From 4be590eaa292e05363b9001a1697395bfe0a0d6b Mon Sep 17 00:00:00 2001 From: AnouckColson Date: Mon, 7 Aug 2023 15:44:23 +0200 Subject: [PATCH 1/5] Hardcode service examples to enhance security --- docs/src/add-services/elasticsearch.md | 21 ++++++++++++++++++++- docs/src/add-services/headless-chrome.md | 14 +++++++++++++- docs/src/add-services/influxdb.md | 4 ++-- docs/src/add-services/kafka.md | 14 +++++++++++++- docs/src/add-services/memcached.md | 14 +++++++++++++- docs/src/add-services/mongodb.md | 20 +++++++++++++++++++- docs/src/add-services/opensearch.md | 21 ++++++++++++++++++++- docs/src/add-services/postgresql.md | 23 ++++++++++++++++++++++- docs/src/add-services/rabbitmq.md | 21 ++++++++++++++++++++- docs/src/add-services/redis.md | 21 ++++++++++++++++++++- docs/src/add-services/solr.md | 21 ++++++++++++++++++++- docs/src/add-services/vault.md | 23 ++++++++++++++++++++++- 12 files changed, 204 insertions(+), 13 deletions(-) diff --git a/docs/src/add-services/elasticsearch.md b/docs/src/add-services/elasticsearch.md index c1bdacb10f..61388e1776 100644 --- a/docs/src/add-services/elasticsearch.md +++ b/docs/src/add-services/elasticsearch.md @@ -54,7 +54,26 @@ To do so, follow the same procedure as for [upgrading](#upgrading). {{% service-values-change %}} -{{< relationship "elasticsearch" >}} +```yaml +{ + "username": null, + "scheme": "http", + "service": "elasticsearch77", + "fragment": null, + "ip": "169.254.169.232", + "hostname": "jmgjydr275pkj5v7prdj2asgxm.elasticsearch77.service._.eu-3.platformsh.site", + "port": 9200, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "elasticsearch.internal", + "rel": "elasticsearch", + "path": null, + "query": [], + "password": null, + "type": "elasticsearch:7.7", + "public": false, + "host_mapped": false +} +``` For [premium versions](#supported-versions), the service type is `elasticsearch-enterprise`. diff --git a/docs/src/add-services/headless-chrome.md b/docs/src/add-services/headless-chrome.md index 53692813ed..c5fb698e85 100644 --- a/docs/src/add-services/headless-chrome.md +++ b/docs/src/add-services/headless-chrome.md @@ -23,7 +23,19 @@ Puppeteer can be used to generate PDFs and screenshots of web pages, automate fo {{% service-values-change %}} -{{< relationship "headlesschrome" >}} +```yaml +{ + "service": "headlesschrome", + "ip": "169.254.91.5", + "hostname": "gvbo7vktgmou2mplnzt4b54hgi.headlesschrome.service._.eu-3.platformsh.site", + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "headlesschrome.internal", + "rel": "http", + "scheme": "http", + "type": "chrome-headless:73", + "port": 9222 +} +``` ## Requirements diff --git a/docs/src/add-services/influxdb.md b/docs/src/add-services/influxdb.md index 4dbd52b457..92ec5e8891 100644 --- a/docs/src/add-services/influxdb.md +++ b/docs/src/add-services/influxdb.md @@ -47,7 +47,7 @@ See more information on [how to upgrade to version 2.3 or later](#upgrade-to-ver "rel": "influxdb", "scheme": "http", "username": "admin", - "password": "84c601e8b92060c6126a6d3163227ce19e32934a45e19b7cbc0571c2fe9fd347", + "password": null, "port": 8086, "path": null, "query": { @@ -139,7 +139,7 @@ If you're relying on any other attributes connecting to InfluxDB, they remain ac "rel": "influxdb", "scheme": "http", "username": "admin", - "password": "84c601e8b92060c6126a6d3163227ce19e32934a45e19b7cbc0571c2fe9fd347", + "password": null, "port": 8086, "path": null, "query": { diff --git a/docs/src/add-services/kafka.md b/docs/src/add-services/kafka.md index c318f1ff0a..542119cf19 100644 --- a/docs/src/add-services/kafka.md +++ b/docs/src/add-services/kafka.md @@ -22,7 +22,19 @@ It is a framework for storing, reading and analyzing streaming data. See the [Ka {{% service-values-change %}} -{{< relationship "kafka" >}} +```yaml +{ + "service": "kafka25", + "ip": "169.254.27.10", + "hostname": "t7lv3t3ttyh3vyrzgqguj5upwy.kafka25.service._.eu-3.platformsh.site", + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "kafka.internal", + "rel": "kafka", + "scheme": "kafka", + "type": "kafka:2.5", + "port": 9092 +} +``` ## Usage example diff --git a/docs/src/add-services/memcached.md b/docs/src/add-services/memcached.md index 4c649ba89b..4a70505626 100644 --- a/docs/src/add-services/memcached.md +++ b/docs/src/add-services/memcached.md @@ -30,7 +30,19 @@ Both Memcached and Redis can be used for application caching. As a general rule, {{% service-values-change %}} -{{< relationship "memcached" >}} +```yaml +{ + "service": "memcached16", + "ip": "169.254.228.111", + "hostname": "3sdm72jgaxge2b6aunxdlzxyea.memcached16.service._.eu-3.platformsh.site", + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "memcached.internal", + "rel": "memcached", + "scheme": "memcached", + "type": "memcached:1.6", + "port": 11211 +} +``` ## Usage example diff --git a/docs/src/add-services/mongodb.md b/docs/src/add-services/mongodb.md index 62801b9d35..04c2982ea0 100644 --- a/docs/src/add-services/mongodb.md +++ b/docs/src/add-services/mongodb.md @@ -57,7 +57,25 @@ If you want to experiment with a later version without committing to it use a no {{% service-values-change %}} -{{< relationship "mongodb" >}} +```yaml +{ + "username": "main", + "scheme": "mongodb", + "service": "mongodb36", + "ip": "169.254.150.147", + "hostname": "blbczy5frqpkt2sfkj2w3zk72q.mongodb36.service._.eu-3.platformsh.site", + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "mongodb.internal", + "rel": "mongodb", + "query": { + "is_master": true + }, + "path": "main", + "password": null, + "type": "mongodb:3.6", + "port": 27017 +} +``` ## Usage example diff --git a/docs/src/add-services/opensearch.md b/docs/src/add-services/opensearch.md index 3015ed3359..f60476a98d 100644 --- a/docs/src/add-services/opensearch.md +++ b/docs/src/add-services/opensearch.md @@ -28,7 +28,26 @@ The latest compatible minor version and patches are applied automatically. {{% service-values-change %}} -{{< relationship "opensearch" >}} +```yaml +{ + "username": null, + "scheme": "http", + "service": "opensearch12", + "fragment": null, + "ip": "169.254.99.100", + "hostname": "2e36wpnescmc5ffcddczsnhnai.opensearch12.service._.eu-3.platformsh.site", + "port": 9200, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "opensearch.internal", + "rel": "opensearch", + "path": null, + "query": [], + "password": null, + "type": "opensearch:1.2", + "public": false, + "host_mapped": false +} +``` ## Usage example diff --git a/docs/src/add-services/postgresql.md b/docs/src/add-services/postgresql.md index 9d211ae2b5..16286b401e 100644 --- a/docs/src/add-services/postgresql.md +++ b/docs/src/add-services/postgresql.md @@ -43,7 +43,28 @@ For more details, see how to [upgrade to PostgreSQL 12 with `postgis`](#upgrade- {{% service-values-change %}} -{{< relationship "postgresql" >}} +```yaml +{ + "username": "main", + "scheme": "pgsql", + "service": "postgresql12", + "fragment": null, + "ip": "169.254.38.66", + "hostname": "zydalrxgkhif2czr3xqth3qkue.postgresql12.service._.eu-3.platformsh.site", + "port": 5432, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "postgresql.internal", + "rel": "postgresql", + "path": "main", + "query": { + "is_master": true + }, + "password": null, + "type": "postgresql:12", + "public": false, + "host_mapped": false +} +``` ## Usage example diff --git a/docs/src/add-services/rabbitmq.md b/docs/src/add-services/rabbitmq.md index 57d192eaeb..1a82a7e38b 100644 --- a/docs/src/add-services/rabbitmq.md +++ b/docs/src/add-services/rabbitmq.md @@ -144,4 +144,23 @@ rabbitmq: {{% service-values-change %}} -{{< relationship "rabbitmq" >}} +```yaml +{ + "username": "guest", + "scheme": "amqp", + "service": "rabbitmq38", + "fragment": null, + "ip": "169.254.57.5", + "hostname": "iwrccysk3gpam2zdlwdr5fgs2y.rabbitmq38.service._.eu-3.platformsh.site", + "port": 5672, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "rabbitmq.internal", + "rel": "rabbitmq", + "path": null, + "query": [], + "password": null, + "type": "rabbitmq:3.8", + "public": false, + "host_mapped": false +} +``` diff --git a/docs/src/add-services/redis.md b/docs/src/add-services/redis.md index 8da4666aca..3e141417d4 100644 --- a/docs/src/add-services/redis.md +++ b/docs/src/add-services/redis.md @@ -180,7 +180,26 @@ const value = await client.get('x'); // returns 42 {{% service-values-change %}} -{{< relationship "redis" >}} +```yaml +{ + "username": null, + "scheme": "redis", + "service": "redis6", + "fragment": null, + "ip": "169.254.22.75", + "hostname": "7mnenhdiz7ecraovljrba6pmiy.redis6.service._.eu-3.platformsh.site", + "port": 6379, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "redis.internal", + "rel": "redis", + "path": null, + "query": [], + "password": null, + "type": "redis:6.0", + "public": false, + "host_mapped": false +} +``` The format of the relationship is identical whether your Redis service is [ephemeral](#ephemeral-redis) or [persistent](#persistent-redis). diff --git a/docs/src/add-services/solr.md b/docs/src/add-services/solr.md index 8790d992bf..4bbda46bb4 100644 --- a/docs/src/add-services/solr.md +++ b/docs/src/add-services/solr.md @@ -35,7 +35,26 @@ Solr search with generic schemas provided, and a custom schema is also supported {{% service-values-change %}} -{{< relationship "solr" >}} +```yaml +{ + "username": null, + "scheme": "solr", + "service": "solr86", + "fragment": null, + "ip": "169.254.68.119", + "hostname": "csjsvtdhmjrdre2uaoeim22xjy.solr86.service._.eu-3.platformsh.site", + "port": 8080, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "solr.internal", + "rel": "solr", + "path": "solr\/maincore", + "query": [], + "password": null, + "type": "solr:8.6", + "public": false, + "host_mapped": false +} +``` ## Usage example diff --git a/docs/src/add-services/vault.md b/docs/src/add-services/vault.md index 6ddbab3e0e..91f6abc65b 100644 --- a/docs/src/add-services/vault.md +++ b/docs/src/add-services/vault.md @@ -253,7 +253,28 @@ In the JSON object that's returned, you can notice that the `ciphertext` is diff {{% service-values-change %}} -{{< relationship "vault-kms" >}} +```yaml +{ + "username": "", + "scheme": "http", + "service": "vault-kms", + "fragment": "", + "ip": "169.254.196.95", + "hostname": "ckmpv2fz7jtdmpkmrun7yfgut4.vault-kms.service._.eu-3.platformsh.site", + "port": 8200, + "cluster": "rjify4yjcwxaa-master-7rqtwti", + "host": "vault-kms.internal", + "rel": "sign", + "path": "\/", + "query": { + "is_master": true + }, + "password": null, + "type": "vault-kms:1.6", + "public": false, + "host_mapped": false +} +``` ## Policies From c55458cf618a0fe88cbccee753ec81eac61d2270 Mon Sep 17 00:00:00 2001 From: AnouckColson Date: Tue, 22 Aug 2023 13:49:34 +0200 Subject: [PATCH 2/5] Add clarification about geographic isolation on backups page --- sites/platform/src/environments/backup.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sites/platform/src/environments/backup.md b/sites/platform/src/environments/backup.md index c8db42c207..95ebe2ccf0 100644 --- a/sites/platform/src/environments/backup.md +++ b/sites/platform/src/environments/backup.md @@ -182,5 +182,6 @@ They don't affect the automated backups taken as part of the schedule. ## Physical storage location Backups are stored as binary large objects separate from your environments. -This storage is replicated over multiple data centers in different locations. -This means that in the rare event a data center becomes unavailable, your backups are still available. +This storage is replicated over multiple data centers in different locations +within the region your project is hosted in. +This means that in the rare event a data center becomes unavailable, your backups are still available. \ No newline at end of file From 1535b7d04be50434f499d743ceee0bba98985e72 Mon Sep 17 00:00:00 2001 From: AnouckColson Date: Tue, 22 Aug 2023 13:57:37 +0200 Subject: [PATCH 3/5] Add link to Trust Center --- sites/platform/src/environments/backup.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sites/platform/src/environments/backup.md b/sites/platform/src/environments/backup.md index 95ebe2ccf0..6cbb81eb57 100644 --- a/sites/platform/src/environments/backup.md +++ b/sites/platform/src/environments/backup.md @@ -183,5 +183,5 @@ They don't affect the automated backups taken as part of the schedule. Backups are stored as binary large objects separate from your environments. This storage is replicated over multiple data centers in different locations -within the region your project is hosted in. +[within the region your project is hosted in](https://platform.sh/trust-center/security/data-security/). This means that in the rare event a data center becomes unavailable, your backups are still available. \ No newline at end of file From 4f2327a55c1c6542cec3f6c9d3db1b23c9a10b91 Mon Sep 17 00:00:00 2001 From: chadcarlson Date: Tue, 22 Aug 2023 14:53:42 -0400 Subject: [PATCH 4/5] Update pw to string. --- sites/platform/src/add-services/elasticsearch.md | 2 +- sites/platform/src/add-services/influxdb.md | 4 ++-- sites/platform/src/add-services/opensearch.md | 2 +- sites/platform/src/add-services/postgresql.md | 2 +- sites/platform/src/add-services/rabbitmq.md | 2 +- sites/platform/src/add-services/solr.md | 2 +- sites/platform/src/add-services/vault.md | 2 +- 7 files changed, 8 insertions(+), 8 deletions(-) diff --git a/sites/platform/src/add-services/elasticsearch.md b/sites/platform/src/add-services/elasticsearch.md index 67797d0c28..18023e9343 100644 --- a/sites/platform/src/add-services/elasticsearch.md +++ b/sites/platform/src/add-services/elasticsearch.md @@ -68,7 +68,7 @@ To do so, follow the same procedure as for [upgrading](#upgrading). "rel": "elasticsearch", "path": null, "query": [], - "password": null, + "password": "ChangeMe", "type": "elasticsearch:7.7", "public": false, "host_mapped": false diff --git a/sites/platform/src/add-services/influxdb.md b/sites/platform/src/add-services/influxdb.md index 5a33f30f03..27301f47cf 100644 --- a/sites/platform/src/add-services/influxdb.md +++ b/sites/platform/src/add-services/influxdb.md @@ -47,7 +47,7 @@ See more information on [how to upgrade to version 2.3 or later](#upgrade-to-ver "rel": "influxdb", "scheme": "http", "username": "admin", - "password": null, + "password": "ChangeMe", "port": 8086, "path": null, "query": { @@ -139,7 +139,7 @@ If you're relying on any other attributes connecting to InfluxDB, they remain ac "rel": "influxdb", "scheme": "http", "username": "admin", - "password": null, + "password": "ChangeMe", "port": 8086, "path": null, "query": { diff --git a/sites/platform/src/add-services/opensearch.md b/sites/platform/src/add-services/opensearch.md index e8fe7fd651..e48f7c1887 100644 --- a/sites/platform/src/add-services/opensearch.md +++ b/sites/platform/src/add-services/opensearch.md @@ -58,7 +58,7 @@ switch to [a supported version](#supported-versions). "rel": "opensearch", "path": null, "query": [], - "password": null, + "password": "ChangeMe", "type": "opensearch:1.2", "public": false, "host_mapped": false diff --git a/sites/platform/src/add-services/postgresql.md b/sites/platform/src/add-services/postgresql.md index 367a67cbd2..9abf358958 100644 --- a/sites/platform/src/add-services/postgresql.md +++ b/sites/platform/src/add-services/postgresql.md @@ -59,7 +59,7 @@ For more details, see how to [upgrade to PostgreSQL 12 with `postgis`](#upgrade- "query": { "is_master": true }, - "password": null, + "password": "ChangeMe", "type": "postgresql:12", "public": false, "host_mapped": false diff --git a/sites/platform/src/add-services/rabbitmq.md b/sites/platform/src/add-services/rabbitmq.md index b9d0dc7748..2c1dca6d4d 100644 --- a/sites/platform/src/add-services/rabbitmq.md +++ b/sites/platform/src/add-services/rabbitmq.md @@ -158,7 +158,7 @@ rabbitmq: "rel": "rabbitmq", "path": null, "query": [], - "password": null, + "password": "ChangeMe", "type": "rabbitmq:3.8", "public": false, "host_mapped": false diff --git a/sites/platform/src/add-services/solr.md b/sites/platform/src/add-services/solr.md index 73ed3cc3aa..8739c6227c 100644 --- a/sites/platform/src/add-services/solr.md +++ b/sites/platform/src/add-services/solr.md @@ -49,7 +49,7 @@ Solr search with generic schemas provided, and a custom schema is also supported "rel": "solr", "path": "solr\/maincore", "query": [], - "password": null, + "password": "ChangeMe", "type": "solr:8.6", "public": false, "host_mapped": false diff --git a/sites/platform/src/add-services/vault.md b/sites/platform/src/add-services/vault.md index c4096eb94c..7802cc7f5a 100644 --- a/sites/platform/src/add-services/vault.md +++ b/sites/platform/src/add-services/vault.md @@ -269,7 +269,7 @@ In the JSON object that's returned, you can notice that the `ciphertext` is diff "query": { "is_master": true }, - "password": null, + "password": "ChangeMe", "type": "vault-kms:1.6", "public": false, "host_mapped": false From 93f6b1cd0ac1e41fbf89931ab10fea84b9841240 Mon Sep 17 00:00:00 2001 From: AnouckColson <113913013+AnouckColson@users.noreply.github.com> Date: Wed, 23 Aug 2023 09:35:44 +0200 Subject: [PATCH 5/5] Update custom non-production domains doc (#3202) Co-authored-by: Chad Carlson Co-authored-by: chadcarlson --- sites/platform/src/domains/steps/_index.md | 18 +- .../steps/custom-non-production-domains.md | 189 +++++++++++++----- 2 files changed, 150 insertions(+), 57 deletions(-) diff --git a/sites/platform/src/domains/steps/_index.md b/sites/platform/src/domains/steps/_index.md index e03ba2be1d..2256fb0e70 100644 --- a/sites/platform/src/domains/steps/_index.md +++ b/sites/platform/src/domains/steps/_index.md @@ -15,11 +15,11 @@ If you are an Enterprise or Elite customer and have a Grid or {{% names/dedicate You need: -* A project that's ready to go live -* A domain with access to its settings with the registrar -* A registrar that allows `CNAME` records or [one of the alternatives](./dns.md) on [apex domains](../../other/glossary.md#apex-domain) -* Optional: The [CLI](../../administration/cli/_index.md) installed locally -* If you are on a development plan, you need to [upgrade your tier to a production plan](#1-change-your-plan-to-a-production-plan). +- A project that's ready to go live +- A domain with access to its settings with the registrar +- A registrar that allows `CNAME` records or [one of the alternatives](./dns.md) on [apex domains](../../other/glossary.md#apex-domain) +- Optional: The [CLI](../../administration/cli/_index.md) installed locally +- If you are on a development plan, you need to [upgrade your tier to a production plan](#1-change-your-plan-to-a-production-plan). If you are planning to use several subdomains of the same domain on different projects, see how to [manage multiple subdomains](/domains/steps/subdomains.md) *before* you add your domain to {{< vendor/name >}}. @@ -86,11 +86,9 @@ platform environment:info edge_hostname title=In the Console +++ -1. In the Console, open your Production environment. -2. Click **URLs** and copy the URL to your site excluding `https://`. - - For example, if the automatically generated URL is `https://main-abcd123.abcdefgh1234567.eu.platformsh.site`, - the target is `main-abcd123.abcdefgh1234567.eu.platformsh.site`. +1. Navigate to your production environment and click **{{< icon settings >}} Settings**. +2. Select the **Domains** tab. +3. In the **Configure your domain** section, copy the content of the **CNAME record** field. {{< /codetabs >}} diff --git a/sites/platform/src/domains/steps/custom-non-production-domains.md b/sites/platform/src/domains/steps/custom-non-production-domains.md index 9749737f2c..125c3eb5c5 100644 --- a/sites/platform/src/domains/steps/custom-non-production-domains.md +++ b/sites/platform/src/domains/steps/custom-non-production-domains.md @@ -1,14 +1,15 @@ --- title: Set up a custom domain on your non-production environments -sidebarTitle: (Beta) Non-production environments +sidebarTitle: Non-production environments weight: 3 description: Learn how to set up custom domains on your staging and development environments banner: - type: beta + type: tiered-feature --- When a custom domain is [set up on your production environment](../steps/_index.md), it can't be used for the other, non-production environments in your project. + Therefore, by default and for each non-production environment, {{< vendor/name >}} automatically replaces the custom production domain with an automatically generated URL. @@ -55,19 +56,16 @@ You need: If you have a {{% names/dedicated-gen-2 %}} project, currently you can only add a custom domain to the dedicated environments of your project (production and staging). - To do so, contact [Support](https://console.platform.sh/-/users/~/tickets/open). + To do so, [contact Support](https://console.platform.sh/-/users/~/tickets/open). {{< /note >}} If you use a [Managed Fastly](../cdn/managed-fastly.md) CDN, it needs to be configured to operate with custom non-production domains. - For more information, contact [Support](https://console.platform.sh/-/users/~/tickets/open). + For more information, [contact Support](https://console.platform.sh/-/users/~/tickets/open). - A production environment with at least one custom domain already set up - At least one non-production (staging or development) environment -- The [{{< vendor/name >}} CLI](../../administration/cli/_index.md) (v4.8.0+)
- In the current Beta version, you can only add and manage non-production custom domains - through the [{{< vendor/name >}} CLI](../../administration/cli/_index.md). - In future versions, you'll be able to do so in the [{{< vendor/name >}} Console](../../administration/web/_index.md) too. +- Optional: The [Platform.sh CLI](../../administration/cli/_index.md) (v4.8.0+) To prevent abuse, by default you can add custom domains to up to 5 environments per project only. This limit doesn't include the production environment, @@ -90,31 +88,17 @@ Downgrading your plan doesn't affect custom domains set on your production envir To add a custom domain to a non-production environment, follow these steps: -1. Get the target for your non-production environment. - {{< codetabs >}} +++ title=Using the CLI +++ -Run the following command: - -```bash -platform environment:info edge_hostname --environment {{< variable "ENVIRONMENT_NAME" >}} -``` - -<---> -+++ -title=In the Console -+++ - -1. In the Console, open your non-production environment. -2. Click **URLs** and copy the URL to your site excluding `https://`. - - For example, if the automatically generated URL is `https://dev-abcd123.abcdefgh1234567.eu.platformsh.site`, - the target is `dev-abcd123.abcdefgh1234567.eu.platformsh.site`. +1. To get the target for your non-production environment, + run the following command: -{{< /codetabs >}} + ```bash + platform environment:info edge_hostname --environment {{< variable "ENVIRONMENT_NAME" >}} + ``` 2. [Configure your DNS provider](../steps/_index.md#3-configure-your-dns-provider). In particular, make sure your DNS record points to the target of your non-production environment. @@ -132,26 +116,39 @@ title=In the Console platform domain:add staging.example.com --environment {{< variable "STAGING_ENVIRONMENT_ID" >}} --attach {{< variable "PRODUCTION_CUSTOM_DOMAIN_TO_ATTACH" >}} ``` - {{< note title="Example" >}} +<---> ++++ +title=In the Console ++++ + +1. Get the target for your non-production environment.
+ To do so, navigate to your non-production environment and click **{{< icon settings >}} Settings**.
+ Select the **Domains** tab.
+ In the **Configure your domain** section, copy the content of the **CNAME record** field.
+ Save it for later use at step 7. - You've added the `mysite.com` custom domain to your production environment. - You now want to add the `mydev.com` custom domain to a development environment called `Dev`. +2. Click **Add domain**. - To do so, run the following command: +3. Enter a name for your custom non-production domain. - ```bash - platform domain:add mydev.com --environment Dev --attach mysite.com - ``` +4. If you have multiple production domains, + select the one you want to attach your custom non-production domain to. - {{< /note >}} +5. Click **Add**. - In the above example, the `Dev` environment needs to exist - for you to add the `mydev.com` custom domain successfully. - If the `Dev` environment is later removed, - the `mydev.com` custom domain is removed too. +6. Click **Okay**. - As shown in the example, you can use any domain for your non-production environments, - and not necessarily a subdomain of the production. +7. [Configure your DNS provider](../steps/_index.md#3-configure-your-dns-provider).
+ In particular, make sure your DNS record points to the target of your non-production environment. + +{{< note >}} + +Using the target of your production environment to configure your DNS provider is technically possible, +but Platform.sh recommends using the target of your non-production environment as a best practice. + +{{< /note >}} + +{{< /codetabs >}} {{< note >}} @@ -160,29 +157,127 @@ You can only delete it and create a new one as a replacement. {{< /note >}} +### Example + +You've added the `mysite.com` custom domain to your production environment. +You now want to add the `mydev.com` custom domain to a development environment called `Dev`. + +To do so, follow these steps: + +{{< codetabs >}} ++++ +title=Using the CLI ++++ + +Run the following command: + +```bash +platform domain:add mydev.com --environment Dev --attach mysite.com +``` + +<---> ++++ +title=In the Console ++++ + +1. Get the target for `Dev`.
+ To do so, navigate to `Dev` and click **{{< icon settings >}} Settings**.
+ Select the **Domains** tab.
+ In the **Configure your domain** section, copy the content of the **CNAME record** field.
+ Save it for later use at step 7. + +2. Click **Add domain**. + +3. Enter `mydev.com` as a name for your custom non-production domain. + +4. Select `mysite.com` as the production custom domain you want to attach `mydev.com` to. + +5. Click **Add**.
+ +6. Click **Okay**. + +7. [Configure your DNS provider](../steps/_index.md#3-configure-your-dns-provider).
+ In particular, make sure your DNS record points to `Dev`'s target. + +{{< /codetabs >}} + +In the above example, the `Dev` environment needs to exist +for you to add the `mydev.com` custom domain successfully. +If the `Dev` environment is later removed, +the `mydev.com` custom domain is removed too. + ## List the custom domains of a non-production environment -To list all the custom domains added to a non-production environment, -run a command similar to the following: +{{< codetabs >}} ++++ +title=Using the CLI ++++ + +Run a command similar to the following: ```bash platform domain:list --environment {{< variable "STAGING_ENVIRONMENT_ID" >}} ``` +<---> ++++ +title=In the Console ++++ + +1. Navigate to your non-production environment and click **{{< icon settings >}} Settings**. +2. Select the **Domains** tab.
+ All the custom domains for your non-production environment are displayed. + +{{< /codetabs >}} + ## Get a specific custom non-production domain -To retrieve a specific custom domain added to a non-production environment, -run a command similar to the following: +{{< codetabs >}} ++++ +title=Using the CLI ++++ + +Run a command similar to the following: ```bash platform domain:get staging.example.com --environment {{< variable "STAGING_ENVIRONMENT_ID" >}} ``` +<---> ++++ +title=In the Console ++++ + +1. Navigate to your non-production environment and click **{{< icon settings >}} Settings**.
+2. Select the **Domains** tab.
+ All the custom domains for the selected environment are displayed. +3. Click **{{< icon "more" >}} More** on a specific custom non-production domain to see which actions you can perform on it. + +{{< /codetabs >}} + ## Remove a custom domain from a non-production environment -To remove a custom domain from a non-production environment, -run a command similar to the following: +{{< codetabs >}} ++++ +title=Using the CLI ++++ + +Run a command similar to the following: ```bash platform domain:delete staging.example.com --environment {{< variable "STAGING_ENVIRONMENT_ID" >}} ``` + +<---> ++++ +title=In the Console ++++ + +1. Navigate to your non-production environment and click **{{< icon settings >}} Settings**. +2. Select the **Domains** tab.
+ All the custom domains for the selected environment are displayed. +3. Click **{{< icon "more" >}} More** on the custom non-production domain you want to delete. +4. Click **Delete**. +5. Click **Yes, delete**. + +{{< /codetabs >}} \ No newline at end of file