I just followed the procedure to map a single domain to my custom domain:
mydomain.com in ORGS myapp.mydomain.com in SPACES myapp.scapp.io and myapp.mydomain.com in SPACESmydomain.com with the name myapp and target mapapp.scapp.io (I'm using amazon route 53)The mapping works, I can access myapp with myapp.mydomain.com, but the address still shows myapp.scapp.io
How can I make the mapping transparent and display myapp.mydomain.com in the address bar ?
@UPDATE The issue was coming from my meteor application that did not properly force requests to https. I was using the force-ssl package, but as said in the README:
Meteor bundles (i.e. meteor build) do not include an HTTPS server or certificate. A proxy server that terminates SSL in front of a Meteor bundle must set the x-forwarded-proto or forwarded (RFC 7239) header for this package to work.
Therefore I am using a staticfile application with a custom nginx.conf.
I created a staticfile application using the staticfile-buildpack, add my private domains to the routes in the manifest.yml, and set the env variable FORCE_HTTPS to true:
applications:
- name: my-nginx
memory: 128M
instances: 1
buildpack: https://github.com/cloudfoundry/staticfile-buildpack.git
routes:
- route: 'app1.mydomain.com'
- route: 'app2.mydomain.com'
- route: 'app1.subdomain.mydomain.com'
- route: 'app2.subdomain.mydomain.com'
- route: 'app3.mydomain.com'
env:
FORCE_HTTPS: true
The next step was to create the custom nginx.conf with a server{...} block for each of my private domains, with a proxy_pass on the corresponding scapp.io domain (here with two private domains):
worker_processes 1;
daemon off;
error_log <%= ENV["APP_ROOT"] %>/nginx/logs/error.log;
events { worker_connections 1024; }
http {
charset utf-8;
log_format cloudfoundry '$http_x_forwarded_for - $http_referer - [$time_local] "$request" $status $body_bytes_sent';
access_log <%= ENV["APP_ROOT"] %>/nginx/logs/access.log cloudfoundry;
default_type application/octet-stream;
include mime.types;
sendfile on;
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gunzip on;
gzip_static always;
gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/xml+rss;
gzip_vary on;
tcp_nopush on;
keepalive_timeout 30;
port_in_redirect off; # Ensure that redirects don't include the internal container PORT - <%= ENV["PORT"] %>
server_tokens off;
server {
listen <%= ENV["PORT"] %>;
server_name app1.mydomain.com;
# Redirects to https if the environment variable "FORCE_HTTPS" is set to true
<% if ENV["FORCE_HTTPS"] %>
if ($http_x_forwarded_proto != "https") {
return 301 https://$host$request_uri;
}
<% end %>
location / {
proxy_pass https://app1.scapp.io/;
}
}
server {
listen <%= ENV["PORT"] %>;
server_name app2.mydomain.com;
<% if ENV["FORCE_HTTPS"] %>
if ($http_x_forwarded_proto != "https") {
return 301 https://$host$request_uri;
}
<% end %>
location / {
proxy_pass http://app2.scapp.io/;
}
}
}
The next steps are the usual ones:
mydomain.com in the right ORG and each of my private routes in the correct SPACE. mydomain.com with the name * and target my-nginx.scapp.io (the scapp.io route automatically assigned by swisscom for my staticfile application).Lastly, I pushed the application with cf push and it works like a charm !