Skip to main content
Skip to main content
🚧 Work in Progress

Zerops Domain & Access Configuration

Zerops provides three ways to make your application accessible from the internet:

Each method serves different needs and comes with its own configuration options.

Note

By default, your runtime service is not publicly accessible until you configure one of these methods.

Public Access Through Zerops Subdomain​

For development and testing purposes, Zerops offers a quick way to make your application accessible through a .zerops.app subdomain. This option requires minimal configuration and includes automatic SSL certificate management.

Configuration Steps​

  1. Navigate to your service detail page in Zerops GUI
  2. Select Public access & internal ports from the left menu
  3. Toggle the Zerops subdomain access switch

Public Access

Once enabled, Zerops assigns a unique subdomain for your application. If you've defined multiple internal ports with HTTP support in your zerops.yml, each port receives its own unique .zerops.app subdomain.

Configure internal ports for your Runtime

Technical Details​

When using Zerops subdomains:

  • Access your application using the https:// protocol (Zerops automatically manages SSL certificates)
  • Traffic flows through a central HTTP balancer that:
    • Terminates SSL connections
    • Forwards requests to your application via HTTP
    • Handles all security certificates
Production Limitations
  • The central HTTPS balancer is shared across all Zerops projects, which creates a scalability bottleneck
  • Maximum upload size is limited to 50MB
  • Not recommended for production traffic

Public Access Through Your Domain​

When your application is ready for production or you need to test with your actual domain, configure custom domain access. This method provides better performance, scalability, and full control over your domain settings.

Public Access

IP Address Configuration​

Before setting up domain access, you'll need public IP addresses. Zerops offers the following IP options:

IPv4 Options​

Dedicated IPv4 Address ($3/30 days)​
  • Dedicated to your project and shared across all project services
  • One IPv4 address per project limit
  • Protects against blacklisting risks associated with shared IPs
  • Subscription automatically renews every 30 days (cannot be purchased with promo credit)
    • Fee is non-refundable but address can be reused in another project until subscription ends
  • Recommended for production workloads
Shared IPv4 Address (Free)​
  • Available at no cost
  • Shared across all Zerops users and their projects
  • Limitations:
    • Restricted number of open connections
    • Shorter connection timeouts
  • Not recommended for production use

IPv6 Address (Free)​

  • Dedicated to your project and shared across all project services
  • One IPv6 address per project limit
  • Automatically activated with first domain setup
  • Available for all projects at no additional cost
Tip

Since IPv6 support is not universal, using both IPv4 and IPv6 is recommended for maximum accessibility.

Configuring HTTP Routing​

To set up domain access:

  1. Go to your service detail in Zerops GUI and select Public access & internal ports
  2. Click Setup first domain access
  3. Configure your domain settings:
    • Enter domain names (e.g., mydomain.com, app.mydomain.com)
    • Add multiple domains if needed (useful for multi-language sites)
    • Choose SSL certificate management
  4. Define routing rules:
    • Source: The public path (the part of URL after your domain)
    • Destination: Choose which application and internal port receives the traffic
    • Add multiple routing configurations as needed

All settings can be modified later as your needs change.

DNS Configuration​

After setting up domain access in Zerops, you'll need to configure your DNS records with your domain registrar.

For detailed instructions on DNS configuration, including specific implementation details for Cloudflare, please refer to the DNS and Proxy Setup guide.

HTTPS Configuration​

When using Let's Encrypt certificates (recommended):

Certificate Management​

  • Zerops handles all certificate installation and renewal
  • Certificates are free of charge
  • No manual certificate management required

Traffic Flow​

  1. Traffic arrives at your public IPv4/IPv6 addresses
  2. Requests route through your project's dedicated HTTPS balancer
  3. SSL termination occurs at the balancer level
  4. Internal traffic uses HTTP protocol for optimal performance

Balancer Architecture​

  • Deployed in two containers for redundancy
  • Scales vertically based on traffic demands
  • Cannot be directly modified
  • Included free of charge

Opening Public Ports​

For applications requiring direct port access or non-HTTP protocols, Zerops provides flexible port configuration options.

Public Access Port

Port Configuration​

  1. Navigate to service detail page in Zerops GUI, select Public access & internal ports and click Setup first access through IPv6 or activate Unique IPv4 add-on
  2. Configure your port settings:
    • Choose any port from 10-65435 (except 80 and 443)
    • Select destination service and internal port
    • Each public port can be mapped to any internal service port
    • Multiple public ports can point to the same internal port if needed
    • Port configurations can be set independently for IPv4 and IPv6

Firewall Configuration​

Optionally secure your ports with firewall rules:

  1. Enable firewall for specific ports
  2. Choose policy type:
    • Blacklist: Block specific IPs/ranges
    • Whitelist: Allow only specific IPs/ranges
  3. Configure IP rules:
    • Single IP format affects only the specific IP
    • IP range format affects all IPs in that CIDR range

Enable Firewall