admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat(workspace): add support for custom domain status toggle (#10114)

Browse Source 
Introduce isCustomDomainEnabled field in Workspace entity to manage
custom domain activation. Update related services, types, and logic to
validate and toggle the custom domain's status dynamically based on its
current state. This ensures accurate domain configurations are reflected
across the system.

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
This commit is contained in:
Antoine Moreaux
2025-02-13 16:01:33 +01:00
committed by GitHub
parent b67e850011
commit 8a425456f2
45 changed files with 1320 additions and 352 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
packages/twenty-server/src/engine/core-modules/domain-manager/controllers/cloudflare.controller.ts Normal file
View File

@ -0,0 +1,90 @@
/* @license Enterprise */
import {
Controller,
Post,
Req,
Res,
UseFilters,
UseGuards,
} from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import { Response, Request } from 'express';
import { Repository } from 'typeorm';
import { AuthRestApiExceptionFilter } from 'src/engine/core-modules/auth/filters/auth-rest-api-exception.filter';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/services/domain-manager.service';
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
import {
DomainManagerException,
DomainManagerExceptionCode,
} from 'src/engine/core-modules/domain-manager/domain-manager.exception';
import { handleException } from 'src/engine/core-modules/exception-handler/http-exception-handler.service';
import { ExceptionHandlerService } from 'src/engine/core-modules/exception-handler/exception-handler.service';
import { CloudflareSecretMatchGuard } from 'src/engine/core-modules/domain-manager/guards/cloudflare-secret.guard';
import { CustomDomainService } from 'src/engine/core-modules/domain-manager/services/custom-domain.service';
@Controller('cloudflare')
@UseFilters(AuthRestApiExceptionFilter)
export class CloudflareController {
constructor(
@InjectRepository(Workspace, 'core')
protected readonly workspaceRepository: Repository<Workspace>,
private readonly domainManagerService: DomainManagerService,
private readonly customDomainService: CustomDomainService,
private readonly exceptionHandlerService: ExceptionHandlerService,
) {}
@Post('custom-hostname-webhooks')
@UseGuards(CloudflareSecretMatchGuard)
async customHostnameWebhooks(@Req() req: Request, @Res() res: Response) {
if (!req.body?.data?.data?.hostname) {
handleException(
new DomainManagerException(
'Hostname missing',
DomainManagerExceptionCode.INVALID_INPUT_DATA,
),
this.exceptionHandlerService,
);
return res.status(200).send();
}
const workspace = await this.workspaceRepository.findOneBy({
customDomain: req.body.data.data.hostname,
});
if (!workspace) return;
const customDomainDetails =
await this.customDomainService.getCustomDomainDetails(
req.body.data.data.hostname,
);
const workspaceUpdated: Partial<Workspace> = {
customDomain: workspace.customDomain,
};
if (!customDomainDetails && workspace) {
workspaceUpdated.customDomain = null;
}
workspaceUpdated.isCustomDomainEnabled = customDomainDetails
? this.domainManagerService.isCustomDomainWorking(customDomainDetails)
: false;
if (
workspaceUpdated.isCustomDomainEnabled !==
workspace.isCustomDomainEnabled ||
workspaceUpdated.customDomain !== workspace.customDomain
) {
await this.workspaceRepository.save({
...workspace,
...workspaceUpdated,
});
}
return res.status(200).send();
}
}

210
packages/twenty-server/src/engine/core-modules/domain-manager/controllers/cloudflare.spec.ts Normal file
View File

@ -0,0 +1,210 @@
import { Test, TestingModule } from '@nestjs/testing';
import { getRepositoryToken } from '@nestjs/typeorm';
import { Repository } from 'typeorm';
import { Request, Response } from 'express';
import { CloudflareController } from 'src/engine/core-modules/domain-manager/controllers/cloudflare.controller';
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/services/domain-manager.service';
import { ExceptionHandlerService } from 'src/engine/core-modules/exception-handler/exception-handler.service';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { HttpExceptionHandlerService } from 'src/engine/core-modules/exception-handler/http-exception-handler.service';
import { CustomDomainValidRecords } from 'src/engine/core-modules/domain-manager/dtos/custom-domain-valid-records';
import { CustomDomainService } from 'src/engine/core-modules/domain-manager/services/custom-domain.service';
describe('CloudflareController - customHostnameWebhooks', () => {
let controller: CloudflareController;
let WorkspaceRepository: Repository<Workspace>;
let environmentService: EnvironmentService;
let domainManagerService: DomainManagerService;
let customDomainService: CustomDomainService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
controllers: [CloudflareController],
providers: [
{
provide: getRepositoryToken(Workspace, 'core'),
useValue: {
findOneBy: jest.fn(),
save: jest.fn(),
},
},
{
provide: DomainManagerService,
useValue: {
isCustomDomainWorking: jest.fn(),
},
},
{
provide: CustomDomainService,
useValue: {
getCustomDomainDetails: jest.fn(),
},
},
{
provide: HttpExceptionHandlerService,
useValue: {
handleError: jest.fn(),
},
},
{
provide: ExceptionHandlerService,
useValue: {
captureExceptions: jest.fn(),
},
},
{
provide: EnvironmentService,
useValue: {
get: jest.fn(),
},
},
],
}).compile();
controller = module.get<CloudflareController>(CloudflareController);
WorkspaceRepository = module.get(getRepositoryToken(Workspace, 'core'));
environmentService = module.get<EnvironmentService>(EnvironmentService);
domainManagerService =
module.get<DomainManagerService>(DomainManagerService);
customDomainService = module.get<CustomDomainService>(CustomDomainService);
});
it('should handle exception and return status 200 if hostname is missing', async () => {
const req = {
headers: { 'cf-webhook-auth': 'correct-secret' },
body: { data: { data: {} } },
} as unknown as Request;
const sendMock = jest.fn();
const res = {
status: jest.fn().mockReturnThis(),
send: sendMock,
} as unknown as Response;
jest.spyOn(environmentService, 'get').mockReturnValue('correct-secret');
await controller.customHostnameWebhooks(req, res);
expect(res.status).toHaveBeenCalledWith(200);
expect(sendMock).toHaveBeenCalled();
});
it('should update workspace for a valid hostname and save changes', async () => {
const req = {
headers: { 'cf-webhook-auth': 'correct-secret' },
body: { data: { data: { hostname: 'example.com' } } },
} as unknown as Request;
const sendMock = jest.fn();
const res = {
status: jest.fn().mockReturnThis(),
send: sendMock,
} as unknown as Response;
jest.spyOn(environmentService, 'get').mockReturnValue('correct-secret');
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValue({
records: [
{
success: true,
},
],
} as unknown as CustomDomainValidRecords);
jest
.spyOn(domainManagerService, 'isCustomDomainWorking')
.mockReturnValue(true);
jest.spyOn(WorkspaceRepository, 'findOneBy').mockResolvedValue({
customDomain: 'example.com',
isCustomDomainEnabled: false,
} as Workspace);
await controller.customHostnameWebhooks(req, res);
expect(WorkspaceRepository.findOneBy).toHaveBeenCalledWith({
customDomain: 'example.com',
});
expect(customDomainService.getCustomDomainDetails).toHaveBeenCalledWith(
'example.com',
);
expect(WorkspaceRepository.save).toHaveBeenCalledWith({
customDomain: 'example.com',
isCustomDomainEnabled: true,
});
expect(res.status).toHaveBeenCalledWith(200);
expect(sendMock).toHaveBeenCalled();
});
it('should remove customDomain if no hostname found', async () => {
const req = {
headers: { 'cf-webhook-auth': 'correct-secret' },
body: { data: { data: { hostname: 'notfound.com' } } },
} as unknown as Request;
const sendMock = jest.fn();
const res = {
status: jest.fn().mockReturnThis(),
send: sendMock,
} as unknown as Response;
jest.spyOn(environmentService, 'get').mockReturnValue('correct-secret');
jest.spyOn(WorkspaceRepository, 'findOneBy').mockResolvedValue({
customDomain: 'notfound.com',
isCustomDomainEnabled: true,
} as Workspace);
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValue(undefined);
await controller.customHostnameWebhooks(req, res);
expect(WorkspaceRepository.findOneBy).toHaveBeenCalledWith({
customDomain: 'notfound.com',
});
expect(WorkspaceRepository.save).toHaveBeenCalledWith({
customDomain: null,
isCustomDomainEnabled: false,
});
expect(res.status).toHaveBeenCalledWith(200);
expect(sendMock).toHaveBeenCalled();
});
it('should do nothing if nothing changes', async () => {
const req = {
headers: { 'cf-webhook-auth': 'correct-secret' },
body: { data: { data: { hostname: 'nothing-change.com' } } },
} as unknown as Request;
const sendMock = jest.fn();
const res = {
status: jest.fn().mockReturnThis(),
send: sendMock,
} as unknown as Response;
jest.spyOn(environmentService, 'get').mockReturnValue('correct-secret');
jest.spyOn(WorkspaceRepository, 'findOneBy').mockResolvedValue({
customDomain: 'nothing-change.com',
isCustomDomainEnabled: true,
} as Workspace);
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValue({
records: [
{
success: true,
},
],
} as unknown as CustomDomainValidRecords);
jest
.spyOn(domainManagerService, 'isCustomDomainWorking')
.mockReturnValue(true);
await controller.customHostnameWebhooks(req, res);
expect(WorkspaceRepository.findOneBy).toHaveBeenCalledWith({
customDomain: 'nothing-change.com',
});
expect(WorkspaceRepository.save).not.toHaveBeenCalled();
expect(res.status).toHaveBeenCalledWith(200);
expect(sendMock).toHaveBeenCalled();
});
});

1
packages/twenty-server/src/engine/core-modules/domain-manager/domain-manager.exception.ts
View File

@ -10,4 +10,5 @@ export enum DomainManagerExceptionCode {
CLOUDFLARE_CLIENT_NOT_INITIALIZED = 'CLOUDFLARE_CLIENT_NOT_INITIALIZED',
HOSTNAME_ALREADY_REGISTERED = 'HOSTNAME_ALREADY_REGISTERED',
SUBDOMAIN_REQUIRED = 'SUBDOMAIN_REQUIRED',
INVALID_INPUT_DATA = 'INVALID_INPUT_DATA',
}

7
packages/twenty-server/src/engine/core-modules/domain-manager/domain-manager.module.ts
View File

@ -3,10 +3,13 @@ import { TypeOrmModule } from '@nestjs/typeorm';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/services/domain-manager.service';
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
import { CloudflareController } from 'src/engine/core-modules/domain-manager/controllers/cloudflare.controller';
import { CustomDomainService } from 'src/engine/core-modules/domain-manager/services/custom-domain.service';
@Module({
imports: [TypeOrmModule.forFeature([Workspace], 'core')],
providers: [DomainManagerService],
exports: [DomainManagerService],
providers: [DomainManagerService, CustomDomainService],
exports: [DomainManagerService, CustomDomainService],
controllers: [CloudflareController],
})
export class DomainManagerModule {}

6
packages/twenty-server/src/engine/core-modules/domain-manager/domain-manager.type.ts Normal file
View File

@ -0,0 +1,6 @@
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
export type WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType = Pick<
Workspace,
'subdomain' | 'customDomain' | 'isCustomDomainEnabled'
>;

8
packages/twenty-server/src/engine/core-modules/domain-manager/dtos/custom-domain-details.ts → packages/twenty-server/src/engine/core-modules/domain-manager/dtos/custom-domain-valid-records.ts
View File

@ -1,7 +1,7 @@
import { Field, ObjectType } from '@nestjs/graphql';
@ObjectType()
class CustomDomainVerification {
class CustomDomainRecord {
@Field(() => String)
validationType: 'ownership' | 'ssl' | 'redirection';
@ -19,13 +19,13 @@ class CustomDomainVerification {
}
@ObjectType()
export class CustomDomainDetails {
export class CustomDomainValidRecords {
@Field(() => String)
id: string;
@Field(() => String)
customDomain: string;
@Field(() => [CustomDomainVerification])
records: Array<CustomDomainVerification>;
@Field(() => [CustomDomainRecord])
records: Array<CustomDomainRecord>;
}

38
packages/twenty-server/src/engine/core-modules/domain-manager/guards/cloudflare-secret.guard.ts Normal file
View File

@ -0,0 +1,38 @@
/* @license Enterprise */
import { CanActivate, ExecutionContext, Injectable } from '@nestjs/common';
import { timingSafeEqual } from 'crypto';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
@Injectable()
export class CloudflareSecretMatchGuard implements CanActivate {
constructor(private readonly environmentService: EnvironmentService) {}
canActivate(context: ExecutionContext): boolean {
try {
const request = context.switchToHttp().getRequest<Request>();
const cloudflareWebhookSecret = this.environmentService.get(
'CLOUDFLARE_WEBHOOK_SECRET',
);
if (
!cloudflareWebhookSecret ||
(cloudflareWebhookSecret &&
(typeof request.headers['cf-webhook-auth'] === 'string' ||
timingSafeEqual(
Buffer.from(request.headers['cf-webhook-auth']),
Buffer.from(cloudflareWebhookSecret),
)))
) {
return true;
}
return false;
} catch (err) {
return false;
}
}
}

65
packages/twenty-server/src/engine/core-modules/domain-manager/guards/cloudflare-secret.spec.ts Normal file
View File

@ -0,0 +1,65 @@
import { ExecutionContext } from '@nestjs/common';
import * as crypto from 'crypto';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { CloudflareSecretMatchGuard } from './cloudflare-secret.guard';
describe('CloudflareSecretMatchGuard.canActivate', () => {
let guard: CloudflareSecretMatchGuard;
let environmentService: EnvironmentService;
beforeEach(() => {
environmentService = {
get: jest.fn(),
} as unknown as EnvironmentService;
guard = new CloudflareSecretMatchGuard(environmentService);
});
it('should return true when the webhook secret matches', () => {
const mockRequest = { headers: { 'cf-webhook-auth': 'valid-secret' } };
jest.spyOn(environmentService, 'get').mockReturnValue('valid-secret');
const mockContext = {
switchToHttp: () => ({
getRequest: () => mockRequest,
}),
} as unknown as ExecutionContext;
jest.spyOn(crypto, 'timingSafeEqual').mockReturnValue(true);
expect(guard.canActivate(mockContext)).toBe(true);
});
it('should return true when env is not set', () => {
const mockRequest = { headers: { 'cf-webhook-auth': 'valid-secret' } };
jest.spyOn(environmentService, 'get').mockReturnValue(undefined);
const mockContext = {
switchToHttp: () => ({
getRequest: () => mockRequest,
}),
} as unknown as ExecutionContext;
jest.spyOn(crypto, 'timingSafeEqual').mockReturnValue(true);
expect(guard.canActivate(mockContext)).toBe(true);
});
it('should return false if an error occurs', () => {
const mockRequest = { headers: {} };
jest.spyOn(environmentService, 'get').mockReturnValue('valid-secret');
const mockContext = {
switchToHttp: () => ({
getRequest: () => mockRequest,
}),
} as unknown as ExecutionContext;
expect(guard.canActivate(mockContext)).toBe(false);
});
});

271
packages/twenty-server/src/engine/core-modules/domain-manager/services/custom-domain.service.spec.ts Normal file
View File

@ -0,0 +1,271 @@
import { Test, TestingModule } from '@nestjs/testing';
import { CustomHostnameCreateResponse } from 'cloudflare/resources/custom-hostnames/custom-hostnames';
import Cloudflare from 'cloudflare';
import { CustomDomainService } from 'src/engine/core-modules/domain-manager/services/custom-domain.service';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/services/domain-manager.service';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { DomainManagerException } from 'src/engine/core-modules/domain-manager/domain-manager.exception';
jest.mock('cloudflare');
describe('CustomDomainService', () => {
let customDomainService: CustomDomainService;
let environmentService: EnvironmentService;
let domainManagerService: DomainManagerService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
CustomDomainService,
{
provide: EnvironmentService,
useValue: {
get: jest.fn(),
},
},
{
provide: DomainManagerService,
useValue: {
getFrontUrl: jest.fn(),
},
},
],
}).compile();
customDomainService = module.get<CustomDomainService>(CustomDomainService);
environmentService = module.get<EnvironmentService>(EnvironmentService);
domainManagerService =
module.get<DomainManagerService>(DomainManagerService);
(customDomainService as any).cloudflareClient = {
customHostnames: {
list: jest.fn(),
create: jest.fn(),
},
};
jest.clearAllMocks();
});
it('should initialize cloudflareClient when CLOUDFLARE_API_KEY is defined', () => {
const mockApiKey = 'test-api-key';
jest.spyOn(environmentService, 'get').mockReturnValue(mockApiKey);
const instance = new CustomDomainService(environmentService, {} as any);
expect(environmentService.get).toHaveBeenCalledWith('CLOUDFLARE_API_KEY');
expect(Cloudflare).toHaveBeenCalledWith({ apiToken: mockApiKey });
expect(instance.cloudflareClient).toBeDefined();
});
describe('registerCustomDomain', () => {
it('should throw an error when the hostname is already registered', async () => {
const customDomain = 'example.com';
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValueOnce({} as any);
await expect(
customDomainService.registerCustomDomain(customDomain),
).rejects.toThrow(DomainManagerException);
expect(customDomainService.getCustomDomainDetails).toHaveBeenCalledWith(
customDomain,
);
});
it('should register a custom domain successfully', async () => {
const customDomain = 'example.com';
const createMock = jest.fn().mockResolvedValueOnce({});
const cloudflareMock = {
customHostnames: {
create: createMock,
},
};
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValueOnce(undefined);
jest.spyOn(environmentService, 'get').mockReturnValue('test-zone-id');
(customDomainService as any).cloudflareClient = cloudflareMock;
await customDomainService.registerCustomDomain(customDomain);
expect(createMock).toHaveBeenCalledWith({
zone_id: 'test-zone-id',
hostname: customDomain,
ssl: expect.any(Object),
});
});
});
describe('getCustomDomainDetails', () => {
it('should return undefined if no custom domain details are found', async () => {
const customDomain = 'example.com';
const cloudflareMock = {
customHostnames: {
list: jest.fn().mockResolvedValueOnce({ result: [] }),
},
};
jest.spyOn(environmentService, 'get').mockReturnValue('test-zone-id');
(customDomainService as any).cloudflareClient = cloudflareMock;
const result =
await customDomainService.getCustomDomainDetails(customDomain);
expect(result).toBeUndefined();
expect(cloudflareMock.customHostnames.list).toHaveBeenCalledWith({
zone_id: 'test-zone-id',
hostname: customDomain,
});
});
it('should return domain details if a single result is found', async () => {
const customDomain = 'example.com';
const mockResult = {
id: 'custom-id',
hostname: customDomain,
ownership_verification: {
type: 'txt',
name: 'ownership',
value: 'value',
},
ssl: {
validation_records: [{ txt_name: 'ssl', txt_value: 'validation' }],
},
verification_errors: [],
};
const cloudflareMock = {
customHostnames: {
list: jest.fn().mockResolvedValueOnce({ result: [mockResult] }),
},
};
jest.spyOn(environmentService, 'get').mockReturnValue('test-zone-id');
jest
.spyOn(domainManagerService, 'getFrontUrl')
.mockReturnValue(new URL('https://front.domain'));
(customDomainService as any).cloudflareClient = cloudflareMock;
const result =
await customDomainService.getCustomDomainDetails(customDomain);
expect(result).toEqual({
id: 'custom-id',
customDomain: customDomain,
records: expect.any(Array),
});
});
it('should throw an error if multiple results are found', async () => {
const customDomain = 'example.com';
const cloudflareMock = {
customHostnames: {
list: jest.fn().mockResolvedValueOnce({ result: [{}, {}] }),
},
};
jest.spyOn(environmentService, 'get').mockReturnValue('test-zone-id');
(customDomainService as any).cloudflareClient = cloudflareMock;
await expect(
customDomainService.getCustomDomainDetails(customDomain),
).rejects.toThrow(Error);
});
});
describe('updateCustomDomain', () => {
it('should update a custom domain and register a new one', async () => {
const fromHostname = 'old.com';
const toHostname = 'new.com';
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValueOnce({ id: 'old-id' } as any);
jest
.spyOn(customDomainService, 'deleteCustomHostname')
.mockResolvedValueOnce(undefined);
const registerSpy = jest
.spyOn(customDomainService, 'registerCustomDomain')
.mockResolvedValueOnce({} as unknown as CustomHostnameCreateResponse);
await customDomainService.updateCustomDomain(fromHostname, toHostname);
expect(customDomainService.getCustomDomainDetails).toHaveBeenCalledWith(
fromHostname,
);
expect(customDomainService.deleteCustomHostname).toHaveBeenCalledWith(
'old-id',
);
expect(registerSpy).toHaveBeenCalledWith(toHostname);
});
});
describe('deleteCustomHostnameByHostnameSilently', () => {
it('should delete the custom hostname silently', async () => {
const customDomain = 'example.com';
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockResolvedValueOnce({ id: 'custom-id' } as any);
const deleteMock = jest.fn();
const cloudflareMock = {
customHostnames: {
delete: deleteMock,
},
};
jest.spyOn(environmentService, 'get').mockReturnValue('test-zone-id');
(customDomainService as any).cloudflareClient = cloudflareMock;
await expect(
customDomainService.deleteCustomHostnameByHostnameSilently(
customDomain,
),
).resolves.toBeUndefined();
expect(deleteMock).toHaveBeenCalledWith('custom-id', {
zone_id: 'test-zone-id',
});
});
it('should silently handle errors', async () => {
const customDomain = 'example.com';
jest
.spyOn(customDomainService, 'getCustomDomainDetails')
.mockRejectedValueOnce(new Error('Failure'));
await expect(
customDomainService.deleteCustomHostnameByHostnameSilently(
customDomain,
),
).resolves.toBeUndefined();
});
});
describe('isCustomDomainWorking', () => {
it('should return true if all records have success status', () => {
const customDomainDetails = {
records: [{ status: 'success' }, { status: 'success' }],
} as any;
expect(
customDomainService.isCustomDomainWorking(customDomainDetails),
).toBe(true);
});
it('should return false if any record does not have success status', () => {
const customDomainDetails = {
records: [{ status: 'success' }, { status: 'pending' }],
} as any;
expect(
customDomainService.isCustomDomainWorking(customDomainDetails),
).toBe(false);
});
});
});

179
packages/twenty-server/src/engine/core-modules/domain-manager/services/custom-domain.service.ts Normal file
View File

@ -0,0 +1,179 @@
/* @license Enterprise */
import { Injectable } from '@nestjs/common';
import Cloudflare from 'cloudflare';
import { isDefined } from 'twenty-shared';
import {
DomainManagerException,
DomainManagerExceptionCode,
} from 'src/engine/core-modules/domain-manager/domain-manager.exception';
import { CustomDomainValidRecords } from 'src/engine/core-modules/domain-manager/dtos/custom-domain-valid-records';
import { domainManagerValidator } from 'src/engine/core-modules/domain-manager/validator/cloudflare.validate';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/services/domain-manager.service';
@Injectable()
export class CustomDomainService {
cloudflareClient?: Cloudflare;
constructor(
private readonly environmentService: EnvironmentService,
private readonly domainManagerService: DomainManagerService,
) {
if (this.environmentService.get('CLOUDFLARE_API_KEY')) {
this.cloudflareClient = new Cloudflare({
apiToken: this.environmentService.get('CLOUDFLARE_API_KEY'),
});
}
}
async registerCustomDomain(customDomain: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
if (isDefined(await this.getCustomDomainDetails(customDomain))) {
throw new DomainManagerException(
'Hostname already registered',
DomainManagerExceptionCode.HOSTNAME_ALREADY_REGISTERED,
);
}
return await this.cloudflareClient.customHostnames.create({
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
hostname: customDomain,
ssl: {
method: 'txt',
type: 'dv',
settings: {
http2: 'on',
min_tls_version: '1.2',
tls_1_3: 'on',
ciphers: ['ECDHE-RSA-AES128-GCM-SHA256', 'AES128-SHA'],
early_hints: 'on',
},
bundle_method: 'ubiquitous',
wildcard: false,
},
});
}
async getCustomDomainDetails(
customDomain: string,
): Promise<CustomDomainValidRecords | undefined> {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
const response = await this.cloudflareClient.customHostnames.list({
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
hostname: customDomain,
});
if (response.result.length === 0) {
return undefined;
}
if (response.result.length === 1) {
return {
id: response.result[0].id,
customDomain: response.result[0].hostname,
records: [
response.result[0].ownership_verification,
...(response.result[0].ssl?.validation_records ?? []),
]
.map<CustomDomainValidRecords['records'][0] | undefined>(
(record: Record<string, string>) => {
if (!record) return;
if (
'txt_name' in record &&
'txt_value' in record &&
record.txt_name &&
record.txt_value
) {
return {
validationType: 'ssl' as const,
type: 'txt' as const,
status: response.result[0].ssl.status ?? 'pending',
key: record.txt_name,
value: record.txt_value,
};
}
if (
'type' in record &&
record.type === 'txt' &&
record.value &&
record.name
) {
return {
validationType: 'ownership' as const,
type: 'txt' as const,
status: response.result[0].status ?? 'pending',
key: record.name,
value: record.value,
};
}
},
)
.filter(isDefined)
.concat([
{
validationType: 'redirection' as const,
type: 'cname' as const,
status:
response.result[0].verification_errors?.[0] ===
'custom hostname does not CNAME to this zone.'
? 'error'
: 'success',
key: response.result[0].hostname,
value: this.domainManagerService.getFrontUrl().hostname,
},
]),
};
}
// should never append. error 5xx
throw new Error('More than one custom hostname found in cloudflare');
}
async updateCustomDomain(fromHostname: string, toHostname: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
const fromCustomHostname = await this.getCustomDomainDetails(fromHostname);
if (fromCustomHostname) {
await this.deleteCustomHostname(fromCustomHostname.id);
}
return this.registerCustomDomain(toHostname);
}
async deleteCustomHostnameByHostnameSilently(customDomain: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
try {
const customHostname = await this.getCustomDomainDetails(customDomain);
if (customHostname) {
await this.cloudflareClient.customHostnames.delete(customHostname.id, {
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
});
}
} catch (err) {
return;
}
}
async deleteCustomHostname(customHostnameId: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
await this.cloudflareClient.customHostnames.delete(customHostnameId, {
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
});
}
isCustomDomainWorking(customDomainDetails: CustomDomainValidRecords) {
return customDomainDetails.records.every(
({ status }) => status === 'success',
);
}
}

13
packages/twenty-server/src/engine/core-modules/domain-manager/services/domain-manager.service.spec.ts
View File

@ -25,6 +25,7 @@ describe('DomainManagerService', () => {
const result = domainManagerService.getWorkspaceUrls({
subdomain: 'subdomain',
customDomain: 'custom-host.com',
isCustomDomainEnabled: true,
});
expect(result).toEqual({
@ -47,7 +48,8 @@ describe('DomainManagerService', () => {
const result = domainManagerService.getWorkspaceUrls({
subdomain: 'subdomain',
customDomain: undefined,
customDomain: null,
isCustomDomainEnabled: false,
});
expect(result).toEqual({
@ -155,7 +157,8 @@ describe('DomainManagerService', () => {
const result = domainManagerService.buildWorkspaceURL({
workspace: {
subdomain: 'test',
customDomain: undefined,
customDomain: null,
isCustomDomainEnabled: false,
},
});
@ -177,7 +180,8 @@ describe('DomainManagerService', () => {
const result = domainManagerService.buildWorkspaceURL({
workspace: {
subdomain: 'test',
customDomain: undefined,
customDomain: null,
isCustomDomainEnabled: false,
},
pathname: '/path/to/resource',
});
@ -200,7 +204,8 @@ describe('DomainManagerService', () => {
const result = domainManagerService.buildWorkspaceURL({
workspace: {
subdomain: 'test',
customDomain: undefined,
customDomain: null,
isCustomDomainEnabled: false,
},
searchParams: {
foo: 'bar',

206
packages/twenty-server/src/engine/core-modules/domain-manager/services/domain-manager.service.ts
View File

@ -1,37 +1,24 @@
import { Injectable, Logger } from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import Cloudflare from 'cloudflare';
import { Repository } from 'typeorm';
import { isDefined } from 'twenty-shared';
import {
DomainManagerException,
DomainManagerExceptionCode,
} from 'src/engine/core-modules/domain-manager/domain-manager.exception';
import { CustomDomainDetails } from 'src/engine/core-modules/domain-manager/dtos/custom-domain-details';
import { CustomDomainValidRecords } from 'src/engine/core-modules/domain-manager/dtos/custom-domain-valid-records';
import { generateRandomSubdomain } from 'src/engine/core-modules/domain-manager/utils/generate-random-subdomain';
import { getSubdomainFromEmail } from 'src/engine/core-modules/domain-manager/utils/get-subdomain-from-email';
import { getSubdomainNameFromDisplayName } from 'src/engine/core-modules/domain-manager/utils/get-subdomain-name-from-display-name';
import { domainManagerValidator } from 'src/engine/core-modules/domain-manager/validator/cloudflare.validate';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
import { WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType } from 'src/engine/core-modules/domain-manager/domain-manager.type';
@Injectable()
export class DomainManagerService {
cloudflareClient?: Cloudflare;
constructor(
@InjectRepository(Workspace, 'core')
private readonly workspaceRepository: Repository<Workspace>,
private readonly environmentService: EnvironmentService,
) {
if (this.environmentService.get('CLOUDFLARE_API_KEY')) {
this.cloudflareClient = new Cloudflare({
apiToken: this.environmentService.get('CLOUDFLARE_API_KEY'),
});
}
}
) {}
getFrontUrl() {
let baseUrl: URL;
@ -78,7 +65,7 @@ export class DomainManagerService {
}: {
emailVerificationToken: string;
email: string;
workspace: Pick<Workspace, 'subdomain' | 'customDomain'>;
workspace: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType;
}) {
return this.buildWorkspaceURL({
workspace,
@ -92,7 +79,7 @@ export class DomainManagerService {
pathname,
searchParams,
}: {
workspace: Pick<Workspace, 'subdomain' | 'customDomain'>;
workspace: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType;
pathname?: string;
searchParams?: Record<string, string | number>;
}) {
@ -129,7 +116,7 @@ export class DomainManagerService {
isFrontdomain && !this.isDefaultSubdomain(subdomain)
? subdomain
: undefined,
customDomain: isFrontdomain ? undefined : originHostname,
customDomain: isFrontdomain ? null : originHostname,
};
};
@ -147,7 +134,7 @@ export class DomainManagerService {
computeRedirectErrorUrl(
errorMessage: string,
workspace: Pick<Workspace, 'subdomain' | 'customDomain'>,
workspace: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType,
) {
const url = this.buildWorkspaceURL({
workspace,
@ -237,149 +224,6 @@ export class DomainManagerService {
return `${subdomain}${existingWorkspaceCount > 0 ? `-${Math.random().toString(36).substring(2, 10)}` : ''}`;
}
async registerCustomDomain(customDomain: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
if (await this.getCustomDomainDetails(customDomain)) {
throw new DomainManagerException(
'Hostname already registered',
DomainManagerExceptionCode.HOSTNAME_ALREADY_REGISTERED,
);
}
return await this.cloudflareClient.customHostnames.create({
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
hostname: customDomain,
ssl: {
method: 'txt',
type: 'dv',
settings: {
http2: 'on',
min_tls_version: '1.2',
tls_1_3: 'on',
ciphers: ['ECDHE-RSA-AES128-GCM-SHA256', 'AES128-SHA'],
early_hints: 'on',
},
bundle_method: 'ubiquitous',
wildcard: false,
},
});
}
async getCustomDomainDetails(
customDomain: string,
): Promise<CustomDomainDetails | undefined> {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
const response = await this.cloudflareClient.customHostnames.list({
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
hostname: customDomain,
});
if (response.result.length === 0) {
return undefined;
}
if (response.result.length === 1) {
return {
id: response.result[0].id,
customDomain: response.result[0].hostname,
records: [
response.result[0].ownership_verification,
...(response.result[0].ssl?.validation_records ?? []),
]
.map<CustomDomainDetails['records'][0] | undefined>(
(record: Record<string, string>) => {
if (!record) return;
if (
'txt_name' in record &&
'txt_value' in record &&
record.txt_name &&
record.txt_value
) {
return {
validationType: 'ssl' as const,
type: 'txt' as const,
status: response.result[0].ssl.status ?? 'pending',
key: record.txt_name,
value: record.txt_value,
};
}
if (
'type' in record &&
record.type === 'txt' &&
record.value &&
record.name
) {
return {
validationType: 'ownership' as const,
type: 'txt' as const,
status: response.result[0].status ?? 'pending',
key: record.name,
value: record.value,
};
}
},
)
.filter(isDefined)
.concat([
{
validationType: 'redirection' as const,
type: 'cname' as const,
status:
response.result[0].verification_errors?.[0] ===
'custom hostname does not CNAME to this zone.'
? 'error'
: 'success',
key: response.result[0].hostname,
value: this.getFrontUrl().hostname,
},
]),
};
}
// should never append. error 5xx
throw new Error('More than one custom hostname found in cloudflare');
}
async updateCustomDomain(fromHostname: string, toHostname: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
const fromCustomHostname = await this.getCustomDomainDetails(fromHostname);
if (fromCustomHostname) {
await this.deleteCustomHostname(fromCustomHostname.id);
}
return this.registerCustomDomain(toHostname);
}
async deleteCustomHostnameByHostnameSilently(customDomain: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
try {
const customHostname = await this.getCustomDomainDetails(customDomain);
if (customHostname) {
await this.cloudflareClient.customHostnames.delete(customHostname.id, {
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
});
}
} catch (err) {
return;
}
}
async deleteCustomHostname(customHostnameId: string) {
domainManagerValidator.isCloudflareInstanceDefined(this.cloudflareClient);
return this.cloudflareClient.customHostnames.delete(customHostnameId, {
zone_id: this.environmentService.get('CLOUDFLARE_ZONE_ID'),
});
}
private getCustomWorkspaceUrl(customDomain: string) {
const url = this.getFrontUrl();
@ -396,14 +240,42 @@ export class DomainManagerService {
return url.toString();
}
getSubdomainAndCustomDomainFromWorkspaceFallbackOnDefaultSubdomain(
workspace?: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType | null,
) {
if (!workspace) {
return {
subdomain: this.environmentService.get('DEFAULT_SUBDOMAIN'),
customDomain: null,
};
}
if (!workspace.isCustomDomainEnabled) {
return {
subdomain: workspace.subdomain,
customDomain: null,
};
}
return workspace;
}
isCustomDomainWorking(customDomainDetails: CustomDomainValidRecords) {
return customDomainDetails.records.every(
({ status }) => status === 'success',
);
}
getWorkspaceUrls({
subdomain,
customDomain,
}: Pick<Workspace, 'subdomain' | 'customDomain'>) {
isCustomDomainEnabled,
}: WorkspaceSubdomainCustomDomainAndIsCustomDomainEnabledType) {
return {
customUrl: customDomain
? this.getCustomWorkspaceUrl(customDomain)
: undefined,
customUrl:
isCustomDomainEnabled && customDomain
? this.getCustomWorkspaceUrl(customDomain)
: undefined,
subdomainUrl: this.getTwentyWorkspaceUrl(subdomain),
};
}