feat(router): allow customizing controller subdomain

Matthew Fisher · Matthew Fisher · commit db191ba9a77e · 2015-05-27T17:16:26.000-07:00
diff --git a/controller/api/models.py b/controller/api/models.py
@@ -92,7 +92,7 @@ def validate_app_structure(value):
 
 def validate_reserved_names(value):
     """A value cannot use some reserved names."""
-    if value in ['deis']:
+    if value in settings.DEIS_RESERVED_NAMES:
         raise ValidationError('{} is a reserved name.'.format(value))
 
 
diff --git a/controller/api/tests/test_app.py b/controller/api/tests/test_app.py
@@ -156,10 +156,6 @@ def test_app_errors(self):
                                     HTTP_AUTHORIZATION='token {}'.format(self.token))
         self.assertContains(response, 'App IDs can only contain [a-z0-9-]', status_code=400)
         url = '/v1/apps'
-        body = {'id': 'deis'}
-        response = self.client.post(url, json.dumps(body), content_type='application/json',
-                                    HTTP_AUTHORIZATION='token {}'.format(self.token))
-        self.assertContains(response, 'deis is a reserved name.', status_code=400)
         body = {'id': app_id}
         response = self.client.post(url, json.dumps(body), content_type='application/json',
                                     HTTP_AUTHORIZATION='token {}'.format(self.token))
@@ -175,6 +171,20 @@ def test_app_errors(self):
                                        HTTP_AUTHORIZATION='token {}'.format(self.token))
             self.assertEquals(response.status_code, 404)
 
+    def test_app_reserved_names(self):
+        """Nobody should be able to create applications with names which are reserved."""
+        url = '/v1/apps'
+        reserved_names = ['foo', 'bar']
+        with self.settings(DEIS_RESERVED_NAMES=reserved_names):
+            for name in reserved_names:
+                body = {'id': name}
+                response = self.client.post(url, json.dumps(body), content_type='application/json',
+                                            HTTP_AUTHORIZATION='token {}'.format(self.token))
+                self.assertContains(
+                    response,
+                    '{} is a reserved name.'.format(name),
+                    status_code=400)
+
     def test_app_structure_is_valid_json(self):
         """Application structures should be valid JSON objects."""
         url = '/v1/apps'
diff --git a/controller/deis/settings.py b/controller/deis/settings.py
@@ -287,6 +287,9 @@
 # standard datetime format used for logging, model timestamps, etc.
 DEIS_DATETIME_FORMAT = '%Y-%m-%dT%H:%M:%S%Z'
 
+# names which apps cannot reserve for routing
+DEIS_RESERVED_NAMES = ['deis']
+
 # default scheduler settings
 SCHEDULER_MODULE = 'scheduler.mock'
 SCHEDULER_TARGET = ''  # path to scheduler endpoint (e.g. /var/run/fleet.sock)
diff --git a/controller/templates/confd_settings.py b/controller/templates/confd_settings.py
@@ -49,6 +49,10 @@
 {{ end }}
 UNIT_HOSTNAME = '{{ if exists "/deis/controller/unitHostname" }}{{ getv "/deis/controller/unitHostname" }}{{ else }}default{{ end }}'
 
+{{ if exists "/deis/controller/subdomain" }}
+DEIS_RESERVED_NAMES = ['{{ getv "/deis/controller/subdomain" }}']
+{{ end }}
+
 # AUTH
 # LDAP
 {{ if exists "/deis/controller/auth/ldap/endpoint" }}
diff --git a/docs/customizing_deis/controller_settings.rst b/docs/customizing_deis/controller_settings.rst
@@ -41,6 +41,7 @@ setting                                   description
 ====================================      ======================================================
 /deis/controller/registrationMode         set registration to "enabled", "disabled", or "admin_only" (default: "enabled")
 /deis/controller/schedulerModule          scheduler backend (default: "fleet")
+/deis/controller/subdomain                subdomain used by the router for API requests (default: "deis")
 /deis/controller/webEnabled               enable controller web UI (default: 0)
 /deis/controller/workers                  number of web worker processes (default: CPU cores * 2 + 1)
 /deis/cache/host                          host of the cache component (set by cache)
diff --git a/docs/using_deis/register-user.rst b/docs/using_deis/register-user.rst
@@ -29,6 +29,12 @@ Note that you always use ``deis.<domain>`` to communicate with the controller.
 
     For Vagrant clusters: ``deis register http://deis.local3.deisapp.com``
 
+.. note::
+
+    The subdomain can be customized by using ``deisctl config controller set subdomain=foo``. The
+    router will then route requests from ``foo.<domain>`` to the controller. See
+    :ref:`controller_settings` for more info on how to customize the controller.
+
 .. important::
 
     The first user to register with Deis receives "superuser" privileges. Additional users who
diff --git a/router/image/templates/nginx.conf b/router/image/templates/nginx.conf
@@ -79,7 +79,7 @@ http {
     {{ end }}
 
     server {
-        server_name ~^deis\.(?<domain>.+)$;
+        server_name ~^{{ or (getv "/deis/controller/subdomain") "deis" }}\.(?<domain>.+)$;
         include deis.conf;
 
         {{ if exists "/deis/controller/host" }}
