文档中心 Serverless Framework 最佳实践 自定义域名及 HTTPS 访问配置

自定义域名及 HTTPS 访问配置

最近更新时间:2020-03-12 17:16:39

操作场景

通过 Serverless Component 快速构建一个 Serverless Web 网站服务后,如果您希望配置自定义域名及支持 HTTPS 的访问,则可以按照本文提供的两种方案快速配置。

前提条件

方案一:通过 CDN 加速配置支持自定义域名的 HTTPS 访问

配置前,需要确保账号实名并已经 开通 CDN 服务

增加配置

serverless.yml 中,增加 CDN 自定义域名配置:

myWebsite:
  myWebsite:
  component: '@serverless/tencent-website'
  inputs:
    code:
      src: ./public # Upload static files generated by HEXO
      index: index.html
      error: index.html
    region: ap-guangzhou
    bucketName: my-hexo-bucket
    protocol: https
    # 新增的 CDN 自定义域名配置
    hosts:
      - host: www.example.com # 希望配置的自定义域名
        https:
          certId: axE1bo3 # SSL 证书 ID
          http2: off
          httpsType: 4
          forceSwitch: -2

查看完整配置项说明 >>

部署服务

再次通过sls命令进行部署,并可以添加--debug参数查看部署过程中的信息。

如您的账号未 登录注册 腾讯云,您可以直接通过微信扫描命令行中的二维码进行授权登录和注册。

说明:

slsserverless 命令的简写。

$ sls --debug
  DEBUG ─ Resolving the template's static variables.
  DEBUG ─ Collecting components from the template.
  DEBUG ─ Downloading any NPM components found in the template.
  DEBUG ─ Analyzing the template's components dependencies.
  DEBUG ─ Creating the template's components graph.
  DEBUG ─ Syncing template state.
  DEBUG ─ Executing the template's components graph.
  DEBUG ─ Preparing website Tencent COS bucket my-hexo-bucket-1250000000.
  DEBUG ─ Bucket "my-hexo-bucket-1250000000" in the "ap-guangzhou" region already exist.
  DEBUG ─ Setting ACL for "my-hexo-bucket-1250000000" bucket in the "ap-guangzhou" region.
  DEBUG ─ Ensuring no CORS are set for "my-hexo-bucket-1250000000" bucket in the "ap-guangzhou" region.
  DEBUG ─ Ensuring no Tags are set for "my-hexo-bucket-1250000000" bucket in the "ap-guangzhou" region.
  DEBUG ─ Configuring bucket my-hexo-bucket-1250000000 for website hosting.
  DEBUG ─ Uploading website files from /Users/tina/Documents/hexoblog/hexo/public to bucket my-hexo-bucket-1250000000.
  DEBUG ─ Starting upload to bucket my-hexo-bucket-1250000000 in region ap-guangzhou
  DEBUG ─ Uploading directory /Users/tina/Documents/hexoblog/hexo/public to bucket my-hexo-bucket-1250000000
  DEBUG ─ The CDN domain www.example.com has existed.
  DEBUG ─ Updating...
  DEBUG ─ Waiting for CDN deploy success..
  DEBUG ─ CDN deploy success to host: www.example.com
  DEBUG ─ Setup https for www.example.com...
  DEBUG ─ Website deployed successfully to URL: https://my-hexo-bucket-1250000000.cos-website.ap-guangzhou.myqcloud.com.
  myWebsite: 
    url:  https://my-hexo-bucket-1250000000.cos-website.ap-guangzhou.myqcloud.com
    env: 
    host: 
      - https://www.example.com (CNAME: www.example.com.cdn.dnsv1.com)
  17s › myWebsite › done

添加 CNAME

部署完成后,在命令行的输出中可以查看到一个以 .cdn.dnsv1.com 为后缀的 CNAME 域名。参考 CNAME 配置文档,在 DNS 服务商处设置好对应的 CNAME 并生效后,即可访问自定义 HTTPS 域名。

方案二:对 API 网关域名进行自定义域名配置

增加配置

serverless.yml 中,增加 API 网关自定义域名配置。本文以 egg.js 框架为例,配置如下:

# serverless.yml
restApi:
  component: "@serverless/tencent-apigateway"
  inputs:
    region: ap-shanghai
    protocols:
      - http
      - https
    serviceName: serverless
    environment: release
    endpoints:
      - path: /users
        method: POST
        function:
          functionName: myFunction
    # 增加 API 网关自定义域名配置
    customDomain:
      - domain: www.example.com
        certificateId: axE1bo3
        protocols:
          - https

查看完整配置项说明>>

部署服务

再次通过sls命令进行部署,并可以添加--debug参数查看部署过程中的信息。
如您的账号未 登录注册 腾讯云,您可以直接通过微信扫描命令行中的二维码进行授权登录和注册。

说明:

slsserverless 命令的简写。

$ sls --debug
  DEBUG ─ Resolving the template's static variables.
  DEBUG ─ Collecting components from the template.
  DEBUG ─ Downloading any NPM components found in the template.
  DEBUG ─ Analyzing the template's components dependencies.
  DEBUG ─ Creating the template's components graph.
  DEBUG ─ Syncing template state.
  DEBUG ─ Executing the template's components graph.
  DEBUG ─ Starting API-Gateway deployment with name restApi in the ap-shanghai region
  DEBUG ─ Using last time deploy service id service-lqhc88sr
  DEBUG ─ Updating service with serviceId service-lqhc88sr.
  DEBUG ─ Endpoint POST /users already exists with id api-e902tx1q.
  DEBUG ─ Updating api with api id api-e902tx1q.
  DEBUG ─ Service with id api-e902tx1q updated.
  DEBUG ─ Deploying service with id service-lqhc88sr.
  DEBUG ─ Deployment successful for the api named restApi in the ap-shanghai region.
  DEBUG ─ Start unbind all exist domain for service service-lqhc88sr
  DEBUG ─ Start bind custom domain for service service-lqhc88sr
  DEBUG ─ Custom domain for service service-lqhc88sr created successfullly.
  DEBUG ─ Please add CNAME record service-lqhc88sr-1250000000.sh.apigw.tencentcs.com for www.example.com.
  restApi: 
    protocols: 
      - http
      - https
    subDomain:     service-lqhc88sr-1250000000.sh.apigw.tencentcs.com
    environment:   release
    region:        ap-shanghai
    serviceId:     service-lqhc88sr
    apis: 
      - 
        path:   /users
        method: POST
        apiId:  api-e902tx1q
    customDomains: 
      - www.example.com (CNAME: service-lqhc88sr-1250000000.sh.apigw.tencentcs.com) 
  8s › restApi › done

添加 CNAME 记录

部署完成后,在命令行的输出中可以查看到一个以 .apigw.tencentcs.com 为后缀的 CNAME 域名。参考 添加 CNAME 记录,在 DNS 服务商处设置好对应的 CNAME 并生效后,即可访问自定义 HTTPS 域名。