fission icon indicating copy to clipboard operation
fission copied to clipboard
verified publisher icon fission-codes

Allow users to import their own Domains

Open bnchrch opened this issue 6 years ago • 2 comments

Dependant on: #218 and #219

Summary

We should allow users to use any domain of their choice

Problem / Impact

By not having this feature we are putting up a large blocker to having fission used in production.

Solution

We need to allow users to point their nameservers at our own then be able to link the domain to their account.

Detail

  1. A user reads our DNS documentation and gets the list of our namesevers
  2. They point their domain at those name servers
  3. from the cli they type fission add domain test.xyz
  4. They are asked if they own the domain? Yes
  5. They are shown the nameservers and are asked if they've updating their DNS information? yes
  6. The CLI verifys the name servers are correctly setup
  7. the domain will be inserted into the table denoting which domains are owned by which user

If a user types fission set domain test.xyz

  1. The same steps from add will occur in addition to below
  2. the domain will be saved to the local fission.yaml file
  3. the domain will be updated to point to the latest CID for the project

Updates to the API

  1. Add an endpoint GET /user/domain/{domain} that will return the status of a domain. Is it's nameservers configured? does a user already own it? is it available to be assigned to the requesting user?
  2. Add an endpoint POST /user/domain/{domain} That will add the domain to the user

Dependant on

#129 For allowing more than one domain per account

Unknowns

  1. How will we handle SSL certs?

Impossibles

CNAME redirects

Netlify allows users to point subdomain and apex (depending on DNS provider) CNAME records to their pages directions. i.e. CNAME *.benchurch.com -> {site}.netlify.com.

https://docs.netlify.com/domains-https/custom-domains/configure-external-dns/#configure-an-apex-domain

However due to how IPFS and IPNS lookups work I believe we wont be able to fill that case.

Sanity check here would be nice @fission-suite/core

Inspriation

https://docs.netlify.com/domains-https/custom-domains/

After Completion

  1. We will need to update the CLI to accommodate this change (create issue)
  2. Update our support pages to detail out the process
  3. We will need to handle users setting DNS records for other services (blogs, email etc..)

bnchrch avatar Nov 05 '19 00:11 bnchrch

I think we have to write out externally hosted vs on our name servers.

The externally hosted version should just be CNAME to SUBDOMAIN.fission.name

(CNAME of root depends on the provider. Have to see what we can support with Route53)

The switch to our name servers is the same as purchasing a domain from us.

I would prioritize CNAME first. And probably make “use our name servers” as a separate issue as it is a sub flow of purchasing.

The new domains table that I suggested in the other issue applies here.

bmann avatar Nov 05 '19 00:11 bmann

Wrote up some details over here (https://github.com/fission-suite/web-api/issues/255) before realizing that it was a repeat issue.

These are the steps for registering a domain (and also addresses the SSL concern above):

  • check that the nameservers for example.com are properly configured
  • check that no other user owns the domain name
  • create a Route53 hosted zone for example.com
  • request SSL certs for example.com using the DNS challenge option
  • add DNS records to the example.com Route53 hosted zone for the DNS challenge
  • add the SSL certs for example.com to the load balancer in front of the IPFS gateway
  • add example.com to the list of user's domains in the DB

dholms avatar Feb 10 '20 22:02 dholms