Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: document webapp configuration for multi-ingress environments #3569

Merged
merged 4 commits into from
Sep 7, 2023
Merged

doc: document webapp configuration for multi-ingress environments #3569

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b18fc66
doc: Add documentation about webapp config for multi-ingress envs
atomrc Sep 7, 2023
e9fba92
Apply suggestions from code review
atomrc Sep 7, 2023
b7a85db
doc: Add explanation on the webapp's config architecture
atomrc Sep 7, 2023
c7274ff
Update docs/src/developer/reference/config-options.md
atomrc Sep 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
43 changes: 42 additions & 1 deletion docs/src/developer/reference/config-options.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -764,4 +764,45 @@ Example:
multiIngress:
red.example.com: https://accounts.red.example.com/conversation-join/
green.example.com: https://accounts.green.example.net/conversation-join/
```
```

### Webapp

The webapp runs its own web server (a NodeJS server) to serve static files and the webapp config (based on environment variables).
In a multi-ingress configuration, a single webapp instance will be deployed and be accessible from multiple domains (say `webapp.red.example.com` and `webapp.green.example.com`).
When the webapp is loaded from one of those domains it first does a request to the web server to get the config (that will give it, for example, the backend endpoint that it should hit).

Because of the single instance nature of the webapp, by default the configuration is static and the root url to the backend API can be set there (say `nginz-https.root.example.com`).
In order to completely hide this root domain to the webapp, an environment variable can be set to allow the webapp hostname to be used to generate the API endpoint, team settings links, account page links and CSP headers.

The "hostname" is the result of the domain name minus the `webapp.` part of it.
So querying the webapp on `webapp.red.example.com` will resolve to `red.example.com`.

To enable dynamic hostname replacement, first set this variable:

```
ENABLE_DYNAMIC_HOSTNAME="true"
```

Then, any other variable that will contain the string `[[hostname]]` will be replaced by the hostname of the running webapp. (eg. if a webapp is running on `webapp.red.example.com` then any occurrence of `[[hostname]]` in the config will be replaced by `red.example.com`).

You may use the template variable `[[hostname]]` in any environment variable to not provide (reveal) actual domain names.

For example:

```
APP_BASE: https://[[hostname]]
BACKEND_REST: https://nginz-https.[[hostname]]
BACKEND_WS: wss://nginz-ssl.[[hostname]]
CSP_EXTRA_CONNECT_SRC: https://*.[[hostname]], wss://*.[[hostname]]
CSP_EXTRA_DEFAULT_SRC: https://*.[[hostname]]
CSP_EXTRA_FONT_SRC: https://*.[[hostname]]
CSP_EXTRA_FRAME_SRC: https://*.[[hostname]]
CSP_EXTRA_IMG_SRC: https://*.[[hostname]]
CSP_EXTRA_MANIFEST_SRC: https://*.[[hostname]]
CSP_EXTRA_MEDIA_SRC: https://*.[[hostname]]
CSP_EXTRA_PREFETCH_SRC: https://*.[[hostname]]
CSP_EXTRA_SCRIPT_SRC: https://*.[[hostname]]
CSP_EXTRA_STYLE_SRC: https://*.[[hostname]]
CSP_EXTRA_WORKER_SRC: https://*.[[hostname]]
```
Loading