of a Meteor bundle must set the x-forwarded-proto or forwarded (RFC 7239) header for this package to work.

Therefore I am using a staticfile application with a custom nginx.conf.

I created a staticfile application using the staticfile-buildpack, add my private domains to the routes in the manifest.yml, and set the env variable FORCE_HTTPS to true:

applications:
  - name: my-nginx
    memory: 128M
    instances: 1
    buildpack: https://github.com/cloudfoundry/staticfile-buildpack.git
    routes:
      - route: 'app1.mydomain.com'
      - route: 'app2.mydomain.com'
      - route: 'app1.subdomain.mydomain.com'
      - route: 'app2.subdomain.mydomain.com'
      - route: 'app3.mydomain.com'
    env:
      FORCE_HTTPS: true

The next step was to create the custom nginx.conf with a server{...} block for each of my private domains, with a proxy_pass on the corresponding scapp.io domain (here with two private domains):

worker_processes 1;
daemon off;

error_log <%= ENV["APP_ROOT"] %>/nginx/logs/error.log;
events { worker_connections 1024; }

http {
  charset utf-8;
  log_format cloudfoundry '$http_x_forwarded_for - $http_referer - [$time_local] "$request" $status $body_bytes_sent';
  access_log <%= ENV["APP_ROOT"] %>/nginx/logs/access.log cloudfoundry;
  default_type application/octet-stream;
  include mime.types;
  sendfile on;

  gzip on;
  gzip_disable "msie6";
  gzip_comp_level 6;
  gzip_min_length 1100;
  gzip_buffers 16 8k;
  gzip_proxied any;
  gunzip on;
  gzip_static always;
  gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/xml+rss;
  gzip_vary on;

  tcp_nopush on;
  keepalive_timeout 30;
  port_in_redirect off; # Ensure that redirects don't include the internal container PORT - <%= ENV["PORT"] %>
  server_tokens off;

  server {
    listen <%= ENV["PORT"] %>;
    server_name app1.mydomain.com;

    # Redirects to https if the environment variable "FORCE_HTTPS" is set to true
    <% if ENV["FORCE_HTTPS"] %>
     if ($http_x_forwarded_proto != "https") {
       return 301 https://$host$request_uri;
     }
    <% end %>

    location / {
      proxy_pass  https://app1.scapp.io/;
    }
  }

  server {
    listen <%= ENV["PORT"] %>;
    server_name app2.mydomain.com;

    <% if ENV["FORCE_HTTPS"] %>
     if ($http_x_forwarded_proto != "https") {
       return 301 https://$host$request_uri;
     }
    <% end %>

    location / {
      proxy_pass  http://app2.scapp.io/;
    }  
  }
}

The next steps are the usual ones:

  • Create a domain mydomain.com in the right ORG and each of my private routes in the correct SPACE.
  • Create SSL certificates for each of my private domains in the swisscomdev console.
  • Create CNAME DNS entries for mydomain.com with the name * and target my-nginx.scapp.io (the scapp.io route automatically assigned by swisscom for my staticfile application).

Lastly, I pushed the application with cf push and it works like a charm !

Quentin Herzig
  • 103
  • 7