通配符 DNS 设置

Wildcard DNS allows tenant subdomains like acme.yourdomain.com, techcorp.yourdomain.com, etc. This is optional — FeedbackPulse works fine with slug-based URLs (e.g., /wall/acme-corp) without wildcard DNS.

Do I Need Wildcard DNS?

Scenario	Wildcard DNS needed?
Tenants use slug-based public pages (`/wall/acme-corp`)	No
Tenants want their own subdomain (`acme.yourdomain.com`)	Yes
Tenants bring their own 自定义域名 (`feedback.acme.com`)	No (use CNAME instead)

What You Need

A wildcard DNS A record: *.yourdomain.com → your server IP
A wildcard SSL certificate: covers *.yourdomain.com
Web server configuration: accepts all subdomains

Step 1: Add the DNS Record

前往 your domain registrar's DNS management panel and add:

Type	Name/Host	Value	TTL
A	`*`	`123.456.789.0` (your server IP)	300

You also need the regular A record for the root domain:

Type Name/Host Value
A @ 123.456.789.0

Type	Name/Host	Value
A	`@`	`123.456.789.0`

Provider-Specific Instructions

Cloudflare

登录 to Cloudflare 仪表板
Select your domain
前往 DNS → Records
Click Add Record
Type: A | Name: * | IPv4: your server IP | Proxy: DNS only (gray cloud)
Click Save

重要： For wildcard subdomains, set Cloudflare proxy to DNS only (gray cloud), not Proxied (orange cloud). Cloudflare's free plan doesn't proxy wildcard subdomains.

Namecheap

登录 → Domain List → Manage your domain
前往 Advanced DNS
Click Add New Record
Type: A Record | Host: * | Value: your server IP | TTL: Automatic
Save

GoDaddy

登录 → My 产品 → DNS for your domain
Click Add Record
Type: A | Name: * | Value: your server IP | TTL: 600
Save

Google Domains / Google Cloud DNS

前往 Google Domains
Select your domain → DNS
Under Custom Records, add:
Host: * | Type: A | Data: your server IP
Save

AWS Route 53

前往 Route 53 → Hosted Zones → select your domain
Click Create Record
Record name: * | Record type: A
Value: your server IP | TTL: 300
Click Create Records

DigitalOcean DNS

前往 Networking → Domains
Select your domain
Add: Type A | Hostname * | Will direct to: your server IP | TTL: 300

Hetzner DNS

前往 Hetzner DNS Console
Select your zone
Add record: Type A | Name * | Value: your server IP

Step 2: Get a Wildcard SSL Certificate

Option A: Let's Encrypt with DNS Challenge (Free)

Wildcard certificates from Let's Encrypt require DNS-01 challenge (not HTTP):

# Install Certbot with DNS plugin for your provider
# Example: Cloudflare
sudo apt install certbot python3-certbot-dns-cloudflare

# Create Cloudflare credentials file
sudo mkdir -p /etc/letsencrypt
sudo nano /etc/letsencrypt/cloudflare.ini

Add your Cloudflare API token:

dns_cloudflare_api_token = your_cloudflare_api_token_here

sudo chmod 600 /etc/letsencrypt/cloudflare.ini

# Get wildcard certificate
sudo certbot certonly \
  --dns-cloudflare \
  --dns-cloudflare-credentials /etc/letsencrypt/cloudflare.ini \
  -d yourdomain.com \
  -d "*.yourdomain.com"

DNS Plugins for Other Providers

Provider	Certbot Plugin	Install
Cloudflare	`python3-certbot-dns-cloudflare`	`sudo apt install python3-certbot-dns-cloudflare`
Route 53	`python3-certbot-dns-route53`	`sudo apt install python3-certbot-dns-route53`
DigitalOcean	`python3-certbot-dns-digitalocean`	`sudo apt install python3-certbot-dns-digitalocean`
Google Cloud	`python3-certbot-dns-google`	`sudo apt install python3-certbot-dns-google`

Option B: Manual DNS Challenge

If your DNS provider doesn't have a Certbot plugin:

sudo certbot certonly --manual --preferred-challenges dns \
  -d yourdomain.com -d "*.yourdomain.com"

Certbot will ask you to create a TXT record. Follow the prompts.

Manual challenge caveat: You'll need to manually renew every 90 days and update the DNS TXT record each time.

Option C: Paid Wildcard Certificate

Purchase from providers like:

Comodo/Sectigo (~$70/year)
DigiCert (~$400/year)
RapidSSL (~$125/year)

Step 3: Configure Your Web Server

See the wildcard sections in:

Apache 配置 — look for the "Wildcard Subdomain Support" section
Nginx 配置 — look for the "Wildcard Subdomain Support" section

Key: use ServerAlias *.yourdomain.com (Apache) or server_name yourdomain.com *.yourdomain.com; (Nginx).

Step 4: Verify It Works

# Test DNS resolution for a subdomain
dig test.yourdomain.com

# Should return your server IP in the ANSWER section

# Test with curl
curl -I https://anything.yourdomain.com
# Should return a 200 or redirect (not "could not resolve host")

Step 5: Configure FeedbackPulse

Update your .env file:

# Set the session domain to allow cookies across subdomains
SESSION_DOMAIN=.yourdomain.com

# Your main app URL (without subdomain)
APP_URL=https://yourdomain.com

Note the leading dot in SESSION_DOMAIN=.yourdomain.com — this allows session cookies to work across all subdomains.

How Subdomains Work in FeedbackPulse

When a request comes in to acme.yourdomain.com:

The ResolveTenant middleware extracts the subdomain (acme)
It looks up the tenant with subdomain = 'acme'
If found, the tenant is set as the current context
The user sees the tenant's login page or dashboard

Tenants set their subdomain during registration. You can also set it manually in the 管理面板.

下一步

SSL Certificates — more SSL configuration details
Custom Domains — let tenants use their own domains

Do I Need Wildcard DNS?​

What You Need​

Step 1: Add the DNS Record​

Provider-Specific Instructions​

Cloudflare​

Namecheap​

GoDaddy​

Google Domains / Google Cloud DNS​

AWS Route 53​

DigitalOcean DNS​

Hetzner DNS​

Step 2: Get a Wildcard SSL Certificate​

Option A: Let's Encrypt with DNS Challenge (Free)​

DNS Plugins for Other Providers​

Option B: Manual DNS Challenge​

Option C: Paid Wildcard Certificate​

Step 3: Configure Your Web Server​

Step 4: Verify It Works​

Step 5: Configure FeedbackPulse​

How Subdomains Work in FeedbackPulse​

下一步​