[geetfun]

Interesting product - fly.io

It’s essentially a reverse proxy as a service. Sort of like Cloudflare but with what looks like a nicer API, and custom domain name SSL eg. for multi tenant apps.

It was a bit pricy when I plugged in how many requests we get per month on our servers, easily in 5-figure per month. Having said that, internally we built most of their selling points already.

[prdonahue]

Our API for doing this is quite simple:

  POST https://api.cloudflare.com/client/v4/zones/:zone_id/custom_hostnames
  {
    "hostname":"app.example.com",
    "ssl": {
      "method":"http",
      "type":"dv"
    }
  }

In addition to "http" (described in this thread) we also support "cname" and "email" methods for validation. Some of our customers prefer these other methods as it lets us issue the certificates before /their/ customer points the CNAME over.

Once we receive the call we generate multiple certificates for each hostname: one SHA-2/ECDSA that's presented to modern browsers and one SHA-2/RSA that we serve to legacy ones that don't support ECC. (Let's Encrypt doesn't do SHA-2/ECDSA signing yet but plans to sometime next year.)

We also support uploading your own custom certificates for those that, e.g. see value in Extended Validation (EV):

  POST https://api.cloudflare.com/client/v4/zones/:zone_id/custom_hostnames
  {
    "hostname":"app.example.com",
    "ssl": { 
      "custom_certificate": "$MYCERT",
      "custom_key": "$MYKEY"
    }
  }

Where $MYCERT and $MYKEY are the PEM payloads with newlines removed.

[mrkurt]

You didn't mention price. :)

[mrkurt]

Custom domains for multi tenant apps is our biggest value right now. You can get it elsewhere, but there's typically a huge fixed monthly cost just to start.

There are a bunch of companies who've done most of what we've exposed in house (us included in past lives!), once we're a bit older and more fully developed I think we'll have compelling features even for you though! We do have deep volume discounts, fwiw, so if you get tired of running all that stuff let us know. :)

[adrinavarro]

I agree with the pricy bit. I've made a calculation, and it would cost me 1200$ a month to run what Cloudflare does for free.

Now, I get that free is not an option. 50/100$ a month is probably OK. But that's beyond reasonable. And prices change depending on where people visit you from (!?)

[mrkurt]

I'm not sure what kind of app you're running, but our product/pricing are targeted almost entirely at SaaS apps that need multiple hostnames — which is $2500/mo min on CF: https://fly.io/mix/custom-hostnames

It's really expensive to do that on top of CloudFlare, and most apps like that aren't using a tremendous amount of bandwidth.

We're not _yet_ a great option as a general purpose CDN replacement (both pricing and featureset) but we're getting there, and are pushing prices down continuously. It's more expensive to buy bandwidth and power in certain cities, too, hence the different pricing per region.

If you're willing, I'd love to know what your traffic breakdown is and how you got to that $1200/mo number. You can email me if you'd like! (kurt.mackey@fly.io)

[geetfun]

Agree it is not a trivial task to build out the infrastructure for custom SSL. We’ve done it ourselves and it’s just now another service component we have to manage. ie. more time sink for something that isn’t our business core feature

For others who are reading this, the whole process involves reading and storing private keys using asymmetric ciphers and all that. Definitely more stuff than we’d like to be responsible for.

Will definitely keep an eye on fly.io for new features! Thanks

[LogicX]

We do custom domains for customers with SSL through netlify - though only an option if you have a static site.

[TheMissingPiece]

Hey, I work at Fly, too. We have a built-in Netlify integration... If you configure your domain with Fly, you can use it as a custom domain for a Netlify, but also serve any other content on arbitrary sub paths. Here's more about the Netlify integration :) https://fly.io/articles/fly-netlify-explosive-static/

[sfeng]

Custom domain name SSL is also provided by Cloudflare, it's called "SSL for SaaS".

[corobo]

I’m almost certain I heard it was only available on their enterprise plan so you’re looking at a couple grand plus per month minimum