It's been a pretty exciting week for us at the pico.sh headquarters.
We made it to the front-page of hackernews!
We were so excited about the launched that we announced in the thread support for custom domains landed.
We figured it would be a good idea to officially announce it on our blog.
Add your custom domain today!
Don't want to be bored with the details of how custom domains work?
The full usage guide can be found on our help page.
How it works
We decided to go with a solution that didn't require us to store any information
about the custom domain you want to use. Instead, all the user needs to do is
add a TXT
record and then point the domain with a CNAME
to prose.sh
.
Under the hood we use
Caddy's on-demand tls.
On our end, the configuration was very simple using Caddyfile
:
{
on_demand_tls {
ask http://web:3000/check
interval 1m
burst 10
}
}
:443 {
reverse_proxy web:3000
tls hello@prose.sh {
on_demand
}
encode zstd gzip
}
The endpoint referenced in the above Caddyfile points to this golang function:
1func checkHandler(w http.ResponseWriter, r *http.Request) {
2 dbpool := GetDB(r)
3 cfg := GetCfg(r)
4
5 if cfg.IsCustomdomains() {
6 hostDomain := r.URL.Query().Get("domain")
7 appDomain := strings.Split(cfg.ConfigCms.Domain, ":")[0]
8
9 if !strings.Contains(hostDomain, appDomain) {
10 subdomain := GetCustomDomain(hostDomain)
11 if subdomain != "" {
12 u, err := dbpool.FindUserForName(subdomain)
13 if u != nil && err == nil {
14 w.WriteHeader(http.StatusOK)
15 return
16 }
17 }
18 }
19 }
20
21 w.WriteHeader(http.StatusNotFound)
22}
This function does a couple of things. It gets the current domain from the
request and then performs a TXT
lookup via GetCustomDomain
:
1func GetCustomDomain(host string) string {
2 records, err := net.LookupTXT(fmt.Sprintf("_prose.%s", host))
3 if err != nil {
4 return ""
5 }
6
7 for _, v := range records {
8 return strings.TrimSpace(v)
9 }
10
11 return ""
12}
If the username matches then we respond with a success status. That's really all there is to it.
It's amazing how far we've come with TLS, isn't it?
Wrap up
This is just one of many features we have planned to make prose.sh awesome. We also have a handful of sibling services we are thinking about building.