# Tenant Domain Routing Setup This project supports tenant-by-domain routing using `custom_domain` on each project/tenant. ## How It Works 1. Global middleware `ResolveTenantFromDomain` runs on all `web` routes. 2. If request host matches a tenant `custom_domain`, tenant context is stored in session: - `tenant_id` - `active_tenant_project_id` - `tenant_slug` 3. Dynamic DB connection is switched to the tenant database. 4. Tenant public pages (`/progress`, `/rbmf`, `/physical-progress`, etc.) are protected by `tenant.resolved` middleware. 5. Unknown non-central domains return `404 Tenant domain not configured`. ## Route Structure - Central domain root `/` - Redirects to dashboard/login. - Tenant domain root `/` - Redirects to `theme.default.progress`. - Tenant public routes - Grouped with middleware: `tenant.resolved`. ## Domain Validation Backend endpoint: - `POST /projects/domain/check` Service used: - `App\Services\TenantDomainService` Validation checks include: - Domain format validity - Uniqueness in system (`project_details.custom_domain`) - Central host reservation block - DNS mapping to expected app targets ## Required ENV Configuration Add these values in `.env`: - `APP_URL=https://ifrap.edlogs.com` - `CENTRAL_DOMAINS=ifrap.edlogs.com,www.ifrap.edlogs.com` - `TENANT_DOMAIN_TARGETS=ifrap.edlogs.com,50.6.6.164` - `TENANT_DOMAIN_EXPECTED_HOST=ifrap.edlogs.com` - `TENANT_DOMAIN_EXPECTED_IP=50.6.6.164` Notes: - `TENANT_DOMAIN_EXPECTED_HOST` and `TENANT_DOMAIN_EXPECTED_IP` are optional. - They are merged into `TENANT_DOMAIN_TARGETS`. ## Local Ubuntu + Nginx Setup ### 1) Local DNS override In `/etc/hosts`, map test tenant domains to your local machine: ```txt 127.0.0.1 ifrap.local tenant1.ifrap.local tenant2.ifrap.local ``` ### 2) Nginx server block Use wildcard host support so tenant subdomains resolve to Laravel: ```nginx server { listen 80; server_name ifrap.local *.ifrap.local; root /var/www/dev.ifrap.com/IFRAP/public; index index.php index.html; location / { try_files $uri $uri/ /index.php?$query_string; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php8.3-fpm.sock; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; include fastcgi_params; } location ~ /\.ht { deny all; } } ``` Reload: ```bash sudo nginx -t && sudo systemctl reload nginx ``` ## Production Checklist 1. Point tenant domain DNS (CNAME/A) to your app target. 2. Add domain to nginx `server_name` (or wildcard strategy). 3. Configure SSL for custom domains (LetsEncrypt/certbot or managed cert). 4. Set production `.env` tenant domain keys. 5. Clear caches: ```bash php artisan optimize:clear ``` 6. Validate route/middleware mapping: ```bash php artisan route:list --name=theme.default.progress --json ``` Expected middleware contains: - `web` - `tenant.resolved` ## Quick Verification Flow 1. Create or update tenant with `custom_domain`. 2. Run `Check Domain` button in onboarding/projects UI. 3. Open `https:///progress`. 4. Confirm page loads tenant data (not central dashboard/login). 5. Open unknown domain pointed to app and confirm 404 response.