Site Domains

[mtiller]

In the UI for a site, it allows you to add domains. But it isn't clear what these do. I was hoping that they would adjust the reverse proxy configuration for caddy so that the given domain would get routed properly.

For example. Imagine I'm running meli at meli.example.com. If I create a site called foobar, then it is clear that the underlying caddy configuration will route foobar.meli.example.com to the correct handler. But if I add the domain some.other.org to my foobar site, what I was hoping was that if I configured my DNS to route some.other.org to the same server that was handling foobar.meli.example.com that it would serve the same content. After all, this is just a virtual host configuration and I don't see any technical reason why the meli server couldn't actually handle traffic targeting multiple domains.

But when I configure it this way and then GET the caddy configuration from localhost:2019/config, I don't see some.other.org in there at all. Which tells me that whatever the "domains" associated with a site do, they don't impact any of the proxying going on.

Am I right? It would so nice if meli could be configured to handle traffic intended for many different domains all from a single server. But am I correct that, at the moment at least, all the traffic has to be rooted to a single domain?

[MyWay]

I was looking for the same thing. Let's see!

[gempain]

@mtiller the way you imagine this works is the way it should work. Here's what we have for docs.meli.sh:

Something's either broken we have a bug in the UI configuration. Can you try enabling "Automatic SSL" ? I think you're on K8s so you've probably disabled automatic SSL via environment variables, so enabling it in the UI won't generate the certificates, but I have a feeling the JSON config saved in DB is missing a type property which could explain it being filtered out from the config generated. -

[mtiller]

Well, I don't have an "Automatic SSL" for the reasons you explained. I definitely don't want it generating TLS certificates for me since that is already managed by my ingress. But, this is a slight issue because as it stands right now I've created an enhanced helm chart (enhanced beyond what I committed) that allows me to specify the sites and mappings in the values.yaml file and it takes care of all the cert stuff. I could consider explicitly excluding cert-manager from issuing certs for the meli related domains.

But what I don't quite understand is that I don't see any mappings in the caddy configuration when I add a domain. So how does the traffic actually make it to the meli server?

What I've done (up to this point) is actually put all this into the Helm chart and it actually works quite well. I'd like to be able to manage all of this in the meli UI. But part of the problem here is that I'd still need to have a custom ingress resource that was aware of all these extra domains. So I don't see a way to contain it all in the Meli UI for my particular case.

[mtiller]

Let me clarify one point. There is not "Automatic SSL" in the UI for me. So I can't turn it on.

[gempain]

You should be able to manage this is the meli UI, this is exactly what the domains part was meant to do and should do. It should have added a line in the Caddy config for that specific site. Then, when caddy gets a request, it matches the domain name against the config and serves the right site. I'll have a look because that's supposed to work.