There are two ways to implement CNAME Custom Domain : via Cloudfront (AWS) or NGINX (VPS, AWS EC2, or any other servers).

Enabling CNAME

Start by enabling the Custom Domain setting under General Settings.

This will prompt you to add the CNAME add on to your Workspace's subscription.

Cloudfront Implementation

Within your AWS account, you'll want to create a Cloudfront distribution with the following details:

  • Origin Domain : nifty.pm

  • Origin Path : Can be left as blank

  • Name : Preferred name for origin

  • Protocol : Redirect HTTP to HTTPS

  • Allowed HTTP methods : GET, HEAD, OPTIONS

  • Select preferred edge locations

  • Supported HTTP versions :HTTP/2

  • Other settings can be default values

Next you'll want to add custom domain as an alternate domain name in CloudFront:

  • Edit Distribution settings

  • Add domain under Alternate domain name (CNAME) (optionally)

    • For adding a custom domain as an alternative domain under CloudFront distribution, SSL cert needs to be configured at AWS certificate manager

    • After configuring SSL cert at ACM (AWS Certificate Manager), add the domain and select the SSL certificate in Custom SSL certificate (optional)

  • After configuring all above settings in domain DNS, point the domain to the Cloudfront Distribution domain name URL

After the DNS propagation you will be able to access the application using the custom domain name.

NGINX Implementation

For an NGINX implementation, you'll need to create a NGINX server as a TLS termination proxy. You may optionally create a NGINX proxy server to use your custom domain with an SSL certificate.

Configure NGINX server with following in nginx.conf:

resolver 8.8.8.8;
server {
listen 443 ssl;
server_name example.com; # replace this with your custom domain
ssl_certificate /etc/fullchain.pem; # replace this with clients domain SSL cert file
ssl_certificate_key /etc/privkey.pem; # replace this with clients domain SSL key file
location / {
set $niftypm "https://nifty.pm"; proxy_pass $niftypm:443; proxy_ssl_server_name on;
}
}

Disabling CNAME (Fallback Access)

If you need a fallback way to login into your Nifty workspace without redirecting to your custom domain, use this link: https://[yourteamname].nifty.pm?cnamedisabled .

*[yourteamname] in the above link should be replaced with your team's portion of your URL, which in the below example would be nifty-purple.

So, for this team, their CNAME Fallback URL would be:
https://nifty-purple.nifty.pm?cnamedisabled.

Did this answer your question?