Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Many users have trouble figuring out which ingress hosts need to be proxied #7

Open
regisb opened this issue Mar 13, 2023 · 0 comments
Open

Many users have trouble figuring out which ingress hosts need to be proxied #7

regisb opened this issue Mar 13, 2023 · 0 comments
Labels
enhancement Relates to new features or improvements to existing features help wanted Ready to be picked up by anyone in the community

Comments

@regisb
Copy link
Contributor

regisb commented Mar 13, 2023
edited
Loading

I investigated this issue after seeing these forum topics:
https://discuss.openedx.org/t/payment-mfe-returns-404/9547
https://discuss.openedx.org/t/error-when-export-course-and-suggested-ingress-setting/9565

All Tutor users need to configure DNS records to access their Open edX platform in production. In addition, many users need to run a web proxy in front of Caddy -- which is a totally legitimate use case.

But for these users, it's often difficult to figure out which hostnames need to be proxied. Sometimes, they forget to configure DNS records or SSL certificates for one or more subdomains. It's often a trial and error process, as we can see in the forum topics above. This problem is compounded by the fact that additional plugins require extra subdomain records.

Sure, some users can just add a CNAME *.<LMS HOST>. DNS record. But this is not an option for many users who may not have direct access to their DNS configuration (institutional users for instance).

We can help users by printing the hosts from the Caddy configuration. This can be achieved by parsing the Caddy configuration as json (see caddy adapt):

$ tutor local run -v $(pwd):/tmp/config caddy sh -c "caddy adapt --config /etc/caddy/Caddyfile > /tmp/config/caddy.json"
$ cat caddy.json | jq ".apps.http.servers.srv0.routes[].match[].host[]"

For instance, when both the mfe and minio plugins are enabled on a local platform, the commands above print the following output:

"local.overhang.io"
"preview.local.overhang.io"
"studio.local.overhang.io"
"files.local.overhang.io"
"minio.local.overhang.io"
"apps.local.overhang.io"

We could probably wrap these commands in a Tutor do command. For instance:

$ tutor local do print-hostnames

Optionally, we could verify IP records and/or SSL configuration with:

$ tutor local do print-hostnames --check --check-ssl

(IP can be obtained with python's socket.gethostbyname.)

To run these checks we will probably have to build and push a new custom image that bundles both caddy and python. Thus it probably makes sense to add these features to a new plugin. It could be added to the "contrib" index if it is maintained by a 3rd party.
@regisb regisb added enhancement Relates to new features or improvements to existing features help wanted Ready to be picked up by anyone in the community labels Mar 13, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement Relates to new features or improvements to existing features help wanted Ready to be picked up by anyone in the community
Projects
DevOps Working Group
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
1 participant
@regisb