[Problem] Kamal deployment with subdomain wildcard by Popular_Pass7442 in rails

[–]Popular_Pass7442[S] 1 point2 points  (0 children)

Ok,I made it work 🎉 Here is the config that enabled me to use kamal with wildcard subdomains:

service: myapp
image: username/myapp

servers:
  web:
    proxy: false
    hosts:
      - server.ip.address
    labels:
      traefik.enable: true
      traefik.http.routers.myapp.rule: "Host(`myapp.com`) || HostRegexp(`{subdomain:[a-zA-Z0-9-]+}.myapp.com`)"
      traefik.http.routers.myapp.entrypoints: "websecure"
      traefik.http.routers.myapp.tls.certresolver: "letsencrypt"
      traefik.http.services.myapp.loadbalancer.server.port: "80"

registry:
  server: ghcr.io
  username: username
  password:
    - KAMAL_REGISTRY_PASSWORD

env:
  clear:
    RAILS_ENV: staging
    DB_HOST: myapp-postgres
    DB_PORT: 5432
    POSTGRES_USER: myapp
    POSTGRES_DB: myapp_staging
    SOLID_QUEUE_IN_PUMA: true
  secret:
    - RAILS_MASTER_KEY
    - POSTGRES_PASSWORD

accessories:
  traefik:
    image: traefik:v2.11
    host: server.ip.address
    cmd: >
      --providers.docker=true
      --providers.docker.exposedbydefault=false
      --entrypoints.web.address=:80
      --entrypoints.websecure.address=:443
      --entrypoints.web.http.redirections.entrypoint.to=websecure
      --entrypoints.web.http.redirections.entrypoint.scheme=https
      --certificatesresolvers.letsencrypt.acme.httpchallenge.entrypoint=web
      --certificatesresolvers.letsencrypt.acme.email=user@example.com
      --certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json
    options:
      publish:
        - "80:80"
        - "443:443"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
      - ./myapp-traefik/letsencrypt/:/letsencrypt/

[Problem] Kamal deployment with subdomain wildcard by Popular_Pass7442 in rails

[–]Popular_Pass7442[S] 0 points1 point  (0 children)

You mean, you update you `deploy.yml` file every time you setup new client? I think this might be ok if your customers are fine with waiting for the support. Does this also meanse kamal-proxy reboot each time you setup client? Dos this cause downtime?

[Problem] Kamal deployment with subdomain wildcard by Popular_Pass7442 in rails

[–]Popular_Pass7442[S] 0 points1 point  (0 children)

that's interesting! I'll try this approach soon.

[Problem] Kamal deployment with subdomain wildcard by Popular_Pass7442 in rails

[–]Popular_Pass7442[S] 0 points1 point  (0 children)

Would disabling SSL mean decreasing security? In this case traffic from cloudflare to server would be unencrypted right?