Closed
Bug 1163837
Opened 10 years ago
Closed 10 years ago
static hosting for tlscanary.mozilla.org
Categories
(Infrastructure & Operations Graveyard :: WebOps: Community Platform, task)
Infrastructure & Operations Graveyard
WebOps: Community Platform
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: mwobensmith, Assigned: fox2mike)
References
Details
(Whiteboard: [kanban:https://webops.kanbanize.com/ctrl_board/2/1143] )
I'd like to add a DNS entry within the mozilla.com (or mozilla.org) space to point to a location that hosts my SSL compatibility test runs.
At the moment, the URL is located here:
http://people.mozilla.org/~mwobensmith/ssl_compat/
I'd like to have a DNS entry so that people can access it via sslcompat.mozilla.com (or org).
Is that possible?
|
||
Comment 1•10 years ago
|
||
I'm not a DNS guru.
I do know that we could set sslcompat.mozilla.com (or .org) to point to the IP address of
people.mozilla.org, and then the web server (httpd) on that server can be (and may already be)
configured to direct requests for that web page to your more specific url.
I'm going to send this bug over to webops and see what they have to say about it.
Assignee: network-operations → dcurado
Status: NEW → ASSIGNED
|
|
||
Updated•10 years ago
|
Assignee: dcurado → server-ops-webops
Status: ASSIGNED → NEW
Component: NetOps: Other → WebOps: Community Platform
QA Contact: jbarnell → smani
|
|
Assignee | |
Comment 2•10 years ago
|
||
Matt,
We generally don't point external DNS entries at people (because of the risk of your site becoming famous enough to grab a ton of traffic) and there might be configuration challenges with doing this as well.
We can look at other hosting options if that makes sense?
|
|
Reporter | |
Comment 3•10 years ago
|
||
If there is a better hosting option, I'd love that. I just need a place to put some static HTML files that can be accessed from anywhere. Thank you.
|
|
Reporter | |
Comment 4•10 years ago
|
||
Also, I decided to change the name of the project - and subsequent DNS entry - to "tlscanary", so officially I'd like "tlscanary.mozilla.org" if possible.
Summary: DNS entry for sslcompat.mozilla.com → DNS entry for tlscanary.mozilla.com
Correcting topic to .org as requested in comment 4.
Summary: DNS entry for tlscanary.mozilla.com → static hosting for tlscanary.mozilla.org
|
|
Assignee | |
Comment 6•10 years ago
|
||
(In reply to Matt Wobensmith from comment #3)
> If there is a better hosting option, I'd love that. I just need a place to
> put some static HTML files that can be accessed from anywhere. Thank you.
If you can commit the static files to a github repo or someplace we can pull it from (and you can update it) we'll be happy to host it for you.
Assignee: server-ops-webops → rwatson
|
|
Reporter | |
Comment 7•10 years ago
|
||
This is where the project lives now. These files would be the ones to stage:
https://github.com/mwobensmith/ssl_compat
In the future, this will move to an official Mozilla repo, but this is what I have for now.
|
|
Assignee | |
Updated•10 years ago
|
Assignee: rwatson → smani
|
|
Assignee | |
Comment 8•10 years ago
|
||
Matt,
http://tlscanary.mozilla.org is now live. There is no auto update mechanism setup yet, but the site is up :) I'll leave the bug open to set that up.
|
|
Reporter | |
Comment 9•10 years ago
|
||
Wonderful, thank you!
|
|
Reporter | |
Comment 10•10 years ago
|
||
Shyam, how difficult is it host this site under SSL? I can file another bug if need be. I believe I was asked if I wanted to host it securely initially and declined, but have since changed my mind.
|
|
||
Comment 11•10 years ago
|
||
Two options - we can either purchase a commercial certificate from our provider, or issue a Mozilla-only certificate from the internal Mozilla CA. The former will work for all visitors, the latter will only work for those who install the Mozilla Root CA certificate.
It is most likely that you'll want the former, but we do need a separate bug in the WebOps: SSL component requesting the certificate (for cost tracking purposes).
|
|
Reporter | |
Comment 12•10 years ago
|
||
Thanks Richard - filed bug 1168661 for the SSL part.
|
|
||
Comment 13•10 years ago
|
||
The static SSL cert now contains 'tlscanary.mozilla.org', so the site config can be updated to primary :81 with a redirect from :80 whenever.
Flags: needinfo?(smani)
|
|
||
Comment 14•10 years ago
|
||
Updated the tlscanary site to live on https, existing http links will be redirected to https, added HSTS header to ensure stickiness of SSL in this case.
Next-step is some sort of auto-update mechanism.
Status: NEW → RESOLVED
Closed: 10 years ago
Flags: needinfo?(smani)
Resolution: --- → FIXED
|
|
||
Comment 15•10 years ago
|
||
Not meant to be resolved yet, sorry. Still trying to work out how autoupdates function here.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
|
|
Reporter | |
Comment 16•10 years ago
|
||
Hi Richard, any updates here?
|
|
Assignee | |
Comment 17•10 years ago
|
||
sysadmins r105122 adds autoupdate twice an hour for the site.
Status: REOPENED → RESOLVED
Closed: 10 years ago → 10 years ago
Resolution: --- → FIXED
|
||
Updated•7 years ago
|
Product: Infrastructure & Operations → Infrastructure & Operations Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•