I have a web app that has each user instance exposed through a subdomain of my app’s domain. This works fine but I am looking at allowing users to expose via their domain also.
How do I “reverse proxy” each user domain (I assume this is what I need to do) to the their individual subdomain of my app?
I already ran a test using Caddy and it works fine. I ran Caddy on an EC2 VM with unique IP. So I have one IP to one domain relationship. I, obviously, can’t create individual VMs for each user to gain unique IP.
Typically a SaaS will have users register their domain in their account (stored in your database), and you use the ask option of On-Demand TLS to verify that one of your users has registered their domain.
Then, you proxy all requests to your backend, and do a lookup by the connecting domain, either by the custom domain mapped to the account, or by the subdomain of your domain also mapped to their account, to scope your app to that account (multi-tenant application). You can scale out to multiple servers using Caddy as a load balancer (just specify more than one upstream for reverse_proxy and Caddy will round-robin between them, or configure it to your liking if you need something more specific).