Dynamic Subdomains

I finally decided to try Fly recently after getting frustrated with Heroku’s lack of innovation. After deploying a few apps, I’m sold!

Currently I’m working up a plan for migrating our larger Heroku apps and was looking for some advice on one of them.

It’s a Rails app, and we allow users to bring their own domain or subdomain. On their end, they need to setup a CNAME record pointing at dns.myapp.com, and on our backend they tell us what domain they are using. I have is a simple Caddy app running on Digital Ocean which sets up a reverse proxy to my herokuapp.com URL and will issue SSL certs on-demand.

On the Rails app side, I have a matcher which looks at the request.host and routes the request if a custom domain is being used.

How would I go about replicating this on Fly?

If I deploy the app, would I just change my reverse proxy on the Caddy server to point at my fly.dev URL? Or is there a way I can do this without needing Caddy at all?

Any advice appreciated!

1 Like

Unless I’m misunderstanding what you are trying to do, the following should do the trick: How to do Custom Domains with Fly · Fly

I think that gets me some of the way, main differences being:

  1. Currently my users are setting up CNAME records vs. the A/AAAA records.
  2. I’m not actually doing anything to generate the certificates - Caddy does this automatically on the first request.

On the first one, I’d rather not ask everyone to update their DNS - at the very least it slows the migration down. Would love to avoid this if at all possible.

On the second point, it seems like if I wanted to do this on Fly, when the user enters the custom domain, seems like I would need to make a GraphQL request to generate the certificate.

Hi @ckorhonen

The same setup you had in heroku should work on fly.io.

If you want to go one step further, you can have the caddy server running on fly.io as well. You can configure the fly proxy to only handle the tcp layer by removing the tls and http handlers from the services config in the fly.toml file.

  1. While I personally haven’t used CNAMEs, Let’s Encrypt claims they work just fine with them: Onboarding Your Customers with Let's Encrypt and ACME - Let's Encrypt

  2. You should be able to issue the certificate using flyctl instead of GraphQL. You can set up your Dockerfile to copy the binary from Docker Hub, and if you run fly secrets set FLY_API_TOKEN=$(fly auth token).