Skip to content
autom8y

Domain Routing

Domain Routing

This document describes the subdomain routing patterns used across the autom8y platform infrastructure.

Domain Structure

The autom8y platform uses subdomains to route traffic to different services:

autom8y.io                    # Main landing page
├── docs.autom8y.io           # Documentation (this site)
├── api.autom8y.io            # API gateway
├── app.autom8y.io            # Web application (future)
└── status.autom8y.io         # Status page (future)

Subdomain Conventions

Naming Patterns

PatternPurposeExample
docs.*Documentation sitesdocs.autom8y.io
api.*API endpointsapi.autom8y.io
app.*Web applicationsapp.autom8y.io
status.*Status pagesstatus.autom8y.io
cdn.*Static assetscdn.autom8y.io

Environment Prefixes

Non-production environments use prefixes:

EnvironmentPatternExample
Production<service>.autom8y.ioapi.autom8y.io
Staging<service>.staging.autom8y.ioapi.staging.autom8y.io
Development<service>.dev.autom8y.ioapi.dev.autom8y.io

DNS Configuration

Record Types

RecordPurposeExample
AIPv4 addressRoot domain
AAAAIPv6 addressRoot domain
CNAMEAlias to another domainSubdomains
TXTVerification recordsDomain ownership
MXEmail routingMail configuration

Cloudflare Integration

All DNS is managed through Cloudflare, providing:

  • DDoS protection
  • SSL termination
  • Edge caching
  • WAF rules

Terraform Management

DNS records are managed via Terraform in the autom8y_platform repository:

resource "cloudflare_record" "docs" {
  zone_id = var.cloudflare_zone_id
  name    = "docs"
  content = "docs-site.pages.dev"
  type    = "CNAME"
  proxied = true
}

SSL/TLS

Certificate Management

SSL certificates are automatically provisioned via Cloudflare:

  • Free universal SSL for all subdomains
  • Automatic renewal
  • Full (strict) encryption mode

Security Headers

All sites include security headers:

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Content-Security-Policy: default-src 'self'

Routing Rules

Path-Based Routing

Within a subdomain, paths route to different handlers:

api.autom8y.io/
├── /v1/workflows      → Workflow service
├── /v1/analytics      → Analytics service
├── /health            → Health check endpoint
└── /metrics           → Prometheus metrics

Header-Based Routing

API version can also be specified via header:

Terminal window
curl -H "API-Version: 2024-01-15" https://api.autom8y.io/workflows

CORS Configuration

Allowed Origins

Production CORS allows:

const allowedOrigins = [
  'https://autom8y.io',
  'https://app.autom8y.io',
  'https://docs.autom8y.io'
];

Preflight Handling

OPTIONS requests return:

Access-Control-Allow-Origin: <origin>
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Headers: Authorization, Content-Type, X-Request-ID
Access-Control-Max-Age: 86400

Load Balancing

Geographic Distribution

Traffic is distributed across Cloudflare’s edge network:

  • Automatic geo-routing to nearest edge
  • Failover to alternate regions
  • Health checks for origin servers

Session Affinity

For stateful applications (future):

  • Cookie-based session affinity
  • Configurable TTL
  • Graceful failover

Monitoring

Metrics Collected

MetricDescription
Request countTotal requests per subdomain
Latencyp50, p95, p99 response times
Error rate4xx and 5xx responses
BandwidthData transfer in/out

Alerting

Alerts trigger on:

  • Error rate > 1% for 5 minutes
  • Latency p95 > 500ms for 5 minutes
  • Availability < 99.9% over 1 hour

Future Considerations

Planned Subdomains

SubdomainPurposeTimeline
app.autom8y.ioWeb applicationPhase 2
status.autom8y.ioStatus pagePhase 2
webhooks.autom8y.ioWebhook receiverPhase 3

Migration Path

When adding new subdomains:

  1. Add Terraform configuration
  2. Apply DNS changes
  3. Configure SSL (automatic)
  4. Deploy service to Cloudflare Pages/Workers
  5. Update CORS and routing rules
  6. Monitor for 24 hours before announcing

Next Steps