I have a multi-tenant web app where each tenant has their own subdomain -- tenant.thing.co.uk.
Can I set up two Azure Web Apps on different subdomains and move the tenant to a sub-sub domain like this:
tenant.app1.thing.co.uk and
tenant.app2.thing.co.uk?
In the Azure Web App under Custom domains I can enter *.app1.thing.co.uk and add TXT and CNAME records to my DNS to get the validation to pass: there is one TXT record and two CNAME records:
| Name | Data |
| -----| -------------- |
| app1 | thing-app.azurewebites.net |
| app2 | thing-app2.azurewebsites.net |
But it doesn't work! (Firefox says: Server not found.)
However, if I add one CNAME for *.thing.co.uk and add *.app1.thing.co.uk to one Azure Web App (and delete the other Azure Web App) then the website appears and the tenant subdomains work.
So: what's going wrong with two apps?
Add an A Record for each subdomain pointing to the IP address of each App Service.
The answer appears to be:
In DNS:
add a TXT record with name asuid.subdomain for each subdomain, and
add a CNAME record with name *.subdomain and value the azure web app domain name.
In Custom domains for the Azure web app:
add a custom domain *.subdomain.domain.tld, and
add a custom domain subdomain.domain.tld.
So the fix for me was to add two -- not one -- custom domains in the Azure website.
Related
I am working on adding Google reCAPTCHA v3 to FreeToastHost, a free forms & template based website generator/content management system specifically made for use by Toastmasters public speaking clubs around the world.
One challenge I have in implementing this is that in addition to our use of a root domain and subdomains for accessing each club's website, we also support each club purchasing their own "custom website domain" through a registrar which they they tie to our server's IP address via their DNS settings.
We do require that each club save these "custom domain names" in the system (gets stored in our db) so we can still generate their website by looking up their custom domain in our db to fetch their content. At this point we have about 80 clubs of the 12000+ using the system that also have custom domains.
I will not know these custom domains in advance, so I have had to just register our root domain for Google reCAPTCHA v3, shut off the domain checking setting because of the custom domains, and resolve to do our own domain checking.
I would prefer that Google do the domain checking, but without an API to add domains programmatically / dynamically and with their 50 domain limit per key-pair, I am just not sure what else to do other than doing our own domain checking.
Anyone have any fresh ideas on this?
I have an IoT Enterprise button that (when pressed) triggers a Lambda function. The Lambda function sends an API "put" request to my Philips HUE bridge, which turns on (or off) my Living Room lights.
That much is 100% done. Life is good.
My question:
Is there a specific AWS service that is used to "send" the API request?
I'm assuming that the AWS Lambda service performs this action. But maybe not...
I need to create a firewall rule that (only) allows "Lambda servers" to pass-through my firewall.
If the destination IP = my WAN IP.
If the destination port = ##.
I found the following resource, that explains how to list all IPs owned by AWS.
https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html
Here is a quote from the reference guide:
service
The subset of IP address ranges. The addresses listed for API_GATEWAY are egress only.
Specify AMAZON to get all IP address ranges (meaning that every subset is also
in the AMAZON subset). However, some IP address ranges are only in the AMAZON subset
(meaning that they are not also available in another subset).
Type: String
Valid values:
AMAZON | AMAZON_CONNECT | API_GATEWAY | CLOUD9 | CLOUDFRONT |
CODEBUILD | DYNAMODB | EC2 | EC2_INSTANCE_CONNECT | GLOBALACCELERATOR |
ROUTE53 | ROUTE53_HEALTHCHECKS | S3 | WORKSPACES_GATEWAYS
As you can see, "Labda" isn't a valid (service) string value. I suppose I could allow any IP from the "us-east-1" AWS region. However this is (still) too permissive for my liking. (225 subnets) By comparison, if you specify "EC2" as the service, that narrows the list down to 82 subnets.
Thanks (in advance) for your helpful insight!
If you want to limit to a specific set of IPs (outside the AWS Public Zone) you will need to run your Lambda inside your VPC in a private subnet and then assign a NAT Gateway with an EIP.
See more: https://aws.amazon.com/premiumsupport/knowledge-center/internet-access-lambda-function/
I'm a surge.sh plus customer, with a custom domain, let's say
http://bobswidgets.com
However, Bob has asked me to set up a subdomain for his new bespoke service. He wants custom.bobswidgets.com
But I can't figure out how to do this... and whether it's part of the surge plus package I have, or if I need to set this up separately.
I understand from the team at surge.sh that there are many ways to do this, but here's how I did it.
I'm assuming you already (as I did) have a site, with a custom domain, setup & running on surge.sh
First, you need to add a CNAME record to your DNS entry. In my case it's custom.bobswidgets.com and it should point to surge's domain na-west1.surge.sh
Now you can deploy the content for your subdomain directly with surge using surge /path/to/project -d http://custom.bobswidgets.com
Or you can include a CNAME file at the root of your content director, with the contents (It doesn't have an extension or anything)
custom.bobswidgets.com
Then use surge /path/to/project from your terminal
Essentially, it's exactly the same as the instructions for a normal custom domain - as https://surge.sh/help/adding-a-custom-domain - but using the details for your subdomain.
I have 2 distinct instances on Google Compute Engine.
On the first (lets name it instance1) I have hosted a website (with domain name instance1domain.com linked to it and static IP) and everything is working great.
On the second instance I have a web app that I want to be a subdomain of the site on the first instance (like app.instance1domain.com).
Both my instances are on the same zone with internal IP's from the same subnetwork (in Google Compute Engine).
How ca I map the second instance in Google Cloud DNS in such way that it becomes a subdomain for the site hosted on the first instance ?
Just create the A record for the second instance with the name app.instance1domain.com and use the IP address of the second GCE instance.
While some extra DNS records are needed if you want to make a second DNS managed zone into a delegated subdomain of the first, you don't need to do that to create a subdomain entry in the same DNS managed zone.
So a single managed zone can have entries for all of the following:
example.com
xyz.example.com
abc.xyz.example.com
abc.def.example.com
In the fourth case, you don't need to create an entry for def.example.com in order to have abc.def.example.com; creating the subdomain abc.def.example.com implicitly creates def.example.com as what is called an “empty non-terminal.”
Note that you cannot create a domain name that is not a subdomain of the zone's domain, so for example, it is not possible to create another-example.com in this zone; you must place it in its own zone.
Deploying a grails app to cloudfoundry was quite easy. Now I would like to push another app to cloudfoundry. However, the 2nd app create tables in the exact same database as my first app. I understand it will run side by side, however, I do want to treat them as separate entity and would like to run the two apps in two database. Please tell me how it can be done so.
I'm not sure what method/plugin/CLI tools you are using for deployment to Cloud Foundry, but if you're using the Cloud Foundry Integration plugin, this may help.
I was able to deploy 2 separate apps bound to 2 different instances of MySQL services. The key info here is the "binding" of the services to your deployed app. It's possible that you've bound both your apps to one service. If you're using the CFI plugin, issue a cf-apps and it will list your apps and what services they are bound to
+-------------+----+---------+--------------------------+--------------------+
| Application | # | Health | URLs | Services |
+-------------+----+---------+--------------------------+--------------------+
| app1 | 1 | RUNNING | app1.cloudfoundry.com | mysql-3xxxxxx |
+-------------+----+---------+--------------------------+--------------------+
| app2 | 1 | RUNNING | app2.cloudfoundry.com | mysql-exxxxxx |
+-------------+----+---------+--------------------------+--------------------+
If your apps are indeed bound to the same service, just do the following with the CFI plugin
remove the incorrectly bound app
issue a cf-create-service service-you-want
take note of the service name of the newly created app
re-deploy your second app and bind to the new service you just created
grails prod cf-push --services=your-new-service-name-xxxx
NOTE: when you deploy, the CLI tool may ask you to optionally bind to the other service (the first app's service), which you don't want, so you'll need to answer appropriately. I'm not sure why it does that even when you've explicitly passed in the --services argument with the service you want.
Anyway, it's all in the docs and if you're not using the CFI plugin - IMHO you should - it's pretty awesome plugin.