Skip to content

Instantly share code, notes, and snippets.

@jerryharrison

jerryharrison/README.md

Forked from awmichel/README.md
Created June 18, 2019 16:12
Show Gist options
  • Save jerryharrison/aa106a323244019dcf28e1b55f08b329 to your computer and use it in GitHub Desktop.
Save jerryharrison/aa106a323244019dcf28e1b55f08b329 to your computer and use it in GitHub Desktop.
Download ZIP
Development Guide for DNS Resolution: permitzone.dev
Raw
README.md

Development Guide for DNS Resolution of permitzone.dev Domains

This guide will walk you through setting up permitzone.dev domain resolution locally. It involves setting up dnsmasq to handle .dev DNS requests and nginx to proxy requests to the correct app locally.

Prerequisites

  • Homebrew is installed and working. Use brew doctor to verify.

Setup

  • brew install dnsmasq nginx
  • sudo mkdir /etc/resolver
  • echo 'nameserver 127.0.0.1' | sudo tee /etc/resolver/dev
  • echo 'address=/dev/127.0.0.1' >> /usr/local/etc/dnsmasq.conf
  • curl https://gist.githubusercontent.com/awmichel/ca09a34b41ae99b31c86d43d0bf13b44/raw/nginx.conf | sed -e 's/WHOAMI/'$(whoami)'/g' > /usr/local/etc/nginx/nginx.conf
  • mkdir -p /usr/local/etc/nginx/ssl/permitzone.dev
  • curl -sSL https://raw.githubusercontent.com/frntn/x509-san/master/gencert.sh | CRT_CN="permitzone.dev" CRT_C="US" CRT_L="Myrtle Beach" CRT_O="PermitZone, Inc." CRT_SAN="DNS.1:permitzone.dev,DNS.2:*.permitzone.dev" CRT_FILENAME=/usr/local/etc/nginx/ssl/permitzone.dev/permitzone.dev bash
  • sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain /usr/local/etc/nginx/ssl/permitzone.dev/permitzone.dev.crt
  • sudo brew services restart dnsmasq && sudo brew services restart nginx You can also leave out the sudos, but I find they both start more reliably at boot rather than login.
Raw
nginx.conf
user WHOAMI admin;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream app {
server 127.0.0.1:3000;
}
upstream api {
server 127.0.0.1:3001;
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name app.permitzone.dev;
ssl_certificate ssl/permitzone.dev/permitzone.dev.crt;
ssl_certificate_key ssl/permitzone.dev/permitzone.dev.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://app;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
chunked_transfer_encoding off;
proxy_buffering off;
proxy_cache off;
}
}
server {
listen 443 ssl;
server_name admin.permitzone.dev api.permitzone.dev;
ssl_certificate ssl/permitzone.dev/permitzone.dev.crt;
ssl_certificate_key ssl/permitzone.dev/permitzone.dev.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://api;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto https;
proxy_cache_bypass $http_upgrade;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment