Support custom domains across all running instances of Altis local-server

[shadyvb]

Context

Altis recently introduced custom SSL certificate generation capabilities, but with the limitation of supporting custom (sub)domains for one running instance, mainly the last one that invokes the generation process, because that one has access to custom domains set in that project configuration, but not to custom domains configured in any other running instance.

The only reason this process would work with non-custom (sub)domains on other instances, is that we always include *.altis.dev which is the default domain name for Altis local-server.

Solution

Step 1 - Expose custom domains

Since we don't have access to Altis configuration of other projects, we'll need all projects to announce the domains they use so any instance with access to Docker can aggregate all the custom domains used by all running instances.

The initial work has prepped for this, so Altis now attaches custom domains used by each container via a label called traefik.domain, in a comma-separated format.

Step 2 - Collect custom domains from all running instances

Querying the label referenced to above can be done via something like:
docker ps -q --filter 'label=traefik.domain' | xargs -I{} docker inspect {} --format='{{index .Config.Labels "traefik.domain"}}'

That queries all instances with traefik.domain label, and aggregates it, so it can be parsed and use while generating the SSL certificate Traefik uses for all instances ( hint: only one traefik instance manages connections to ALL running local-server instances ).

We might need to offload the SSL generation process to Traefik itself, so we don't generate different certificates within each local-server instance while it's the generic Traefik instance that uses it.. needs a bit more research on the best approach.

Step 3 - Generating the SSL certificate

That should be straight-forward once the domains are there, using the same commands that's being used now.

Acceptance criteria

• Multiple running instances of Altis local-server can use custom (sub)domains using HTTPS.

Testing steps

• Set up two new product development environment in separate folders, do not start either environment just yet
• Use documentation to set up custom domains for both installations, eg test1.local and test2.local respectively
• Start the first environment, ensure that the site is working properly under HTTPS scheme with an automatically trusted certificate
• Start the second environment, ensure that the site is working properly under HTTPS scheme with an automatically trusted certificate
• Ensure that both sites are working properly under HTTPS scheme with an automatically trusted certificate
• Bring down both environments
• Setup a third product development environment in a new folder, choose a custom domain of test3.local, start the environment, ensure it works under HTTPS as expected
• Start the first two environments, ensure that all three sites are working under HTTPS as expected
• [ ]

[veselala]

Hey team! Please add your planning poker estimate with ZenHub @mikelittle @robindevitt @roborourke @shadyvb

[veselala]

@shadyvb will add some documentation and testing steps