<P4ndamonium>
I thinnk I see the issue now actually...
<isd>
The obvious thing that jumps out at me is the presence of SANDCATS BASEDOMAIN
<P4ndamonium>
Yea it was actually the wildcard host
<P4ndamonium>
wildcard host was manually writing all my asset URLs to include the internal port
<isd>
Aha. That would do it.
<isd>
Glad I could rubber ducker for you.
<isd>
*rubber duck
<P4ndamonium>
Much appreciated! Now just to battle the wildcard cert on LE
<ocdtrekkie>
IIRC basically all sandstorm.conf URL settings should be as a user would see it. Aka, if you put :6080 somewhere, that's what your user will navigate to. Whereas the actual port behind any proxies is set by HTTP_PORT and the like.
<P4ndamonium>
I'm fighting hard with this wildcard cert now
<P4ndamonium>
i think it's the last piece but I can't get it to work
<P4ndamonium>
ah I see, nested subdomains aren't covered by wild card
<P4ndamonium>
how unfortunate
<ocdtrekkie>
You can cheat on that a bit.
<ocdtrekkie>
Sandstorm supports something like... sandstorm-*.domain format if you want.
<P4ndamonium>
can I do that in the wildcard domain directive of the conf file?
<ocdtrekkie>
I believe so, yes.
<ocdtrekkie>
"So, for example, alpha-*.sandstorm.io is the WILDCARD_HOST for Sandstorm Alpha, while *.oasis.sandstorm.io is the WILDCARD_HOST for Oasis"
<ocdtrekkie>
It is noted some DNS servers don't like wildcards of that format though, many do just want *.
<P4ndamonium>
Yea mine doesn't seem to enjoy that too much
<P4ndamonium>
Guess I'll wild card the entirety of it and have apache parse the domains, not a big deal but lets I suppose that opens you to a DDoS of sorts
<P4ndamonium>
subdomain fuzzing/brute forcing could easily overwhelm a single server that way
<P4ndamonium>
well that seems to be working just need to wait for DNS to propagate now x.x
<P4ndamonium>
thanks for the help!
<P4ndamonium>
and after all that I get 404s, well I'll have to fight with it more tomorrow! Was fun, I'll probably be back later :)
P4ndamonium has quit [Quit: Connection closed]
koo6 has joined #sandstorm
koo6 has quit [Read error: Connection reset by peer]
xet7 has quit [Remote host closed the connection]
xet7 has joined #sandstorm
xet7 has quit [Read error: Connection reset by peer]
xet7 has joined #sandstorm
koo6 has joined #sandstorm
koo6 has quit [Client Quit]
<TimMc>
I wonder if we could make some kind of config linter.
<ocdtrekkie>
I think the challenge is that a significant number of configurations are total valid for different environments.
<ocdtrekkie>
We'd need to know a lot about people's proxies and firewalls and DNS servers and such.
<TimMc>
Yeah, it would need both external and internal network viewpoints to help at all.
<TimMc>
but would also have total blindspots when it comes to reverse proxies...
<isd>
wildcard host and base url having different ports is a red flag though.
<isd>
It might make sense to issue a warning in that case.