sboulahtit/orion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(deployment): add future scaling section for 50+ custom domains

Browse Source 
Document two strategies for scaling beyond manual Caddyfile management:
- Caddy on-demand TLS (simple, no Cloudflare protection)
- Cloudflare for SaaS / Custom Hostnames (recommended, full protection)
- Infrastructure scaling notes for 1,000+ sites

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Samir Boulahtit
2026-03-14 19:41:35 +01:00
parent a28d5d1de5
commit adec17cd02
1 changed files with 47 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
docs/deployment/hetzner-server-setup.md
View File

@@ -968,6 +968,53 @@ curl -I https://newplatform.lu/
curl -I https://teststore.newplatform.lu/
```
#### Future: Scaling Custom Domains Beyond 50
The manual Caddyfile approach (one block per custom domain + Cloudflare origin cert) works well up to ~50 custom store domains. Beyond that, managing Caddyfile blocks and origin certs becomes tedious. Two scaling strategies:
##### Option 1: Caddy On-Demand TLS (simple, no Cloudflare protection)
A single catch-all Caddy block replaces all custom domain blocks. Caddy auto-provisions Let's Encrypt certs on first request and validates domains against the database:
```caddy
https:// {
tls {
on_demand
ask http://localhost:8001/api/v1/internal/verify-domain
}
reverse_proxy localhost:8001
}
```
The `/verify-domain` endpoint checks the `store_domains` table — returns 200 (provision cert) or 404 (reject). Adding a new custom domain becomes a database insert only, no Caddy or Cloudflare changes needed.
**Limitation**: Custom domains point directly to the server (no Cloudflare proxy), so they lose DDoS protection, WAF, bot mitigation, and CDN caching. A DDoS attack on any custom domain impacts all sites on the server.
Let's Encrypt rate limits (50 certs/registered domain/week, 300 new orders/3 hours) are not an issue since each custom domain is unique. Caddy handles 5,000+ certs comfortably in memory (~50-100MB).
##### Option 2: Cloudflare for SaaS (recommended for production scale)
[Cloudflare for SaaS](https://developers.cloudflare.com/cloudflare-for-platforms/cloudflare-for-saas/) (Custom Hostnames) is how Shopify, Webflow, and major SaaS platforms handle custom domains at scale. Every custom domain gets full Cloudflare protection:
1. Configure a **fallback origin** in your Cloudflare account (e.g., `customers.omsflow.lu → 91.99.65.229`)
2. Customer sets a CNAME: `wizamart.com → customers.omsflow.lu`
3. Cloudflare proxies `wizamart.com` through your account — DDoS, WAF, bot protection, CDN all included
4. SSL is automatic (no Let's Encrypt, no origin certs to manage)
5. Adding a domain = database insert + one Cloudflare API call (automatable)
**Cost**: Available on Cloudflare Pro ($20/month) with per-hostname pricing (~$0.10/month each at volume). At 5,000 domains × $0.10 = ~$500/month for full Cloudflare protection on every customer domain.
**Hybrid approach**: Platform domains (`*.omsflow.lu`, `rewardflow.lu`, etc.) stay on the current Cloudflare setup with origin certs. Only customer custom domains use Cloudflare for SaaS.
##### Infrastructure scaling at 1,000+ sites
At this scale, the 4GB Hetzner VPS becomes the bottleneck before Caddy does. Plan for:
- Horizontal scaling: multiple app servers behind a load balancer
- Dedicated PostgreSQL server
- Dedicated Redis instance
- CDN for static assets (Cloudflare, already in place)
## Step 15: Gitea Actions Runner
!!! warning "ARM64 architecture"