add portal_subdomain to nginx regex and fill documentation (#435)

This commit is contained in:
Karol Wypchło 2020-09-29 12:35:34 +02:00 committed by GitHub
parent 10a251c081
commit 468527c22d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 61 additions and 44 deletions

View File

@ -22,8 +22,8 @@ server {
listen 80 default_server; listen 80 default_server;
listen [::]:80 default_server; listen [::]:80 default_server;
# understand the regex https://regex101.com/r/BGQvi6/2/ # understand the regex https://regex101.com/r/BGQvi6/6
server_name "~^(((?<base32_subdomain>([a-z0-9]{55}))|(?<hns_domain>[^\.]+)\.hns)\.)?(?<domain>[^.]+)\.(?<tld>[^.]+)$"; server_name "~^(((?<base32_subdomain>([a-z0-9]{55}))|(?<hns_domain>[^\.]+)\.hns)\.)?((?<portal_domain>[^.]+)\.)?(?<domain>[^.]+)\.(?<tld>[^.]+)$";
# ddos protection: closing slow connections # ddos protection: closing slow connections
client_body_timeout 5s; client_body_timeout 5s;
@ -40,15 +40,15 @@ server {
recursive_error_pages on; recursive_error_pages on;
# redirect links with base32 encoded skylink in subdomain # redirect links with base32 encoded skylink in subdomain
error_page 418 = @base32_subdomain; error_page 460 = @base32_subdomain;
if ($base32_subdomain != "") { if ($base32_subdomain != "") {
return 418; return 460;
} }
# redirect links with handshake domain on hns subdomain # redirect links with handshake domain on hns subdomain
error_page 419 = @hns_domain; error_page 461 = @hns_domain;
if ($hns_domain != "") { if ($hns_domain != "") {
return 419; return 461;
} }
include /etc/nginx/conf.d/include/cors; include /etc/nginx/conf.d/include/cors;

View File

@ -90,18 +90,11 @@ At this point we have almost everything running, we just need to set up your wal
## Subdomains ## Subdomains
It might prove useful for certain skapps to be accessible through a custom It might prove useful for certain skapps to be accessible through a custom subdomain. So instead of being accessed through `https://portal.com/[skylink]`, it would be accessible through `https://[skylink_base32].portal.com`. We call this "subdomain access" and it is made possible by encoding Skylinks using a base32 encoding. We have to use a base32 encoding scheme because subdomains have to be all lower case and the base64 encoded Skylink is case sensitive and thus might contain uppercase characters.
subdomain. So instead of being accessed through `https://portal/[skylink]`, it
would be accessible through `https://[skylink_base32].portal`. We call this
subdomains and it is made possible by encoding Skylinks using a base32 encoding.
We have to use a base32 encoding scheme because subdomains have to be all lower
case and the base64 encoded Skylink is case sensitive and thus might contain
uppercase characters.
You can convert Skylinks using this [converter You can convert Skylinks using this [converter skapp](https://convert-skylink.hns.siasky.net). To see how the encoding and decoding works, please follow the link to the repo in the application itself.
skapp](https://siasky.net/hns/convert-skylink/), to
see how the encoding and decoding works, please follow the link to the repo in There is also an option to access handshake domain through the subdomain using `https://[domain_name].hns.portal.com`.
the application itself.
To configure this on your portal, you have to make sure to configure the following: To configure this on your portal, you have to make sure to configure the following:
@ -113,44 +106,68 @@ achieved using Caddy.
``` ```
(siasky.net) { (siasky.net) {
siasky.net, *.siasky.net { siasky.net, *.siasky.net, *.hns.siasky.net {
tls { ...
}
}
``` ```
(see `../docker/caddy/Caddyfile`) (see [docker/caddy/Caddyfile](../docker/Caddy/Caddyfile))
### Nginx configuration ### Nginx configuration
In Nginx two things need to happen: In Nginx two things need to happen:
- parse the subdomain from the url #### Match the specific parts of the uri
- proxy_pass the request to the appropriate location
Siad is able to make the conversion and treat this as a regular Skylink.
``` ```
# parse subdomain (a base32 encoded Skylink) into custom variable # understand the regex https://regex101.com/r/BGQvi6/6
server_name "~^([a-z0-9]{55})\..*$"; server_name "~^(((?<base32_subdomain>([a-z0-9]{55}))|(?<hns_domain>[^\.]+)\.hns)\.)?((?<portal_domain>[^.]+)\.)?(?<domain>[^.]+)\.(?<tld>[^.]+)$";
set $subdomain $1;
...
location / {
...
error_page 418 = @subdomain;
recursive_error_pages on;
if ($subdomain != "") {
return 418;
}
...
}
...
location @subdomain {
...
}
``` ```
(see `../docker/nginx/nginx.conf`) #### Redirect the requests to the appropriate location
First you need to redirect the requests based on the regex above matching either `base32_subdomain` or `hns_domain`.
```
location / {
# This is the only safe workaround to reroute based on some conditions
# See https://www.nginx.com/resources/wiki/start/topics/depth/ifisevil/
recursive_error_pages on;
# redirect links with base32 encoded skylink in subdomain
error_page 418 = @base32_subdomain;
if ($base32_subdomain != "") {
return 418;
}
# redirect links with handshake domain on hns subdomain
error_page 419 = @hns_domain;
if ($hns_domain != "") {
return 419;
}
...
}
```
Define locations for `@base32_subdomain` and `@hns_domain` redirects.
```
location @base32_subdomain {
include /etc/nginx/conf.d/include/proxy-buffer;
proxy_pass http://127.0.0.1/$base32_subdomain/$request_uri;
}
location @hns_domain {
include /etc/nginx/conf.d/include/proxy-buffer;
proxy_pass http://127.0.0.1/hns/$hns_domain/$request_uri;
}
```
(see [docker/nginx/nginx.conf](../docker/nginx/nginx.conf))
## Useful Commands ## Useful Commands