How to set up domain redirects in Trellis

mattia · February 24, 2021, 3:47pm

I pushed a website live last week (trellis/bedrock/sage) on DO.

the website is live, with SSL correctly active.

I set up some redirect rules with safe-redirect-manager plugin, I used this because it was on the trellis fav plugin, all good with this, everything is working as expected.

only today, the client told me that he has multiples domains, and he would like to redirect to the main domain.
so for example:
domain-x.com redirects to main-domain.com
domain-y.com redirects to main-domain.com

I read the docs, and from my understanding the only thing that I need to do, it is to list all the domains under redirects in /production/wordpress_sites.yml like this.
is it correct?

main-domain.com:
  site_hosts:
    - canonical: main-domain.com
      redirects:
        - www.main-domain.com
        - domain-x.com
        - domain-y.com
        - whateverdomain.co.uk
        - www.whateverdomain.co.uk

then I will need to update the DNS record A of these domains and point to the right IP for every host listed.

then I guess that the last thing, it will need to re-provision the production server.

are the above steps correct for my scope?

is there something that I need to be aware of, that I didn’t mention?

many thanks

strarsis · February 24, 2021, 4:19pm

One thing: When you have specified IPv6 records (AAAA) Let’s Encrypt will use these first for the challenge. So either have correct AAAA records or none at all.

mattia · February 24, 2021, 4:38pm

Thanks @strarsis, I was not aware of the AAAA record, I had to google it.

so basically I have to check if there is an AAAA record in place, if yes, I will need to point this to the same IP as the main record A, is this right?

are all the other steps correct?

strarsis · February 24, 2021, 4:49pm

Yes. When you have changed existing DNS records you may also want to check their DNS propagation and wait some minutes before re-applying the playbook (and performing the Let’s Encrypt validation). Temporarily changing the TTL may also be a good idea to speed up propagation.

mattia · February 24, 2021, 5:06pm

ok sure, I will check if the propagation is finished, and only after, I will re-provision the production server.

Do I need to deactivate the SSL or I can leave it active when I will do this?

is there a tag just for this (for example --tags nginx-includes) or I will need to run the whole “ansible-playbook server.yml -e env=production”?

strarsis · February 24, 2021, 5:23pm

Deactivation of SSL (of the old site/currently self-signed cert) shouldn’t be necessary.
There are the letsencrypt tag, maybe it already suffices for setting up Let’s Encrypt?
When in doubt, just run the whole playbook, it may take longer, but it may also reduce surprises.

system · April 7, 2021, 3:47pm

This topic was automatically closed after 42 days. New replies are no longer allowed.