Enable additional host names

[bmesuere]

This issue tracks the steps that need to be taken to switch from dodona.ugent.be to dodona.be. This will be a multi step process.

Step 1: Enable naos.dodona.be

Code changes

• [x] Disable the redirect from naos.dodona.be to naos.ugent.be
• [x] Enable additional host for naos in rails #3292
• [x] Set a relative asset host to host the assets from the same domain as the main request #3293
• [x] Provide different SAML metadata depending on the hostname of the request #3293
• [x] Use correct host name for OIDC requests #3293
• [x] Use correct host name for LTI requests #3293
• [x] Enable additional host for dodona in rails #3293
• [x] Enable /media requests on alternative host names #3293

Things to check

• [x] UJS seems to use the default host for remote links
• [x] Check LTI (ufora and ilearn)
• [x] Check UGent sign in
• [x] Check O365 sign in
• [x] Check GSuite sign in
• [x] Check Smartschool sign in
• [x] Check Elixir sign in
• [x] Check Vlaanderen sign in
• [x] Check Surf sign in
• [x] Line 42 of the routes file

Administrative changes

• [x] Enable Cloudflare proxy for naos
• [x] Additional redirect URLs were added to Google sign in
• [x] Additional redirect URLs were added to azure
• [x] Register additional SAML service providers in Belnet for the extra hostnames

Step 2: Enable dodona.be

Code changes

• [ ] Disable the redirect from dodona.be to dodona.ugent.be

Things to check

• [x] UJS seems to use the default host for remote links
• [ ] Check LTI (ufora and ilearn)
• [ ] Check UGent sign in
• [ ] Check O365 sign in
• [ ] Check GSuite sign in
• [ ] Check Smartschool sign in
• [ ] Check Elixir sign in
• [ ] Check Vlaanderen sign in
• [ ] Check Surf sign in
• [ ] Line 42 of the routes file

Administrative changes

• [ ] Contact the IDPs we use to add the new hostnames/issuers to the whitelist (can be done at a later time)

Step 3: Redirect all traffic to the new hostname

Code changes

• [ ] Redirect dodona.ugent.be to dodona.be

Step 4: Cleanup

Code changes

• [ ] Re enable the asset host: https://github.com/dodona-edu/dodona/pull/3293#discussion_r797404955

I will use this occasion to update our (contact) information about the IDPs we work with in https://github.com/dodona-edu/wiki/blob/main/technical/authentication.md

[jorg-vr]

I don't think UJS is the issue.

But all uses of _url such as submissions_url or courses_url cause problems (see a fix in #4070)

I'll have a look if I can fix it in genral. Otherwise the solution might be replacing all uses of '_url' with '_path"

[jorg-vr]

Order of execution for production rollout:

1. Enable dodona.be on:

• [X] Check SAML
• [x] Check O365
• [x] Check GSuite
• [x] Check Smartschool
• [x] Check Elixir (Changes requested through panel)
• [ ] Check Vlaanderen (Email sent)
• [x] Check Surf

2. Disable redirect

• [x] Disable the redirect from dodona.be to dodona.ugent.be

3. Fix LTI providers

• [ ] Check Ufora
• [ ] Check ILearn

[chvp]

Python tutor is broken on dodona.be (this has been fixed in the meantime).

[jorg-vr]

www.dodona.be does not work (only dodona.be)

[jorg-vr]

What exactly was meant by:

Line 42 of the routes file

?

Right now it is an empty line. The next line: get '/status' still works

[bmesuere]

@jorg-vr I think this was about what is now line 47 involving configuration.web_hosts:

    concern :mediable do
      member do
        constraints host: Rails.configuration.web_hosts do
          get 'media/*media', to: 'activities#media', constraints: {media: /.*/}, as: :media
        end
      end
    end