Allow "altis.dev" TLD to be configured #237
Conversation
With the "HTTPS required" natire of `.dev` domains, the fact that we currently have to issue a fully signed wildcard cert (`.dev` doesn't support self signed certs), and then the fact that we can't support subdomain installs in local-server; I think the days of `altis.dev` are probably numbered. This PR atleast makes this TLD fully configurable, to something more `.local` or `.altis.local`. In doing so, I also added an option to set `secure` to `true` / `false`, so HTTP-only can then be supported with TLDs other than `.dev`. At this point I don't think we need to publicly document this neccesarily, but I think we are going to need to move away from this hardcoding of altis.dev. If nothing else, this makes the code more configurable in special use cases.
![hm-linter[bot]](https://avatars.githubusercontent.com/in/5455?s=60&v=4){kind=small}
| @@ -153,7 +153,6 @@ address = ":8080" | |||
| # Optional | |||
| # Default: "" | |||
| # | |||
| domain = "altis.dev" | |||
There was a problem hiding this comment.
@roborourke I couldn't actually see where this was used. The docs say it's a default, do you know impact of removing this?
There was a problem hiding this comment.
We could maybe generate that file too. Honestly best off asking @nathanielks but if it all works without it then that’s ok
There was a problem hiding this comment.
AFAIK this won't impact anything. As you say, it's a default and I'm assuming the value would already be set by the Host header.
There was a problem hiding this comment.
Thanks @joehoyle!
There are a couple of little bugs in there that I've commented on inline, plus I also just merged in something that adds a 3rd parameter to the docker file generator so there's a conflict there. Should be easy resolve, I'm just passing in an array of extra 'stuff' now so you could add the TLD to that.
Are there any issues with the built in certificates being mounted in the traefik container when not using the .altis.dev TLD?
I think what's maybe missing here is a way to add your own certs to the Traefik proxy if you do change the TLD. How would I use something like mkcert to create self signed certs and use them with local server? That's something I'd like to see docs for and potentially a command that can automate the use of mkcert, or show installation instructions if missing.
Last thing is why not document this now? I don't think this is something we would backport (though could make a preview release of course). I'd like to avoid adding things without documenting them without at least creating a follow up issue to address it.
| $config = $this->get_composer_config(); | ||
|
|
||
| if ( isset( $config['tld'] ) ) { | ||
| $project_name = $config['tld']; |
There was a problem hiding this comment.
Do we need some validation here? Guess it would quickly become apparent if something is wrong but we may want to pass an error back if the value won't work as a TLD
There was a problem hiding this comment.
Hmm yeah I'd be for die( $message ) to make it clear, though we might want to bubble that error yeah.
| @@ -55,11 +55,11 @@ class Docker_Compose_Generator { | |||
| * @param string $project_name The docker compose project name. | |||
| * @param string $root_dir The project root directory. | |||
| */ | |||
| public function __construct( string $project_name, string $root_dir ) { | |||
| public function __construct( string $project_name, string $root_dir, string $tld ) { | |||
There was a problem hiding this comment.
Sorry, I already added a 3rd argument here more generally for $args in a PR to fix the xdebug functionality #240, could update this to pass the tld and any other config options that way. Probably the whole config would be useful with some defaults.
There was a problem hiding this comment.
As it happens, I think I can remove. We already pull the project config in this class anyway, so we can just read TLD from there
Co-authored-by: Robert O'Rourke <[email protected]>
Co-authored-by: Robert O'Rourke <[email protected]>
Yeah, so atm, you'd need to manually replace those in
Yeah would love to use
Specifically because we haven't solved SSL yet. I'd recommend on merging, and have it as an undocumented feature until we solve SSL too. |
In v2, Traefik's config has been split into static configuration (eg |
|
@rmccue do you have anything to commit here in your trials with Codespaces. E.g. I think you accounted for no-told ( |
|
Yeah, work under way in https://github.com/humanmade/altis-local-server/tree/support-codespaces to support tld-less configurations, but Codespaces needs a few more things which I'll need to push up too. |
|
@roborourke could I get a re-review on this? IMO we should merge this mostly as is, and then #341 is largely a follow-up. |
|
Yeah looks like #341 has all the same stuff so we can close this in favour of that one. It'll need to be rebased on master or at least have the merge conflicts resolved. |
|
Ok, closing this one out in that case |
With the "HTTPS required" natire of
.devdomains, the fact that wecurrently have to issue a fully signed wildcard cert (
.devdoesn'tsupport self signed certs), and then the fact that we can't support
subdomain installs in local-server; I think the days of
altis.devareprobably numbered. This PR atleast makes this TLD fully configurable, to
something more
.localor.altis.local.In doing so, I also added an option to set
securetotrue/false,so HTTP-only can then be supported with TLDs other than
.dev.At this point I don't think we need to publicly document this
neccesarily, but I think we are going to need to move away from this
hardcoding of altis.dev. If nothing else, this makes the code more
configurable in special use cases.