Domain Configuration
Required Config
The following must be configured:
- Environment Variables
- Helm
- DNS
- CORS
Env Variables
The following URLs are required to have the Fully Qualified Domain Name.
e.g. This should include the http and ending slash, e.g. https://localhost:8085/
URL_BASE
WALRUS_SERVICE_URL_BASE
WEBHOOKS_URL_BASE
For example
URL_BASE = https://diffgram.your_domain.com/
WALRUS_SERVICE_URL_BASE = https://diffgram.your_domain.com/
WEBHOOKS_URL_BASE = https://diffgram.your_domain.com/
Helm
Must set the diffgramDomain e.g.
diffgramDomain = diffgram.your_domain.com
DNS Config
The domain name must have A records configured to point at your IP.
| Host | Type | TTL | Data |
|---|---|---|---|
| < enter your domain > | A | 360 | < enter your IP > |
For example:
| Host | Type | TTL | Data |
|---|---|---|---|
| diffgram.your_domain.com | A | 360 | 75.2.111.111 |
TLS Ingress Config
In helm ingress.yaml, an Ingress is defined. In the spec, TLS hosts and rules are defined.
By default Diffgram uses cert-manager.io/issuer and issuer-local which then becomes letsencrypt. In this context, so long as a diffgramDomain is defined, then it will automatically generate the certificate and no additional work should be required for default installs.
Check TLS is ready
Run kubectl get certificates -n diffgram-production (with your correct namespace)
If the TLS is not ready then check the cert-manager logs, e.g.
kubectl logs cert-manager-pod-name-replace-your-podname
(replacing the cert-manager-pod-name-replace-your-podname with the correct pod name.)
Enable additional domains (rabbitmq)
If you want to use an additional domain, such as www. or enable the UI for secondary services, like rabbitmq, then you will need to add those hosts to the hosts spec.
Note that any hosts defined here that are not set up correctly in your DNS will cause cert-manager/controller/challenges "msg"="propagation check failed" "error"="failed to perform self check. If you see solver items in the ingress view or have these errors, then check that that the host defined here aligns with your DNS, and there are no additional hosts listed that are missing from your DNS.
Example adding Rabbit UI
CORs
Add your Diffgram domain as an allowed origin in your Storage bucket.
This will prevent CORS issues when loading certain files.
See Fix: CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Updated over 1 year ago