Skip to main content
Skip to main content

Zerops subdomain, custom domains & IP access

Zerops offers 3 different ways how to access your application from the internet:

Public access through zerops.app subdomain

By default, your runtime service is not publicly accessible. To test your application, you can enable public access through zerops.app subdomain. Go to the service detail page in Zerops GUI and select Public access & internal ports in the left menu. Then toggle the Zerops subdomain access switch. Zerops will assign the unique zerops.app subdomain for your application. If you have defined more internal ports with http support in your zerops.yml, Zerops will create the unique zerops.app subdomain for each port. Learn more about how to define internal ports for your runtime:

image

Use the https:// protocol to access your application through zerops.app subdomain, Zerops manages the SSL certificate for you. A central Zerops http balancer is used to terminate the SSL connection. The traffic is then redirected to your application on the http:// protocol.

Caution

Do not use the zerops.app subdomain for production. The traffic is limited by the central https balancer that is shared with other Zerops projects and will always create a bottleneck that prevents your application to scale. The maximum upload limit for zerops.app subdomain is 20 MB.

Public access through your domain

By default, your runtime service is not publicly accessible. When your application is ready for production or if you want to test it on the production domain, configure the public access through your domain.

Go to the service detail page in Zerops GUI and select Public access & internal ports in the left menu. Click on the Setup first domain access button.

image

Public IPv4 address

To access your runtime service through your domain you will need a public IPv4 address. The public IPv4 address is dedicated for your project and costs $3 for each 30 days. To enable the public IPv4 address click on the activate button. Once the public IPv4 address is active, you can configure the public access through your domain for your runtime application. If you have multiple runtime applications in the same project, they will share the same public IPv4 address. You can't purchase more than one public IPv4 address for your project.

Caution

You cannot purchase the public IPv4 for your promo credit. Top up your credit to purchase your first IPv4 address.

The public IPv4 subscription is automatically renewed after 30 days and the $3 fee is deducted from your credit on the renewal date. If you delete the project with an active public IPv4, the fee for the public IPv4 is not refunded but you can use the same IPv4 for another project for free until the end of the subscription.

Public IPv6 address

Zerops assigns one dedicated public IPv6 address to each project. The public IPv6 address is free of charge. The public IPv6 address is active when you enable a public domain access for your first runtime service. You cannot add multiple public IPv6 addresses to your project.

If you are sure that your users have the IPv6 connection to the internet, you can use only the public IPv6 address to access your application through your domain.

Configure public http routing

image

To configure the public http routing go to the service detail page in Zerops GUI and select Public access & internal ports in the left menu. Click on the Setup first domain access button.

Follow these steps:

  1. Enter your domain name e.g. mydomain.com to the domains input. You can enter a subdomain e.g. app.mydomain.com, the level of your subdomain is not limited. If you have multiple domains and you want to set the identical routing for them, for example if you have multiple domains for different languages, add them to the input.
  2. If you don't want Zerops to install and maintain the Let's Encrypt SSL certificate for your domain(s), disable the Automatically install SSL certificates switch. The SSL certificate installed by Zerops is free of charge.
  3. Add one or more routing configurations. Each routing configuration has 2 settings: The source in the form of a public path (the part of the URL after your domain(s)) and the destination where you choose to which application and internal port you want to redirect the incoming traffic from the defined source.
Tip

You can change these settings any time.

How to configure your domain DNS

Your domain DNS settings cannot be changed in Zerops GUI. Go to your domain registrar and configure following DNS records:

  • Point the A record to your project public IPv4 address.
  • Point the AAAA record to your project public IPv6 address.

After the TTL of your domain's DNS expires, your application in Zerops will be accessible through your domain.

HTTPS

If you have enabled the Let's Encrypt certificate for your domain(s), use the https:// protocol to access your application through your domain. Zerops instals and renews the SSL certificate for you. A dedicated https balancer is installed to your project and Zerops redirect all the traffic that is coming through your project's public IPv4 and IPv6 address to the https balancer.

The https balancer redirects the traffic to the specific service and its internal port based on the public http routing configuration. The SSL certificate is installed in the https balancer and it's where the https:// connection is terminated. The traffic is then redirected to your service on the http:// protocol.

Thanks to this solution, the SSL certificate is separated from your application environment and all the internal traffic in your project private network uses the http:// protocol.

You cannot install your own SSL certificate or otherwise modify the project https balancer rules directly.

The project https balancer is always installed in 2 containers to ensure the redundancy. Zerops scales both https balancer containers vertically based on the current traffic.

The project https balancer is free of charge.

Open a public port for a non http(s) communication

By default, your runtime service is not publicly accessible. If your application uses a non http(s) communication, open a public port to access your application from the internet.

Go to the service detail page in Zerops GUI and select Public access & internal ports in the left menu. Click on the Setup first access through IPv6.

image

You can open any public port from the range 10 - 65435 except 80 and 443. Ports 80 and 443 are dedicated for the http(s) routing. Set the destination for the public port: choose a runtime service and its internal port.

Info

You can open multiple public ports. If needed you set the same destination for different public ports.

Enable firewall

Optionally enable the firewall on the public port:

image

Choose the firewall policy type: Blacklist or whitelist.

If you select blacklist, enter one or more IP addresses or IP ranges that will be blacklisted on the firewall. If you select whitelist, enter one or more IP addresses or IP ranges that will be whitelisted on the firewall.

If you don't specify the range, Zerops adds the single IP address to the firewall. If the range is specified, the IP range that begins on the entered IP address is added to the firewall.

Tip

You can change these settings any time.

Public IPv4 address

You can open one or more public ports on the public IPv4 or IPv6 address. Zerops assigns one dedicated public IPv6 address to each project. The public IPv6 address is free of charge.

Before you can open a public port on a public IPv4 address you need to purchase an IPv4 address. The public IPv4 address is dedicated to your project and costs $3 for each 30 days. To enable the public IPv4 address click on the activate button. Once the public IPv4 address is active, you can open one or more public ports on the IPv4 address assigned to your project. You can't purchase more than one public IPv4 address for your project.

Info

The list of opened public ports on the IPv4 address is independent of the list of opened public ports on the IPv6 address.