Closed
Bug 1505154
Opened 7 years ago
Closed 7 years ago
Run Buildhub2 Prod under a dedicated and custom domain name
Categories
(Cloud Services :: Operations: Miscellaneous, task)
Cloud Services
Operations: Miscellaneous
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: peterbe, Unassigned)
References
Details
Instead of https://buildhub2.prod.mozaws.net/ let's call it something like https://buildhub.mozilla.org or http://buildhub.mozilla-services.com
Whatever it is, the "public" URL shouldn't say "github.io" or "mozaws".
|
||
Comment 1•7 years ago
|
||
we have moz.tools if you want :)
|
Reporter | |
Comment 2•7 years ago
|
||
(In reply to Sylvestre Ledru [:sylvestre] from comment #1)
> we have moz.tools if you want :)
Do you think that's better? After all, the tools is very much related to your org. So would it be something like buildhub.moz.tools?
|
|
||
Comment 3•7 years ago
|
||
I don't have a strong opinion, so, as you wish! moz.tools is generic enough and easy to remember.
|
|
Reporter | |
Comment 4•7 years ago
|
||
Let's go with buildhub.moz.tools for the Prod instance in GCP.
|
|
||
Comment 5•7 years ago
|
||
We'd need buildhub.moz.tools CNAMEd to prod.buildhub2.prod.cloudops.mozgcp.net, and also an SSL cert for that domain. If you can get us a SAN cert with prod.buildhub2.prod.cloudops.mozgcp.net in the cert too, that'd be awesome.
Flags: needinfo?(sledru)
|
||
Comment 6•7 years ago
|
||
I just made the [pull request](https://github.com/mozilla-releng/build-cloud-tools/pull/370) to add the CNAME.
Regarding the SSL cert, we use let's encrypt (mostly through Heroku automatic generation), so i don't know which provider to use in this case (maybe you could also use let's encrypt on your server ?).
Jake can review and apply the PR on build-cloud-tools, and may be able to help for the ssl cert.
Flags: needinfo?(sledru) → needinfo?(jwatkins)
|
|
||
Comment 7•7 years ago
|
||
(In reply to Bastien Abadie [:bastien] from comment #6)
> I just made the [pull
> request](https://github.com/mozilla-releng/build-cloud-tools/pull/370) to
> add the CNAME.
>
> Regarding the SSL cert, we use let's encrypt (mostly through Heroku
> automatic generation), so i don't know which provider to use in this case
> (maybe you could also use let's encrypt on your server ?).
>
> Jake can review and apply the PR on build-cloud-tools, and may be able to
> help for the ssl cert.
The PR has been applied and merged. As for the certificate, since the application endpoint is in a cloudops gcp account, I would talk to cloudops about getting a cert and ssl setup. I don't think GCP has a cert service, but if they do then I suggest using that. If they don't, cloudops should be able to get you a cert from digicert.
Flags: needinfo?(jwatkins)
|
|
||
Comment 8•7 years ago
|
||
For the record, Bug 1510625 is tracking the certificate.
|
|
||
Comment 9•7 years ago
|
||
I confirm the CNAME buildhub.moz.tools is now active towards prod.buildhub2.prod.cloudops.mozgcp.net.
Thanks Jake.
|
|
Reporter | |
Comment 10•7 years ago
|
||
https://buildhub.moz.tools is a thing! Yay!
Adrian, can we close this now or is there anything (paperwork?) left to do?
|
|
||
Comment 11•7 years ago
|
||
I don't think there's anything left other than the security checklist.
|
|
Reporter | |
Updated•7 years ago
|
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•