ldraney/landscaping-assistant
1
0
Fork 0
Code Issues 32 Pull requests 1 Projects Releases Packages Wiki Activity Actions 4

Wire up landscaping-assistant.app custom domain via Hetzner edge proxy #223

New issue
Open
opened 2026-06-14 17:27:36 +00:00 by ldraney · 0 comments
ldraney commented 2026-06-14 17:27:36 +00:00
Owner
Copy link

Type

Feature

Summary

Set up public domain access for landscaping-assistant.app through the Hetzner edge proxy, mirroring the palinks.app custom domain setup.

User Story

As a landscaping business operator, I want landscaping-assistant.app to resolve publicly so clients can access the app without Tailscale.

Context

Hetzner edge node is provisioned at 178.156.129.142 (pal-e-platform PR #424). The godaddy-tofu provider is being built to manage DNS records as IaC. This is the umbrella ticket for all work needed to get landscaping-assistant.app live on a public domain. Mirrors palinks issue #28.

Lineage

Parent: none
Story: custom-domain

Repo

landscaping-assistant (app config), pal-e-platform (DNS + Caddy), godaddy-tofu (provider)

Scope

Cross-repo umbrella covering:

  1. GoDaddy DNS A record for landscaping-assistant.app -> 178.156.129.142 (via godaddy-tofu in pal-e-platform)
  2. Caddy reverse proxy config on Hetzner edge (Salt state in pal-e-platform)
  3. Rails config.hosts + Keycloak redirect URI updates (this repo)

File Targets

  • config/environments/production.rb (config.hosts)
  • Keycloak client redirect URIs

Feature Flag

None

Test Expectations

  • curl -I https://landscaping-assistant.app returns 200 after full setup
  • Tailscale access continues to work in parallel

Acceptance Criteria

  • DNS A record points landscaping-assistant.app to 178.156.129.142
  • Caddy on Hetzner terminates TLS and proxies to k3s via Tailscale
  • Rails accepts requests from landscaping-assistant.app hostname
  • Keycloak redirect URIs include landscaping-assistant.app
  • Tailscale funnel access unaffected

Constraints

  • Depends on godaddy-tofu provider being usable (godaddy-tofu #11)
  • Caddy handles auto-TLS via Let's Encrypt

Checklist

  • DNS record created via tofu
  • Caddy config deployed via Salt
  • Rails config.hosts updated
  • Keycloak redirect URIs updated
  • End-to-end verified

Related

Mirrors: palinks #28
Depends on: godaddy-tofu #11, pal-e-platform #425

### Type Feature ### Summary Set up public domain access for landscaping-assistant.app through the Hetzner edge proxy, mirroring the palinks.app custom domain setup. ### User Story As a landscaping business operator, I want landscaping-assistant.app to resolve publicly so clients can access the app without Tailscale. ### Context Hetzner edge node is provisioned at 178.156.129.142 (pal-e-platform PR #424). The godaddy-tofu provider is being built to manage DNS records as IaC. This is the umbrella ticket for all work needed to get landscaping-assistant.app live on a public domain. Mirrors palinks issue #28. ### Lineage Parent: none Story: custom-domain ### Repo landscaping-assistant (app config), pal-e-platform (DNS + Caddy), godaddy-tofu (provider) ### Scope Cross-repo umbrella covering: 1. GoDaddy DNS A record for landscaping-assistant.app -> 178.156.129.142 (via godaddy-tofu in pal-e-platform) 2. Caddy reverse proxy config on Hetzner edge (Salt state in pal-e-platform) 3. Rails config.hosts + Keycloak redirect URI updates (this repo) ### File Targets - `config/environments/production.rb` (config.hosts) - Keycloak client redirect URIs ### Feature Flag None ### Test Expectations - `curl -I https://landscaping-assistant.app` returns 200 after full setup - Tailscale access continues to work in parallel ### Acceptance Criteria - [ ] DNS A record points landscaping-assistant.app to 178.156.129.142 - [ ] Caddy on Hetzner terminates TLS and proxies to k3s via Tailscale - [ ] Rails accepts requests from landscaping-assistant.app hostname - [ ] Keycloak redirect URIs include landscaping-assistant.app - [ ] Tailscale funnel access unaffected ### Constraints - Depends on godaddy-tofu provider being usable (godaddy-tofu #11) - Caddy handles auto-TLS via Let's Encrypt ### Checklist - [ ] DNS record created via tofu - [ ] Caddy config deployed via Salt - [ ] Rails config.hosts updated - [ ] Keycloak redirect URIs updated - [ ] End-to-end verified ### Related Mirrors: palinks #28 Depends on: godaddy-tofu #11, pal-e-platform #425
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
docs/update-app-architecture
revert-213
move-other-crew-bottom-remove-schedule
feature/today-view-improvements
154-enable-assume-ssl
revert-145-person-icon
docs/user-stories-auth
docs/update-infra-pipeline-post-incident
fix-cache-step-blocking-deploy
fix-kaniko-registry-pull
deactivate-from-today
feature/quick-address-entry
No results found.
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
ldraney/landscaping-assistant#223
No description provided.