Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cloudflare dns: After deploy Proxy is set to disabled #4662

Open
webdeb opened this issue May 5, 2024 · 5 comments
Open

Cloudflare dns: After deploy Proxy is set to disabled #4662

webdeb opened this issue May 5, 2024 · 5 comments
Assignees
@fwang

Comments

@webdeb
Copy link

webdeb commented May 5, 2024

Hello, I've deployed a cluster to aws, and created the service with public.domain.dns: sst.cloudflare.dns()

In cloudflare the Proxy status is disabled. I can enable it manually, but when I redeploy, the proxy is disabled again, I guess it's always a new entry if some cluster configurations are changed.

Bildschirmfoto 2024-05-05 um 14 50 26

So, after deploy/redeploy the service is unavailable.
@webdeb
Copy link
Author

webdeb commented May 5, 2024

When I set dns.transform.record = { proxied: true, ttl: 1} I get another error:

failed to create DNS record: Target xxx.mhbtsbpdnt.acm-validations.aws. is not allowed for a proxied record. (9003)

@webdeb
Copy link
Author

webdeb commented May 5, 2024
edited
Loading

Ok, finally nailed it, but this feels like a hack..

          dns: sst.cloudflare.dns({
            transform: {
              record: (record) => {
                if (record.name === "my.service.com") {
                  record.proxied = true;
                  record.ttl = 1;
                }
              },
            },
          }),

I think it can be considered as a bug, when you set transform record on a public.domain.dns setting and sst uses this transform.record also on the record, which is responsible to confirm the domain ownership.

@benjamindell
Copy link

Hey @webdeb - i'm also using Cloudflare with my SST stack and have used your suggested transform code above to set proxied to true. It technically works (in that my domains in CF are set to proxied) but when the proxy is turned on, none of my URLs load (i get the ERR_TOO_MANY_REDIRECTS error). Did you have to provide any further config details in the sst config file or do anything else to get CF proxied domains to play nicely with cloudfront etc?

Any pointers would be hugely appreciated.

@fwang
Copy link
Contributor

fwang commented Jul 31, 2024

I did a test w/ the following code:

new sst.aws.StaticSite("Web", {
  domain: {
    name: "domain.com",
    dns: sst.cloudflare.dns(),
  }
});

And I'm seeing the same behavior as @benjamindell.
After deployed, the DNS records on CloudFlare shows DNS only. And the site works.
But if i change the DNS record to Proxied, the site does NOT work.

@ian-pascoe
Copy link
Contributor

I was able to get this working using @webdeb 's suggestion and setting SSL to full on cloudflare:

image

@thdxr thdxr transferred this issue from sst/ion Oct 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fwang fwang

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@fwang @benjamindell @webdeb @ian-pascoe