I didn't see this configuration, so I
I didn't see this configuration, so I assume Convex does not currently support it, but would be great if I could configure custom domains that I own to point to production and dev envs, would cut out one more dependency from my stack π
26 Replies
if there's a stack or recommended way to do this in the interim, please share.
Thereβs a stake to configure
You just have to follow the correct procedure
There are ways to configure without dependency on your stack
Are you referring to configuring DNS?
Of course
Yeah issue is I'm not sure the TLS certifiates would exactly work, so Convex would have to support adding alt names to the certs being shared, or, I'd have to use a DNS tool that terminates TLS and then connects to convex
Ideally, Convex can slap a custom domain as an altname on the certificate being generated, once I prove I own the domain, and a simple CNAME in my DNS would then indeed do the trick
Have you tried that out?
Let's see what the convex team has to say about this before I go and play with the DNS config
Pretty sure simply pointing a CNAME would not work..
Or you can get to hear from the support as well
No pointing a CNAME wonβt work out
configure custom domains that I own to point to production and dev envs, would cut out one more dependency from my stackThere's no way to do this I've figured out, we need to let you prove to us you own a domain and then direct traffic for you. (no way until we implement this feature)
makes sense. If you have a short how-to in the meantime, that would help. I'm worried I have to switch to Cloudflare to handle the TLS termination properly.
Is this to serve html via http actions & Hono or something? Or what's the motivation for changing the URL to the backend otherwise, other than aesthetics of the client config?
I have http actions that I want to expose to API clients/consumers as
api.domain.com vs a convex site domainThat makes total sense
only issue is the only tool I know that offers an easy solution to this is cloudflare with their TLS decryption, so I wanted to see if anyone else dealt with this differently
A really awkward way of doing it I guess is configuring nextjs endpoints that passthrough to convex... the nextjs endpoints already get the custom domain & TLS from vercel, but I think that would be worse given the redundant code to maintain
@wjarjoui this is on our list, yeah -- domain aliases for like API servicves
not implemented yet
understood - any insights on solutions/workarounds in the meantime besides cloudflare?
curious if there's an ETA btw, maybe if it's soon I can leave things as is until then
I'm also thinking the same thing. I can wait a couple of weeks if it's on the roadmap soon?
@Indy ^ FYI
Thanks folks! It's on the big backlog, not actively prioritized yet. But two votes in a span of a couple weeks are pretty compelling to get this on an active list soon. Unfortunately it won't be a couple of weeks. You'll have to use cloudflare for now.
Thanks for info Indy. Do you know if it is expected to work using Cloudflare?
I have a Cloudflare CNAME pointing to my convex URL, eg mysite-for-example.convex.site but it just returns 404s for all routes (even though they exist and work using the convex url).
Also to note, when I check Convex logs, it doesn't show any 404 logged (but it does when using mysite-for-example.convex.site). This make me think that the host name (ie mysite-for-example.convex.site) is actually being used to route the request within convex to my account?
Ah, you're totally right βΒ I gave Indy the wrong answer when he asked about using Cloudflare earlier π€¦ββοΈ
We do indeed use the incoming hostname to route the request, so this doesn't work out of the box.
I'll think more about what workarounds we can give you until we have full support for this feature, but off the top of my head, @wjarjoui's earlier suggestion of using a nextjs passthrough sounds the most promising as Vercel will proxy the request for you and give you TLS. However, I haven't validated that nextjs correctly handles websocket traffic β might require a bit more manual request handling if so. I'll dig around on this
Ok, thanks
@adam I'm curious do you have cloudflare configured as DNS only or as a proxy?
looked a bit more into this -- looks like Cloudflare can actually rewrite the host header + SNI value with origin rules. this should actually just work then -- I can test tomorrow
Yes that was what I was thinking, but pretty sure it would have to be in proxy mode
Which I think has to be the case anyway for proper TLS termination to take place...
ugh, looks like the required "override host header" feature isn't included on free plans π¦