[Spike] Custom domains on ups.dock

[braican]

This ports over some logic initially thought about during the BSO project to allow for us to set up any domain to access a site running on the ups.dock network.

A typical use case might be to be able to read a cookie set on a specific domain in our local environments to mock authentication (as was the case for BSO).

To set up a custom domain

Note that this is also documented in this doc.

Assuming you have this branch checked out in your local ups.dock repository:

1. Add a DNS resolver to your machine for the domain you'd like to access:

   echo -e "nameserver 127.0.0.1\nport 53535\n" | sudo tee /etc/resolver/local.bso.org

2. Open up the config/openssl.conf config file in your local ups.dock repo and add your domain to the list of alternate_names:

   DNS.3 = local.bso.org
   

   Note that the line should follow numerically after whatever the previous DNS record is.

3. Still in your local ups.dock repo, remove the existing certs and reinstall:

   rm certs/ups.dock.*
   ./bin/install.sh
   docker-compose up -d

4. In the docker-compose file of the project you'd like to access from your new domain, update the environment config to look for your new virtual host and to read the relevant cert:

   environment:
       UPS_DOCK_NAME: BSO
       VIRTUAL_HOST: bso.ups.dock,local.bso.org
       CERT_NAME: ups.dock
       HTTPS_METHOD: noredirect

5. Restart your docker containers.

6. Confirm that you can access the site at your new domain.

Questions

• Is there a more portable way to do this without the overhead of ups.dock?
• How can we extract the DNS records from the alternate_names section of the openssl.conf config so that its not in this project's source control?