How to configure the reseller panel on different subdomains¶
Enable reseller feature¶
First, we will need to enable the reseller feature.
To do that please check How to enable reseller feature in docker deployment.
Fleio settings.py changes¶
In settings.py we need to allow the reseller’s subdomains to connect to the Fleio backend.
For this guide, we will use the following setup:
Fleio installation url:
- portal.fleio.com
Reseller urls:
- reseller.fleio.com
- reseller2.fleio.com
Notice that the cookie domain will be the top level domain (in our case fleio.com).
Run the fleio edit settings.py command and add the following code at the end of your settings.py file.
NEW_MIDDLEWARE = list(MIDDLEWARE)
NEW_MIDDLEWARE.insert(1, 'corsheaders.middleware.CorsMiddleware')
NEW_MIDDLEWARE.insert(1, 'fleio.csrf_reseller_pass.CsrfMid')
MIDDLEWARE = tuple(NEW_MIDDLEWARE)
RESELLER_DOMAINS = {
'reseller.fleio.com': {
'url': 'http://reseller.fleio.com',
'cookie_domain': 'fleio.com',
},
'portal.fleio.com': {
'url': 'http://reseller.fleio.com',
'cookie_domain': 'fleio.com',
},
'reseller2.fleio.com': {
'url': 'http://reseller2.fleio.com',
'cookie_domain': 'fleio.com',
},
'portal.fleio.com': {
'url': 'http://reseller2.fleio.com',
'cookie_domain': 'fleio.com',
},
}
CORS_ORIGIN_WHITELIST = (
'http://portal.fleio.com',
'http://reseller.fleio.com',
'http://reseller2.fleio.com',
)
CORS_ALLOW_CREDENTIALS = True
CSRF_TRUSTED_ORIGINS = ['portal.fleio.com']
for domain in RESELLER_DOMAINS:
CORS_ORIGIN_WHITELIST += (RESELLER_DOMAINS[domain]['url'],)
CSRF_TRUSTED_ORIGINS.append(domain)
ALLOWED_HOSTS.append(domain)
For each new domain you will have to add a new entry in the RESELLER_DOMAINS dictionary, with the following syntax:
...
'reseller3.fleio.com': {
'url': 'http://reseller3.fleio.com',
'cookie_domain': 'fleio.com',
},
'portal.fleio.com': {
'url': 'http://reseller3.fleio.com',
'cookie_domain': 'fleio.com',
},
Additionally, you need to add the reseller domains in the ALLOWED_HOSTS list.
On exit, when you will be asked to restart Fleio, answer with “N”. We will restart later.
Fleio web configuration¶
Before digging into adding custom configuration to the fleio_web_1 container, please read the following docs:
First we will create a new directory where we will place our updated web.conf.template file. All these needs to be done while using the fleio user:
sudo -i -u fleio
mkdir /home/fleio/compose/custom-web
Create the custom-web Dockerfile and add the updated file
touch /home/fleio/compose/custom-web/Dockerfile
touch /home/fleio/compose/custom-web/web.conf.template
In the Dockerfile add the following:
ARG FLEIO_DOCKER_HUB
ARG FLEIO_RELEASE_SUFFIX
FROM ${FLEIO_DOCKER_HUB}/fleio_web${FLEIO_RELEASE_SUFFIX}
COPY web.conf.template /etc/nginx/templates/web.conf.template
The web.conf.template must be configured different, depending on the FLEIO_SSL_OPTION. Please check the variable in /home/fleio/compose/.env and use the proper template:
Important
Notice that all resellers have different and unused ports. Reseller 1 will use the 9001 port, while reseller 2 will use 9002 port Remember the ports because we will need them in the next step.
no_ssl¶
server {
listen 8080;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name ${FLEIO_DOMAIN};
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
location / {
proxy_pass http://frontend:9000;
proxy_redirect http://$host:9000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# reseller 1
server {
listen 8080;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller.fleio.com;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
location / {
proxy_pass http://reseller:9001;
proxy_redirect http://$host:9001 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# reseller 2
server {
listen 8080;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller2.fleio.com;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
location / {
proxy_pass http://reseller2:9002;
proxy_redirect http://$host:9002 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
own_ssl¶
server {
listen 8080;
server_name ${FLEIO_DOMAIN};
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 4430 ssl;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name ${FLEIO_DOMAIN};
ssl_certificate /var/webapps/fleio/ssl/${FLEIO_DOMAIN}/ssl.crt;
ssl_certificate_key /var/webapps/fleio/ssl/${FLEIO_DOMAIN}/ssl.key;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://frontend:9000;
proxy_redirect http://$host:9000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
}
# reseller 1
server {
listen 4430 ssl;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller.fleio.com;
ssl_certificate /var/webapps/fleio/ssl/reseller.fleio.com/ssl.crt;
ssl_certificate_key /var/webapps/fleio/ssl/reseller.fleio.com/ssl.key;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://reseller:9001;
proxy_redirect http://$host:9001 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
}
# reseller 2
server {
listen 4430 ssl;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller2.fleio.com;
ssl_certificate /var/webapps/fleio/ssl/reseller2.fleio.com/ssl.crt;
ssl_certificate_key /var/webapps/fleio/ssl/reseller2.fleio.com/ssl.key;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://reseller2:9002;
proxy_redirect http://$host:9002 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
}
lets_encrypt¶
server {
listen 8080;
server_name ${FLEIO_DOMAIN};
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 4430 ssl;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name ${FLEIO_DOMAIN};
ssl_certificate /etc/letsencrypt/live/${FLEIO_DOMAIN}/ssl.crt;
ssl_certificate_key /etc/letsencrypt/live/${FLEIO_DOMAIN}/ssl.key;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://frontend:9000;
proxy_redirect http://$host:9000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
}
# reseller 1
server {
listen 4430 ssl;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller.fleio.com;
ssl_certificate /var/webapps/fleio/ssl/reseller.fleio.com/ssl.crt;
ssl_certificate_key /var/webapps/fleio/ssl/reseller.fleio.com/ssl.key;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://reseller:9001;
proxy_redirect http://$host:9001 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
}
# reseller 2
server {
listen 4430 ssl;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller2.fleio.com;
ssl_certificate /var/webapps/fleio/ssl/reseller2.fleio.com/ssl.crt;
ssl_certificate_key /var/webapps/fleio/ssl/reseller2.fleio.com/ssl.key;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
location /backend {
include /etc/nginx/uwsgi_params;
proxy_pass http://backend:8000;
proxy_redirect http://$host:8000 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location / {
proxy_pass http://reseller2:9002;
proxy_redirect http://$host:9002 http://$host;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_buffering off;
proxy_request_buffering off;
proxy_read_timeout 150s;
}
}
Resellers configuration¶
Now we will need to create a new directory for each reseller, in the /home/fleio/compose directory:
# if you're not using the fleio user:
sudo -i -u fleio
mkdir /home/fleio/compose/reseller.fleio.com
mkdir /home/fleio/compose/reseller2.fleio.com
In these new directories, we will have to:
- create new directories which will contain the enduser and reseller configuration files (these will be mapped as volumes)
- define a new reseller image
- add the nginx configuration file for the reseller’s domain
Create the needed directories:
#if you're not using the fleio user:
sudo -i -u fleio
mkdir -p /home/fleio/compose/reseller.fleio.com/enduser/assets/config/
mkdir -p /home/fleio/compose/reseller.fleio.com/reseller/assets/config/
mkdir -p /home/fleio/compose/reseller.fleio.com/site/constants/
Create the Dockerfile and the reseller.fleio.com.conf file:
#if you're not using the fleio user:
sudo -i -u fleio
touch /home/fleio/compose/reseller.fleio.com/Dockerfile
touch /home/fleio/compose/reseller.fleio.com/reseller.fleio.com.conf
Add the following code in the Dockerfile:
ARG FLEIO_DOCKER_HUB
ARG FLEIO_RELEASE_SUFFIX
FROM ${FLEIO_DOCKER_HUB}/fleio_frontend${FLEIO_RELEASE_SUFFIX}
COPY reseller.fleio.com.conf "/etc/nginx/conf.d/reseller.fleio.com.conf"
Add the following code in the reseller.fleio.com.conf file. Make sure to configure the proper port on the listen 9001 line:
server {
listen 9001;
client_max_body_size 5000m;
add_header X-Frame-Options "SAMEORIGIN";
server_name reseller.fleio.com;
location /images {
alias /var/webapps/fleio/frontend/site/images/;
break;
}
location /js {
alias /var/webapps/fleio/frontend/site/js/;
expires max;
break;
}
location /vendor {
alias /var/webapps/fleio/frontend/site/vendor/;
expires max;
break;
}
location /styles {
alias /var/webapps/fleio/frontend/site/styles/;
expires max;
break;
}
location /reseller {
alias /var/webapps/fleio/frontend/reseller/;
expires -1;
try_files $uri $uri/ /../reseller/index.html;
}
location /tinymce {
alias /var/webapps/fleio/frontend/staff/tinymce/;
break;
}
location /static {
alias /var/webapps/fleio/frontend/backendstatic/;
break;
}
location /new {
alias /var/webapps/fleio/frontend/enduser/;
expires -1;
try_files $uri $uri/ /../enduser/index.html;
}
location / {
alias /var/webapps/fleio/frontend/site/;
expires -1;
try_files $uri $uri/ /index.html;
}
}
Now we need to add the enduser / reseller panel configuration files:
Important
Notice that the backendApiUrl is the main fleio url and AngularJsPanelUrl is the reseller url.
Angular enduser:
vi /home/fleio/compose/reseller.fleio.com/enduser/assets/config/enduser.config.json
And add the code from bellow.
{
"urls": {
"backendApiUrl": "//panel.fleio.com/backend/api/",
"homeName": "enduser",
"angularJsPanelUrl": "//reseller.fleio.com/",
"resellerUrl": "/reseller"
},
"settings": {
"defaultLanguage": "en",
"imagesPath": "assets/img/enduser/",
"logoDark": null,
"logoLight": null,
"defaultTheme": "spring",
"availableThemes": [
"spring",
"navy",
"dusk"
],
"instanceForm": {
"hideNetworksIfOnlyOneAvailable": true,
"preselectPublicNetworks": true,
"showUserData": true,
"flavorsAsCards": false,
"showRootPasswordField": true,
"rootPasswordFieldMandatory": false,
"localComputeStorageEnabled": true,
"hideVolumeSelectionForFlavorsWithDisk": false,
"defaultVolumeType": null,
"reseller_client_id": null
},
"logoutRedirect": null,
"usernameInputLabel": null
}
}
Angular JS enduser (will be removed soon, but as of 2021.06.1 this is still needed):
vi /home/fleio/compose/reseller.fleio.com/site/constants/constants.js
// Global end-user panel configuration
'use strict';
var user_config = {
api_url: 'http://fleio.reseller.com/backend/api',
language: 'en', // default language
base_url: '/',
home_url: '/',
angularPanelUrl: 'http://reseller.fleio.com/new/',
// logo_light: 'https://fleio.com/images/logo.png',
// logo_dark: 'https://fleio.com/images/logo.png',
// shutdown_instance_note: "NOTE: The instance will continue to be charged even if it's shutdown. Delete the instance if you want to no longer be charged.",
// toast_hide_delay: 3000, // bottom-left toast message animation delay in milliseconds
items_display_mode: 'cardview', //cardview || listview
enable_debug: true, // set to true in development to enable angular debug
flavors_as_cards: false, // used on instance creation for flavors selector layout
local_compute_storage_enabled: true, // used on instance create on boot source selection
preselect_public_networks: true, // preselects networks with public tag on instance creation form
hide_networks_if_only_one_available: true, // if there is only one network available on the instance creation form, preselect it and hide the input field
show_root_password_field_on_new_instance_form: true,
root_password_mandatory_on_new_instance_form: false,
show_userdata_on_new_instance_form: true,
hide_volume_selection_for_flavors_with_disk: false,
default_volume_type_on_new_instance_form: null, // dict, with keys as region names and value as volume type names
// example default_volume_type_on_new_instance_form
// default_volume_type_on_new_instance_form: {
// 'RegionOne': 'SSD',
// },
customThemesCallback: function(mdThemingProvider) {
// read the docs on how to define new themes
},
registeredThemes: ['Spring', 'Navy', 'Dusk'], // list of themes that can be used by a user
new_object_arrow_img_source: 'images/arrow.png',
logout_redirect: null,
username_input_label: null,
reseller_client_id: null,
};
try {
angular.module('fleio.config').constant('CONFIG', user_config);
}
catch (err) {
angular.module('fleiostaff.config').constant('USER_CONFIG', user_config);
}
Reseller panel:
vi /home/fleio/compose/reseller.fleio.com/reseller/assets/config/reseller.config.json
Add the code from bellow:
{
"urls": {
"backendApiUrl": "//fleio.reseller.com/backend/resellerapi/",
"homeName": "reseller"
},
"settings": {
"defaultLanguage": "en",
"imagesPath": "assets/img/reseller/",
"logoDark": null,
"logoLight": null,
"defaultTheme": "spring",
"availableThemes": [
"spring",
"navy",
"dusk"
],
"instanceForm": {
"hideNetworksIfOnlyOneAvailable": true,
"preselectPublicNetworks": true,
"showUserData": true,
"flavorsAsCards": false,
"showRootPasswordField": true,
"rootPasswordFieldMandatory": false,
"localComputeStorageEnabled": true,
"hideVolumeSelectionForFlavorsWithDisk": false,
"defaultVolumeType": null
},
"logoutRedirect": null,
"usernameInputLabel": null
}
}
Repeat the previous steps for as many resellers as you want.
Define docker-compose services and map volumes¶
Lastly, we need to define the new docker-compose services and we need to map the configuration files in the reseller service:
#if you're not using the fleio user:
sudo -i -u fleio
cd /home/fleio/compose
Add this to the docker-compose.override.yml file:
services:
# redefine web service to include the custom web.conf.template file
web:
build:
context: ./custom-web/
dockerfile: Dockerfile
args:
- FLEIO_DOCKER_HUB
- FLEIO_RELEASE_SUFFIX
image: fleio_custom_web
# define a new reseller service for each of your resellers
reseller:
build:
context: ./reseller.fleio.com/
dockerfile: Dockerfile
args:
- FLEIO_DOCKER_HUB
- FLEIO_RELEASE_SUFFIX
image: fleio_reseller_1
restart: always
volumes:
- /home/fleio/compose/reseller.fleio.com/site/constants:/var/webapps/fleio/frontend/site/constants
- /home/fleio/compose/reseller.fleio.com/enduser/assets/config:/var/webapps/fleio/frontend/enduser/assets/config/
- /home/fleio/compose/reseller.fleio.com/reseller/assets/config:/var/webapps/fleio/frontend/reseller/assets/config/
reseller2:
build:
context: ./reseller2.fleio.com/
dockerfile: Dockerfile
args:
- FLEIO_DOCKER_HUB
- FLEIO_RELEASE_SUFFIX
image: fleio_reseller2_1
restart: always
volumes:
- /home/fleio/compose/reseller2.fleio.com/site/constants:/var/webapps/fleio/frontend/site/constants
- /home/fleio/compose/reseller2.fleio.com/enduser/assets/config:/var/webapps/fleio/frontend/enduser/assets/config/
- /home/fleio/compose/reseller2.fleio.com/reseller/assets/config:/var/webapps/fleio/frontend/reseller/assets/config/
Build and publish¶
Finally, we will need to build all our changes and to create the new containers based on the changes added in the docker-compose-override file.
fleio build
fleio recreate
If you run the fleio status command you should now see the new reseller services up and running. The reseller panel should also be available at the configured domains.