Skip to content

feat: make hostnames more human-friendly#121

Open
drewr wants to merge 3 commits intomainfrom
feat/human-hostnames
Open

feat: make hostnames more human-friendly#121
drewr wants to merge 3 commits intomainfrom
feat/human-hostnames

Conversation

@drewr
Copy link

@drewr drewr commented Feb 27, 2026
edited
Loading

This replaces the URLs that look like:

3a984120178c42e6b3a06ac72038f1e4.datumproxy.net

With ones that look like:

airport-summit-xbjb7.datumproxy.net
right-local-hgkzc.datumproxy.net
burst-wedding-g69c2.datumproxy.net
rear-engage-h2m72.datumproxy.net
apron-popcorn-ftbtc.datumproxy.net

Note the comment that addresses the uniqueness of the strings:

https://github.com/datum-cloud/network-services-operator/pull/121/changes#diff-18034b184128f2f8ff3eb91d682aa4752f56f5bb5b010762c1239f2980c36440R17-R23

@cla-assistant
Copy link

cla-assistant bot commented Feb 27, 2026
edited
Loading

CLA assistant check
All committers have signed the CLA.

@cla-assistant
Copy link

cla-assistant bot commented Feb 27, 2026

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@drewr drewr mentioned this pull request Feb 27, 2026
Open
26 tasks
@drewr
Copy link
Author

drewr commented Feb 27, 2026

Hold up, got some new test failures.

@drewr
Copy link
Author

drewr commented Feb 27, 2026

The chainsaw tests don't like it, likely because of what @zachsmith1 was telling me privately: a lot depends right now on the hostname matching the gateway UID. He's going to pick this up after he refactors the gateway.

@zachsmith1
Copy link
Contributor

zachsmith1 commented Feb 27, 2026

the built in security mechanism so that users can't create arbitrary hostnames using the shared domain is tightly coupled to the uid of the gateway. if we want to introduce something like this, we'd need to make sure that a gateway reserves a custom hostname (takes ownership over it) and that users can't directly attach any combination of hostnames using the shared domain.

@drewr
Copy link
Author

drewr commented Feb 27, 2026
edited
Loading

How do we guarantee that (users not being able to directly attach hostnames) with the gateway UID?

@zachsmith1
Copy link
Contributor

zachsmith1 commented Feb 27, 2026
edited
Loading

if the hostname prefix doesn't match the gateway uid then its treated like a custom domain and would need to go through the domain verification flow. so in theory users can try to do this today, but we wont program that route downstream for them because they wont have ownership over our shared domain in their project

@drewr
Copy link
Author

drewr commented Feb 27, 2026

OK, makes sense. I think we should consider a schema change that adds a hostname field where we take the UID and send it through the WordsAndEntropy hostname generator, that spits out a unique-but-nicer name that we can bake into the gateway alongside the UID. It's just as unique and immutable.

@zachsmith1
Copy link
Contributor

zachsmith1 commented Feb 27, 2026

true, if we make the default https loop use that to confirm its an allowed hostname that could work

@drewr drewr mentioned this pull request Feb 27, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@scotwells scotwells Awaiting requested review from scotwells

@zachsmith1 zachsmith1 Awaiting requested review from zachsmith1

At least 1 approving review is required to merge this pull request.

Assignees

@zachsmith1 zachsmith1

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@drewr @zachsmith1