Caddyfile

The Caddyfile configures Caddy as a local reverse proxy for testing. It routes three types of requests to the Phoenix server: the main app domain ( my-app.test ), wildcard subdomains ( *.my-app.test ), and a test custom domain ( my-hostname.test ). All use plain HTTP since Caddy handles TLS termination in production but not needed locally.

Caddyfile Reveal

	`-0,0 +1,11 @@`
+	`http://my-app.test {`
+	`reverse_proxy localhost:4000`
+	`}`
+
+	`http://*.my-app.test {`
+	`reverse_proxy localhost:4000`
+	`}`
+
+	`http://my-hostname.test {`
+	`reverse_proxy localhost:4000`
+	`}`

README.md Reveal

	-9,6 +9,64 @@ Now you can visit [`localhost:4000`](http://localhost:4000) from your browser.

	`Ready to run in production? Please [check our deployment guides](https://hexdocs.pm/phoenix/deployment.html).`

+	`## Local DNS Hosting Setup`
+
+	Testing custom domains and subdomains locally requires a reverse proxy to route `.test` domains to your Phoenix server. We use [Caddy](https://caddyserver.com/) for this.
+
+	`### 1. Install Caddy`
+
+	`On macOS with Homebrew:`
+
+	```sh
+	`brew install caddy`
+	```
+
+	`For other platforms, see the [Caddy install docs](https://caddyserver.com/docs/install).`
+
+	`### 2. Configure local DNS`
+
+	Add entries to `/etc/hosts` so `.test` domains resolve to localhost:
+
+	```
+	`127.0.0.1 my-app.test`
+	`127.0.0.1 my-subdomain.my-app.test`
+	`127.0.0.1 my-hostname.test`
+	```
+
+	Replace `my-subdomain` with the subdomain of a site you create in the app, and `my-hostname.test` with any custom domain you want to test hostname routing with.
+
+	`### 3. Start Caddy`
+
+	`From the project root:`
+
+	```sh
+	`caddy run`
+	```
+
+	This uses the `Caddyfile` in the project root, which proxies:
+
+	- `http://my-app.test` — the main app
+	- `http://*.my-app.test` — subdomain-based hosted sites
+	- `http://my-hostname.test` — custom domain hostname routing
+
+	`### 4. Start Phoenix`
+
+	```sh
+	`mix phx.server`
+	```
+
+	The dev endpoint is configured with `host: "my-app.test"` so the `ServeHostedSite` plug can distinguish between the main app, subdomains, and custom domains.
+
+	`### 5. Test the flow`
+
+	1. Visit `http://my-app.test` and log in
+	`2. Create a site (e.g., name: "My Site", subdomain: "my-subdomain")`
+	3. Visit `http://my-subdomain.my-app.test` to test subdomain routing
+	4. Add a hostname (e.g., `my-hostname.test`) to test custom domain routing
+	5. Visit `http://my-hostname.test` after adding the `/etc/hosts` entry
+
+	Note: DNS verification and certificate issuance are handled by the `LocalAdapter` in development, which auto-succeeds. Real DNS verification only applies in production.
+
	`## Learn more`

	`* Official website: https://www.phoenixframework.org/`

Dev configuration

Development uses my-app.test as the endpoint host (instead of localhost ) so the ServeHostedSite plug can distinguish between the main app and subdomain/hostname requests. The DNS resolver and certificate adapter are set to their local variants that auto-verify and auto-succeed.

config/dev.exs Reveal

	`-19,7 +19,8 @@ config :my_app, MyApp.Repo,`
	`config :my_app, MyAppWeb.Endpoint,`
	`# Binding to loopback ipv4 address prevents access from other machines.`
	# Change to `ip: {0, 0, 0, 0}` to allow access from other machines.
-	`http: [ip: {127, 0, 0, 1}],`
+	`# http: [ip: {127, 0, 0, 1}],`
+	`url: [host: "my-app.test", port: 80, scheme: "http"],`
	`check_origin: false,`
	`code_reloader: true,`
	`debug_errors: true,`
	`-88,5 +89,11 @@ config :phoenix_live_view,`
	`# Enable helpful, but potentially expensive runtime checks`
	`enable_expensive_runtime_checks: true`

+	`# DNS: use local resolver (auto-verifies all domains)`
+	`config :my_app, MyApp.Hosting.DNS, resolver: MyApp.Hosting.DNS.LocalResolver`
+
+	`# Certificates: use local adapter (logs operations, returns success)`
+	`config :my_app, MyApp.Hosting.Certificates, adapter: MyApp.Hosting.Certificates.LocalAdapter`
+
	`# Disable swoosh api client as it is only required for production adapters.`
	`config :swoosh, :api_client, false`

Production configuration

Production configures the Fly.io certificate adapter with the app ID and API token, the live DNS resolver, and a CNAME target derived from the Fly app name. check_origin: :conn is set on the endpoint to allow WebSocket connections from any origin, since hosted sites will connect from their custom domains.

config/runtime.exs Reveal

	`-58,6 +58,7 @@ if config_env() == :prod do`

	`config :my_app, MyAppWeb.Endpoint,`
	`url: [host: host, port: 443, scheme: "https"],`
+	`check_origin: :conn,`
	`http: [`
	`# Enable IPv6 and bind on all interfaces.`
	`# Set it to {0, 0, 0, 0, 0, 0, 0, 1} for local network only access.`
	`-67,6 +68,23 @@ if config_env() == :prod do`
	`],`
	`secret_key_base: secret_key_base`

+	`fly_app_id =`
+	`System.get_env("FLY_APP_NAME") \|\|`
+	`raise "environment variable FLY_APP_NAME is missing"`
+
+	`fly_api_token =`
+	`System.get_env("FLY_API_TOKEN") \|\|`
+	`raise "environment variable FLY_API_TOKEN is missing"`
+
+	`config :my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.FlyAdapter,`
+	`app_id: fly_app_id,`
+	`api_token: fly_api_token`
+
+	`config :my_app, MyApp.Hosting.DNS,`
+	`resolver: MyApp.Hosting.DNS.LiveResolver,`
+	`cname_target: System.get_env("CNAME_TARGET", "#{fly_app_id}.fly.dev")`
+
	`# ## SSL Support`
	`#`
	# To get SSL working, you will need to add the `https` key

config/test.exs Reveal

	`-20,6 +20,7 @@ config :my_app, MyApp.Repo,`
	`# you can enable the server option below.`
	`config :my_app, MyAppWeb.Endpoint,`
	`http: [ip: {127, 0, 0, 1}, port: 4002],`
+	`url: [host: "www.example.com"],`
	`secret_key_base: "YDm6Hbnj1BMLRpQNCRpaAvFTpRIPSub8oRQzncJHRF3pcknaU/2C7CEm0bADBPnz",`
	`server: false`

Hosting context

The Hosting context manages sites and hostnames with scoped access (users can only manage their own resources) and PubSub broadcasting for real-time updates.

Sites — Standard CRUD operations scoped to the current user. get_site_by_subdomain/1 and get_site_by_hostname/1 are unscoped lookups used by the routing plug to resolve incoming requests to sites.

Hostnames — CRUD operations scoped to a site. Creating a hostname auto-generates the TXT verification secret. Deleting a hostname also cleans up any associated certificate with the certificate provider.

DNS verification — verify_hostname/2 delegates to the DNS resolver to check for the expected TXT record. On success, it timestamps verified_at on the hostname. verification_instructions/1 and cname_instructions/1 return the DNS records the user needs to configure.

Certificate management — issue_certificate/2 requires a verified domain and delegates to the certificate adapter. It tracks both certificate_requested_at (immediately) and certificate_issued_at (when the adapter confirms issuance, which may be async). refresh_certificate_status/2 polls the adapter for pending certificates. delete_certificate/2 removes the certificate and clears the timestamp fields.

lib/my_app/hosting.ex Reveal

	`-0,0 +1,488 @@`
+	`defmodule MyApp.Hosting do`
+	`@moduledoc """`
+	`The Hosting context.`
+	`"""`
+
+	`import Ecto.Query, warn: false`
+	`alias MyApp.Repo`
+
+	`alias MyApp.Hosting.Site`
+	`alias MyApp.Accounts.Scope`
+
+	`@doc """`
+	`Subscribes to scoped notifications about any site changes.`
+
+	`The broadcasted messages match the pattern:`
+
+	`* {:created, %Site{}}`
+	`* {:updated, %Site{}}`
+	`* {:deleted, %Site{}}`
+
+	`"""`
+	`def subscribe_sites(%Scope{} = scope) do`
+	`key = scope.user.id`
+
+	`Phoenix.PubSub.subscribe(MyApp.PubSub, "user:#{key}:sites")`
+	`end`
+
+	`defp broadcast_site(%Scope{} = scope, message) do`
+	`key = scope.user.id`
+
+	`Phoenix.PubSub.broadcast(MyApp.PubSub, "user:#{key}:sites", message)`
+	`end`
+
+	`@doc """`
+	`Returns the list of sites.`
+
+	`## Examples`
+
+	`iex> list_sites(scope)`
+	`[%Site{}, ...]`
+
+	`"""`
+	`def list_sites(%Scope{} = scope) do`
+	`Repo.all_by(Site, user_id: scope.user.id)`
+	`end`
+
+	`@doc """`
+	`Gets a single site.`
+
+	Raises `Ecto.NoResultsError` if the Site does not exist.
+
+	`## Examples`
+
+	`iex> get_site!(scope, 123)`
+	`%Site{}`
+
+	`iex> get_site!(scope, 456)`
+	`** (Ecto.NoResultsError)`
+
+	`"""`
+	`def get_site!(%Scope{} = scope, id) do`
+	`Repo.get_by!(Site, id: id, user_id: scope.user.id)`
+	`end`
+
+	`def get_site_by_subdomain(subdomain) do`
+	`Repo.get_by(Site, subdomain: subdomain)`
+	`end`
+
+	`def get_site_by_hostname(domain) do`
+	`Repo.one(`
+	`from s in Site,`
+	`join: h in assoc(s, :hostnames),`
+	`where: h.domain == ^domain,`
+	`where: not is_nil(h.verified_at),`
+	`where: not is_nil(h.certificate_issued_at)`
+	`)`
+	`end`
+
+	`@doc """`
+	`Creates a site.`
+
+	`## Examples`
+
+	`iex> create_site(scope, %{field: value})`
+	`{:ok, %Site{}}`
+
+	`iex> create_site(scope, %{field: bad_value})`
+	`{:error, %Ecto.Changeset{}}`
+
+	`"""`
+	`def create_site(%Scope{} = scope, attrs) do`
+	`with {:ok, site = %Site{}} <-`
+	`%Site{}`
+	`\|> Site.changeset(attrs, scope)`
+	`\|> Repo.insert() do`
+	`broadcast_site(scope, {:created, site})`
+	`{:ok, site}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Updates a site.`
+
+	`## Examples`
+
+	`iex> update_site(scope, site, %{field: new_value})`
+	`{:ok, %Site{}}`
+
+	`iex> update_site(scope, site, %{field: bad_value})`
+	`{:error, %Ecto.Changeset{}}`
+
+	`"""`
+	`def update_site(%Scope{} = scope, %Site{} = site, attrs) do`
+	`true = site.user_id == scope.user.id`
+
+	`with {:ok, site = %Site{}} <-`
+	`site`
+	`\|> Site.changeset(attrs, scope)`
+	`\|> Repo.update() do`
+	`broadcast_site(scope, {:updated, site})`
+	`{:ok, site}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Deletes a site.`
+
+	`## Examples`
+
+	`iex> delete_site(scope, site)`
+	`{:ok, %Site{}}`
+
+	`iex> delete_site(scope, site)`
+	`{:error, %Ecto.Changeset{}}`
+
+	`"""`
+	`def delete_site(%Scope{} = scope, %Site{} = site) do`
+	`true = site.user_id == scope.user.id`
+
+	`with {:ok, site = %Site{}} <- Repo.delete(site) do`
+	`broadcast_site(scope, {:deleted, site})`
+	`{:ok, site}`
+	`end`
+	`end`
+
+	`@doc """`
+	Returns an `%Ecto.Changeset{}` for tracking site changes.
+
+	`## Examples`
+
+	`iex> change_site(scope, site)`
+	`%Ecto.Changeset{data: %Site{}}`
+
+	`"""`
+	`def change_site(%Scope{} = scope, %Site{} = site, attrs \\ %{}) do`
+	`true = site.user_id == scope.user.id`
+
+	`Site.changeset(%{site \| subdomain: nil}, attrs, scope, cast_default_subdomain: true)`
+	`end`
+
+	`alias MyApp.Hosting.Hostname`
+	`alias MyApp.Hosting.DNS`
+	`alias MyApp.Hosting.Certificates`
+	`alias MyApp.Accounts.Scope`
+
+	`@doc """`
+	`Subscribes to scoped notifications about any hostname changes.`
+
+	`The broadcasted messages match the pattern:`
+
+	`* {:created, %Hostname{}}`
+	`* {:updated, %Hostname{}}`
+	`* {:deleted, %Hostname{}}`
+
+	`"""`
+	`def subscribe_hostnames(%Scope{} = scope) do`
+	`key = scope.user.id`
+
+	`Phoenix.PubSub.subscribe(MyApp.PubSub, "user:#{key}:hostnames")`
+	`end`
+
+	`defp broadcast_hostname(%Scope{} = scope, message) do`
+	`key = scope.user.id`
+
+	`Phoenix.PubSub.broadcast(MyApp.PubSub, "user:#{key}:hostnames", message)`
+	`end`
+
+	`@doc """`
+	`Returns the list of hostnames.`
+
+	`## Examples`
+
+	`iex> list_hostnames(scope)`
+	`[%Hostname{}, ...]`
+
+	`"""`
+	`def list_hostnames(%Scope{} = _scope, site) do`
+	`Repo.all_by(Hostname, site_id: site.id)`
+	`end`
+
+	`@doc """`
+	`Gets a single hostname.`
+
+	Raises `Ecto.NoResultsError` if the Hostname does not exist.
+
+	`## Examples`
+
+	`iex> get_hostname!(scope, 123)`
+	`%Hostname{}`
+
+	`iex> get_hostname!(scope, 456)`
+	`** (Ecto.NoResultsError)`
+
+	`"""`
+	`def get_hostname!(%Scope{} = _scope, site, id) do`
+	`Repo.get_by!(Hostname, id: id, site_id: site.id)`
+	`end`
+
+	`@doc """`
+	`Creates a hostname.`
+
+	`## Examples`
+
+	`iex> create_hostname(scope, %{field: value})`
+	`{:ok, %Hostname{}}`
+
+	`iex> create_hostname(scope, %{field: bad_value})`
+	`{:error, %Ecto.Changeset{}}`
+
+	`"""`
+	`def create_hostname(%Scope{} = scope, site, attrs) do`
+	`with {:ok, hostname = %Hostname{}} <-`
+	`%Hostname{}`
+	`\|> Hostname.changeset(site, attrs)`
+	`\|> Repo.insert() do`
+	`broadcast_hostname(scope, {:created, hostname})`
+	`{:ok, hostname}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Updates a hostname.`
+
+	`## Examples`
+
+	`iex> update_hostname(scope, hostname, %{field: new_value})`
+	`{:ok, %Hostname{}}`
+
+	`iex> update_hostname(scope, hostname, %{field: bad_value})`
+	`{:error, %Ecto.Changeset{}}`
+
+	`"""`
+	`def update_hostname(%Scope{} = scope, %Hostname{} = hostname, site, attrs) do`
+	`with {:ok, hostname = %Hostname{}} <-`
+	`hostname`
+	`\|> Hostname.changeset(site, attrs)`
+	`\|> Repo.update() do`
+	`broadcast_hostname(scope, {:updated, hostname})`
+	`{:ok, hostname}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Deletes a hostname.`
+
+	`If the hostname has a certificate, it will be deleted from the certificate`
+	`provider first. Certificate deletion failures are logged but don't prevent`
+	`hostname deletion.`
+
+	`## Examples`
+
+	`iex> delete_hostname(scope, hostname)`
+	`{:ok, %Hostname{}}`
+
+	`iex> delete_hostname(scope, hostname)`
+	`{:error, %Ecto.Changeset{}}`
+
+	`"""`
+	`def delete_hostname(%Scope{} = scope, %Hostname{} = hostname) do`
+	`# Clean up certificate if one exists`
+	`if hostname.certificate_requested_at do`
+	`case Certificates.delete_certificate(hostname) do`
+	`:ok ->`
+	`:ok`
+
+	`{:error, reason} ->`
+	`require Logger`
+
+	`Logger.warning(`
+	`"Failed to delete certificate for #{hostname.domain}: #{inspect(reason)}"`
+	`)`
+	`end`
+	`end`
+
+	`with {:ok, hostname = %Hostname{}} <-`
+	`Repo.delete(hostname) do`
+	`broadcast_hostname(scope, {:deleted, hostname})`
+	`{:ok, hostname}`
+	`end`
+	`end`
+
+	`@doc """`
+	Returns an `%Ecto.Changeset{}` for tracking hostname changes.
+
+	`## Examples`
+
+	`iex> change_hostname(scope, hostname)`
+	`%Ecto.Changeset{data: %Hostname{}}`
+
+	`"""`
+	`def change_hostname(%Scope{} = _scope, %Hostname{} = hostname, site, attrs \\ %{}) do`
+	`Hostname.changeset(hostname, site, attrs)`
+	`end`
+
+	`@doc """`
+	`Verifies a hostname by checking for the expected TXT record.`
+
+	`If verification succeeds, updates the hostname with the current timestamp`
+	in `verified_at`.
+
+	`Returns:`
+	- `{:ok, %Hostname{}}` if verification succeeds
+	- `{:error, :not_found}` if the TXT record is not found
+	- `{:error, :dns_error}` if the DNS lookup fails
+
+	`## Examples`
+
+	`iex> verify_hostname(scope, hostname)`
+	`{:ok, %Hostname{verified_at: ~U[2024-01-01 12:00:00Z]}}`
+
+	`"""`
+	`def verify_hostname(%Scope{} = scope, %Hostname{} = hostname) do`
+	`case DNS.verify_domain(hostname) do`
+	`{:ok, :verified} ->`
+	`{:ok, updated} =`
+	`hostname`
+	`\|> Hostname.verification_changeset(DateTime.utc_now(:second))`
+	`\|> Repo.update()`
+
+	`broadcast_hostname(scope, {:updated, updated})`
+	`{:ok, updated}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Returns the DNS verification instructions for a hostname.`
+
+	`## Examples`
+
+	`iex> verification_instructions(hostname)`
+	`%{`
+	`hostname: "_myapp-verify.example.com",`
+	`record_type: "TXT",`
+	`record_value: "myapp-verification=abc123..."`
+	`}`
+
+	`"""`
+	`def verification_instructions(%Hostname{} = hostname) do`
+	`%{`
+	`host: DNS.verification_host(),`
+	`record_type: "TXT",`
+	`record_value: DNS.verification_record_value(hostname.txt_record_secret)`
+	`}`
+	`end`
+
+	`@doc """`
+	`Returns the CNAME record instructions for pointing a domain to the app.`
+
+	`## Examples`
+
+	`iex> cname_instructions(hostname)`
+	`%{`
+	`hostname: "example.com",`
+	`record_type: "CNAME",`
+	`record_value: "proxy.fly.dev"`
+	`}`
+
+	`"""`
+	`def cname_instructions(%Hostname{} = _hostname) do`
+	`%{`
+	`host: "@",`
+	`record_type: "CNAME",`
+	`record_value: DNS.cname_target()`
+	`}`
+	`end`
+
+	`@doc """`
+	`Issues a TLS certificate for a verified hostname.`
+
+	The domain must be verified (have a non-nil `verified_at`) before a
+	certificate can be issued. Sets `certificate_requested_at` immediately,
+	and only sets `certificate_issued_at` when the adapter reports the
+	`certificate as issued.`
+
+	`Returns:`
+	- `{:ok, %Hostname{}}` with updated certificate fields on success
+	- `{:error, :domain_not_verified}` if the domain isn't verified
+	- `{:error, reason}` if certificate issuance fails
+
+	`"""`
+	`def issue_certificate(%Scope{}, %Hostname{verified_at: nil}) do`
+	`{:error, :domain_not_verified}`
+	`end`
+
+	`def issue_certificate(%Scope{} = scope, %Hostname{} = hostname) do`
+	`case Certificates.issue_certificate(hostname) do`
+	`{:ok, cert_result} ->`
+	`now = DateTime.utc_now(:second)`
+
+	`attrs = %{`
+	`certificate_requested_at: now,`
+	`certificate_issued_at:`
+	`if(cert_result.status == :issued, do: cert_result.issued_at \|\| now)`
+	`}`
+
+	`{:ok, updated} =`
+	`hostname`
+	`\|> Hostname.certificate_changeset(attrs)`
+	`\|> Repo.update()`
+
+	`broadcast_hostname(scope, {:updated, updated})`
+	`{:ok, updated}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Checks the certificate status with the provider and updates the hostname`
+	`record if the certificate has been issued.`
+
+	`Returns:`
+	- `{:ok, %Hostname{}}` with updated fields if status changed
+	- `{:ok, :pending}` if the certificate is still pending
+	- `{:error, reason}` if the check fails
+
+	`"""`
+	`def refresh_certificate_status(%Scope{} = scope, %Hostname{} = hostname) do`
+	`case Certificates.check_certificate(hostname) do`
+	`{:ok, %{status: :issued} = cert_result} ->`
+	`attrs = %{`
+	`certificate_issued_at: cert_result.issued_at \|\| DateTime.utc_now(:second)`
+	`}`
+
+	`{:ok, updated} =`
+	`hostname`
+	`\|> Hostname.certificate_changeset(attrs)`
+	`\|> Repo.update()`
+
+	`broadcast_hostname(scope, {:updated, updated})`
+	`{:ok, updated}`
+
+	`{:ok, %{status: status}} ->`
+	`{:ok, status}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Deletes the certificate for a hostname.`
+
+	`Also clears the certificate fields on the hostname record.`
+	`"""`
+	`def delete_certificate(%Scope{} = scope, %Hostname{} = hostname) do`
+	`case Certificates.delete_certificate(hostname) do`
+	`:ok ->`
+	`{:ok, updated} =`
+	`hostname`
+	`\|> Hostname.certificate_changeset(%{`
+	`certificate_requested_at: nil,`
+	`certificate_issued_at: nil`
+	`})`
+	`\|> Repo.update()`
+
+	`broadcast_hostname(scope, {:updated, updated})`
+	`{:ok, updated}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+	`end`

Certificates module

The Certificates module provides a behaviour-based interface for TLS certificate management. It defines three callbacks: add_certificate/2 , check_certificate/2 , and delete_certificate/2 , each taking a hostname string and adapter-specific options.

The public API functions ( issue_certificate/1 , check_certificate/1 , delete_certificate/1 ) accept a Hostname struct, extract the domain, and delegate to the configured adapter with its options. This keeps the hosting context decoupled from any specific certificate provider.

lib/my_app/hosting/certificates.ex Reveal

	`-0,0 +1,96 @@`
+	`defmodule MyApp.Hosting.Certificates do`
+	`@moduledoc """`
+	`Certificate management for custom domains.`
+
+	`This module provides a unified interface for issuing and managing`
+	`TLS certificates for custom domains. The underlying implementation`
+	`is configurable:`
+
+	`- Production: Fly.io GraphQL API`
+	`- Development: Caddy API (for local testing)`
+	`- Test: Mock adapter`
+
+	`## Configuration`
+
+	`# config/prod.exs`
+	`config :my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.FlyAdapter,`
+	`app_id: "your-fly-app-id",`
+	`api_token: System.get_env("FLY_API_TOKEN")`
+
+	`# config/dev.exs`
+	`config :my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.CaddyAdapter,`
+	`caddy_admin_url: "http://localhost:2019"`
+
+	`# config/test.exs`
+	`config :my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.MockAdapter`
+
+	`"""`
+
+	`alias MyApp.Hosting.Hostname`
+
+	`@type certificate_status :: :pending \| :issued \| :error`
+	`@type certificate_result :: %{`
+	`hostname: String.t(),`
+	`status: certificate_status(),`
+	`dns_validation_hostname: String.t() \| nil,`
+	`dns_validation_target: String.t() \| nil,`
+	`issued_at: DateTime.t() \| nil,`
+	`expires_at: DateTime.t() \| nil,`
+	`error: String.t() \| nil`
+	`}`
+
+	`@doc """`
+	`Callback for adding a certificate for a hostname.`
+	`"""`
+	`@callback add_certificate(hostname :: String.t(), opts :: keyword()) ::`
+	`{:ok, certificate_result()} \| {:error, term()}`
+
+	`@doc """`
+	`Callback for checking certificate status.`
+	`"""`
+	`@callback check_certificate(hostname :: String.t(), opts :: keyword()) ::`
+	`{:ok, certificate_result()} \| {:error, term()}`
+
+	`@doc """`
+	`Callback for removing a certificate.`
+	`"""`
+	`@callback delete_certificate(hostname :: String.t(), opts :: keyword()) ::`
+	`:ok \| {:error, term()}`
+
+	`@doc """`
+	`Issues a certificate for a hostname.`
+	`"""`
+	`def issue_certificate(%Hostname{} = hostname) do`
+	`adapter().add_certificate(hostname.domain, adapter_opts())`
+	`end`
+
+	`@doc """`
+	`Checks the certificate status for a hostname.`
+	`"""`
+	`def check_certificate(%Hostname{} = hostname) do`
+	`adapter().check_certificate(hostname.domain, adapter_opts())`
+	`end`
+
+	`@doc """`
+	`Removes the certificate for a hostname.`
+	`"""`
+	`def delete_certificate(%Hostname{} = hostname) do`
+	`adapter().delete_certificate(hostname.domain, adapter_opts())`
+	`end`
+
+	`defp adapter do`
+	`config()[:adapter] \|\| raise "No certificate adapter configured"`
+	`end`
+
+	`defp adapter_opts do`
+	`config()`
+	`\|> Keyword.drop([:adapter])`
+	`end`
+
+	`defp config do`
+	`Application.get_env(:my_app, __MODULE__, [])`
+	`end`
+	`end`

Fly.io certificate adapter

The production adapter uses Fly.io's GraphQL API to manage TLS certificates. Fly automatically provisions Let's Encrypt certificates for custom domains added to an app.

add_certificate/2 calls the addCertificate mutation to register a domain. check_certificate/2 queries the certificate status including issued certificate details (type, expiration). delete_certificate/2 removes the certificate.

The adapter parses Fly's response into a normalized certificate_result map with status ( :pending or :issued ), validation details, and expiration. Certificate status is determined by whether any issued certificate nodes exist in the response.

lib/my_app/hosting/certificates/fly_adapter.ex Reveal

	`-0,0 +1,210 @@`
+	`defmodule MyApp.Hosting.Certificates.FlyAdapter do`
+	`@moduledoc """`
+	`Certificate adapter for Fly.io's GraphQL API.`
+
+	`## Configuration`
+
+	`config :my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.FlyAdapter,`
+	`app_id: "your-fly-app-id",`
+	`api_token: System.get_env("FLY_API_TOKEN")`
+
+	`"""`
+
+	`@behaviour MyApp.Hosting.Certificates`
+
+	`@api_url "https://api.fly.io/graphql"`
+
+	`@impl true`
+	`def add_certificate(hostname, opts) do`
+	`app_id = Keyword.fetch!(opts, :app_id)`
+
+	`query = """`
+	`mutation($appId: ID!, $hostname: String!) {`
+	`addCertificate(appId: $appId, hostname: $hostname) {`
+	`certificate {`
+	`configured`
+	`acmeDnsConfigured`
+	`acmeAlpnConfigured`
+	`certificateAuthority`
+	`certificateRequestedAt`
+	`dnsProvider`
+	`dnsValidationInstructions`
+	`dnsValidationHostname`
+	`dnsValidationTarget`
+	`hostname`
+	`id`
+	`source`
+	`}`
+	`}`
+	`}`
+	`"""`
+
+	`variables = %{appId: app_id, hostname: hostname}`
+
+	`case graphql_request(query, variables, opts) do`
+	`{:ok, %{"addCertificate" => %{"certificate" => cert}}} ->`
+	`{:ok, parse_certificate(cert)}`
+
+	`{:ok, %{"errors" => errors}} ->`
+	`{:error, parse_errors(errors)}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`@impl true`
+	`def check_certificate(hostname, opts) do`
+	`app_name = Keyword.get(opts, :app_name) \|\| Keyword.fetch!(opts, :app_id)`
+
+	`query = """`
+	`query($appName: String!, $hostname: String!) {`
+	`app(name: $appName) {`
+	`certificate(hostname: $hostname) {`
+	`check`
+	`configured`
+	`acmeDnsConfigured`
+	`acmeAlpnConfigured`
+	`certificateAuthority`
+	`createdAt`
+	`dnsProvider`
+	`dnsValidationInstructions`
+	`dnsValidationHostname`
+	`dnsValidationTarget`
+	`hostname`
+	`id`
+	`source`
+	`clientStatus`
+	`issued {`
+	`nodes {`
+	`type`
+	`expiresAt`
+	`}`
+	`}`
+	`}`
+	`}`
+	`}`
+	`"""`
+
+	`variables = %{appName: app_name, hostname: hostname}`
+
+	`case graphql_request(query, variables, opts) do`
+	`{:ok, %{"app" => %{"certificate" => cert}}} when not is_nil(cert) ->`
+	`{:ok, parse_certificate(cert)}`
+
+	`{:ok, %{"app" => %{"certificate" => nil}}} ->`
+	`{:error, :not_found}`
+
+	`{:ok, %{"errors" => errors}} ->`
+	`{:error, parse_errors(errors)}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`@impl true`
+	`def delete_certificate(hostname, opts) do`
+	`app_id = Keyword.fetch!(opts, :app_id)`
+
+	`query = """`
+	`mutation($appId: ID!, $hostname: String!) {`
+	`deleteCertificate(appId: $appId, hostname: $hostname) {`
+	`app {`
+	`name`
+	`}`
+	`certificate {`
+	`hostname`
+	`id`
+	`}`
+	`}`
+	`}`
+	`"""`
+
+	`variables = %{appId: app_id, hostname: hostname}`
+
+	`case graphql_request(query, variables, opts) do`
+	`{:ok, %{"deleteCertificate" => _}} ->`
+	`:ok`
+
+	`{:ok, %{"errors" => errors}} ->`
+	`{:error, parse_errors(errors)}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`defp graphql_request(query, variables, opts) do`
+	`api_token = Keyword.fetch!(opts, :api_token)`
+
+	`headers = [`
+	`{"authorization", "Bearer #{api_token}"},`
+	`{"content-type", "application/json"}`
+	`]`
+
+	`body = Jason.encode!(%{query: query, variables: variables})`
+
+	`case Req.post(@api_url, body: body, headers: headers, decode_body: false) do`
+	`{:ok, %Req.Response{status: 200, body: response_body}} ->`
+	`{:ok, Jason.decode!(response_body)["data"]}`
+
+	`{:ok, %Req.Response{status: status, body: response_body}} ->`
+	`{:error, {:http_error, status, response_body}}`
+
+	`{:error, reason} ->`
+	`{:error, reason}`
+	`end`
+	`end`
+
+	`defp parse_certificate(cert) do`
+	`issued = get_in(cert, ["issued", "nodes"]) \|\| []`
+
+	`expires_at =`
+	`case Enum.find(issued, &(&1["type"] == "ecdsa")) \|\| List.first(issued) do`
+	`%{"expiresAt" => exp} when is_binary(exp) ->`
+	`case DateTime.from_iso8601(exp) do`
+	`{:ok, dt, _} -> dt`
+	`_ -> nil`
+	`end`
+
+	`_ ->`
+	`nil`
+	`end`
+
+	`status =`
+	`cond do`
+	`Enum.any?(issued) -> :issued`
+	`cert["configured"] -> :pending`
+	`true -> :pending`
+	`end`
+
+	`%{`
+	`hostname: cert["hostname"],`
+	`status: status,`
+	`dns_validation_hostname: cert["dnsValidationHostname"],`
+	`dns_validation_target: cert["dnsValidationTarget"],`
+	`issued_at: parse_datetime(cert["createdAt"]),`
+	`expires_at: expires_at,`
+	`error: nil`
+	`}`
+	`end`
+
+	`defp parse_datetime(nil), do: nil`
+
+	`defp parse_datetime(str) when is_binary(str) do`
+	`case DateTime.from_iso8601(str) do`
+	`{:ok, dt, _} -> dt`
+	`_ -> nil`
+	`end`
+	`end`
+
+	`defp parse_errors(errors) when is_list(errors) do`
+	`errors`
+	`\|> Enum.map(& &1["message"])`
+	`\|> Enum.join(", ")`
+	`end`
+
+	`defp parse_errors(error), do: inspect(error)`
+	`end`

Local certificate adapter

The development adapter logs certificate operations and immediately returns success. Since local development uses Caddy (which handles its own TLS or runs over HTTP), there's no real certificate to provision. All operations return :issued status instantly so the full flow can be tested locally.

lib/my_app/hosting/certificates/local_adapter.ex Reveal

	`-0,0 +1,72 @@`
+	`defmodule MyApp.Hosting.Certificates.LocalAdapter do`
+	`@moduledoc """`
+	`Certificate adapter for local development.`
+
+	`This adapter logs certificate operations and returns success responses.`
+	`Use this when running with Caddy or another local reverse proxy that`
+	`handles TLS termination.`
+
+	`For local development with Caddy, configure on-demand TLS in your Caddyfile:`
+
+	`{`
+	`on_demand_tls {`
+	`ask http://localhost:4000/api/domains/check`
+	`}`
+	`}`
+
+	`https:// {`
+	`tls {`
+	`on_demand`
+	`}`
+	`reverse_proxy localhost:4000`
+	`}`
+
+	`## Configuration`
+
+	`config :my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.LocalAdapter`
+
+	`"""`
+
+	`@behaviour MyApp.Hosting.Certificates`
+
+	`require Logger`
+
+	`@impl true`
+	`def add_certificate(hostname, _opts) do`
+	`Logger.info("[Certificates.LocalAdapter] Adding certificate for #{hostname}")`
+
+	`{:ok,`
+	`%{`
+	`hostname: hostname,`
+	`status: :issued,`
+	`dns_validation_hostname: nil,`
+	`dns_validation_target: nil,`
+	`issued_at: DateTime.utc_now(),`
+	`expires_at: DateTime.utc_now() \|> DateTime.add(90, :day),`
+	`error: nil`
+	`}}`
+	`end`
+
+	`@impl true`
+	`def check_certificate(hostname, _opts) do`
+	`Logger.debug("[Certificates.LocalAdapter] Checking certificate for #{hostname}")`
+
+	`{:ok,`
+	`%{`
+	`hostname: hostname,`
+	`status: :issued,`
+	`dns_validation_hostname: nil,`
+	`dns_validation_target: nil,`
+	`issued_at: DateTime.utc_now() \|> DateTime.add(-1, :day),`
+	`expires_at: DateTime.utc_now() \|> DateTime.add(89, :day),`
+	`error: nil`
+	`}}`
+	`end`
+
+	`@impl true`
+	`def delete_certificate(hostname, _opts) do`
+	`Logger.info("[Certificates.LocalAdapter] Deleting certificate for #{hostname}")`
+	`:ok`
+	`end`
+	`end`

lib/my_app/hosting/certificates/mock_adapter.ex Reveal

	`-0,0 +1,99 @@`
+	`defmodule MyApp.Hosting.Certificates.MockAdapter do`
+	`@moduledoc """`
+	`Mock certificate adapter for testing.`
+
+	`Uses the process dictionary to store mock responses, allowing tests to`
+	`control the behavior per-hostname.`
+
+	`## Usage in Tests`
+
+	`setup do`
+	`Application.put_env(:my_app, MyApp.Hosting.Certificates,`
+	`adapter: MyApp.Hosting.Certificates.MockAdapter`
+	`)`
+
+	`on_exit(fn ->`
+	`Application.delete_env(:my_app, MyApp.Hosting.Certificates)`
+	`end)`
+	`end`
+
+	`test "issues certificate" do`
+	`MockAdapter.mock_add_certificate("example.com", {:ok, %{status: :pending}})`
+	`assert {:ok, %{status: :pending}} = Certificates.issue_certificate(domain_alias)`
+	`end`
+
+	`"""`
+
+	`@behaviour MyApp.Hosting.Certificates`
+
+	`@doc """`
+	Mock the response for `add_certificate/2`.
+	`"""`
+	`def mock_add_certificate(hostname, response) do`
+	`Process.put({__MODULE__, :add, hostname}, response)`
+	`end`
+
+	`@doc """`
+	Mock the response for `check_certificate/2`.
+	`"""`
+	`def mock_check_certificate(hostname, response) do`
+	`Process.put({__MODULE__, :check, hostname}, response)`
+	`end`
+
+	`@doc """`
+	Mock the response for `delete_certificate/2`.
+	`"""`
+	`def mock_delete_certificate(hostname, response) do`
+	`Process.put({__MODULE__, :delete, hostname}, response)`
+	`end`
+
+	`@impl true`
+	`def add_certificate(hostname, _opts) do`
+	`case Process.get({__MODULE__, :add, hostname}) do`
+	`nil -> default_add_response(hostname)`
+	`response -> response`
+	`end`
+	`end`
+
+	`@impl true`
+	`def check_certificate(hostname, _opts) do`
+	`case Process.get({__MODULE__, :check, hostname}) do`
+	`nil -> default_check_response(hostname)`
+	`response -> response`
+	`end`
+	`end`
+
+	`@impl true`
+	`def delete_certificate(hostname, _opts) do`
+	`case Process.get({__MODULE__, :delete, hostname}) do`
+	`nil -> :ok`
+	`response -> response`
+	`end`
+	`end`
+
+	`defp default_add_response(hostname) do`
+	`{:ok,`
+	`%{`
+	`hostname: hostname,`
+	`status: :pending,`
+	`dns_validation_hostname: "_acme-challenge.#{hostname}",`
+	`dns_validation_target: "#{hostname}.fly.dev",`
+	`issued_at: nil,`
+	`expires_at: nil,`
+	`error: nil`
+	`}}`
+	`end`
+
+	`defp default_check_response(hostname) do`
+	`{:ok,`
+	`%{`
+	`hostname: hostname,`
+	`status: :issued,`
+	`dns_validation_hostname: nil,`
+	`dns_validation_target: nil,`
+	`issued_at: DateTime.utc_now() \|> DateTime.add(-1, :hour),`
+	`expires_at: DateTime.utc_now() \|> DateTime.add(90, :day),`
+	`error: nil`
+	`}}`
+	`end`
+	`end`

DNS verification module

The DNS module handles domain ownership verification through TXT records. Users prove they own a domain by adding a TXT record at _myapp-verify.<domain> containing myapp-verification=<secret> .

The module defines a @callback lookup_txt/1 behaviour so the resolver is swappable between environments. verify_domain/1 looks up TXT records at the verification hostname and checks if any match the expected value.

Helper functions verification_host/0 , verification_hostname/1 , and verification_record_value/1 build the DNS record details shown to users. cname_target/0 returns the hostname users should CNAME their domain to (configurable, defaults to proxy.fly.dev ).

lib/my_app/hosting/dns.ex Reveal

	`-0,0 +1,168 @@`
+	`defmodule MyApp.Hosting.DNS do`
+	`@moduledoc """`
+	`DNS verification for custom domains.`
+
+	`Users verify domain ownership by adding a TXT record containing`
+	`their unique verification token. The underlying DNS lookup is`
+	`delegated to a configurable resolver:`
+
+	- Production: `MyApp.Hosting.DNS.LiveResolver` (real DNS lookups)
+	- Development: `MyApp.Hosting.DNS.LocalResolver` (auto-verifies)
+	`- Test: Mock resolver via process dictionary`
+
+	`## Configuration`
+
+	`# config/runtime.exs (production)`
+	`config :my_app, MyApp.Hosting.DNS,`
+	`resolver: MyApp.Hosting.DNS.LiveResolver`
+
+	`# config/dev.exs`
+	`config :my_app, MyApp.Hosting.DNS,`
+	`resolver: MyApp.Hosting.DNS.LocalResolver`
+
+	`"""`
+
+	`alias MyApp.Hosting.Hostname`
+
+	`@verification_prefix "myapp-verification="`
+	`@verification_subdomain "_myapp-verify"`
+	`@default_cname_target "proxy.fly.dev"`
+
+	`@doc """`
+	`Callback for looking up TXT records for a hostname.`
+	`"""`
+	`@callback lookup_txt(hostname :: String.t()) :: {:ok, [String.t()]} \| {:error, atom()}`
+
+	`@doc """`
+	`Verifies a domain alias by checking for the expected TXT record.`
+
+	Looks for a TXT record at `_myapp-verify.<domain>` containing:
+
+	`myapp-verification=<txt_record_secret>`
+
+	`Returns:`
+	- `{:ok, :verified}` if the correct TXT record is found
+	- `{:error, :not_found}` if no matching TXT record exists
+	- `{:error, :dns_error}` if the DNS lookup fails
+
+	`## Examples`
+
+	`iex> verify_domain(%Hostname{domain: "example.com", txt_record_secret: "abc123"})`
+	`{:ok, :verified}`
+
+	`iex> verify_domain(%Hostname{domain: "unverified.com", txt_record_secret: "abc123"})`
+	`{:error, :not_found}`
+
+	`"""`
+	`@spec verify_domain(Hostname.t()) :: {:ok, :verified} \| {:error, :not_found \| :dns_error}`
+	`def verify_domain(%Hostname{} = hostname) do`
+	`verify_domain(hostname.domain, hostname.txt_record_secret)`
+	`end`
+
+	`@doc """`
+	`Verifies a domain by checking for the expected TXT record.`
+
+	See `verify_domain/1` for details.
+	`"""`
+	`@spec verify_domain(String.t(), String.t()) ::`
+	`{:ok, :verified} \| {:error, :not_found \| :dns_error}`
+	`def verify_domain(domain, expected_secret)`
+	`when is_binary(domain) and is_binary(expected_secret) do`
+	`verification_host = verification_hostname(domain)`
+	`expected_value = @verification_prefix <> expected_secret`
+
+	`case lookup_txt_records(verification_host) do`
+	`{:ok, records} ->`
+	`if Enum.any?(records, &(&1 == expected_value)) do`
+	`{:ok, :verified}`
+	`else`
+	`{:error, :not_found}`
+	`end`
+
+	`{:error, _reason} ->`
+	`{:error, :dns_error}`
+	`end`
+	`end`
+
+	`@doc """`
+	`Returns the DNS host label for the TXT verification record (without the domain).`
+
+	`## Examples`
+
+	`iex> verification_host()`
+	`"_myapp-verify"`
+
+	`"""`
+	`@spec verification_host() :: String.t()`
+	`def verification_host, do: @verification_subdomain`
+
+	`@doc """`
+	`Returns the full hostname where the TXT verification record should be set.`
+
+	`## Examples`
+
+	`iex> verification_hostname("example.com")`
+	`"_myapp-verify.example.com"`
+
+	`"""`
+	`@spec verification_hostname(String.t()) :: String.t()`
+	`def verification_hostname(domain) do`
+	`"#{@verification_subdomain}.#{domain}"`
+	`end`
+
+	`@doc """`
+	`Returns the full TXT record value that should be set for verification.`
+
+	`## Examples`
+
+	`iex> verification_record_value("abc123secret")`
+	`"myapp-verification=abc123secret"`
+
+	`"""`
+	`@spec verification_record_value(String.t()) :: String.t()`
+	`def verification_record_value(secret) do`
+	`@verification_prefix <> secret`
+	`end`
+
+	`@doc """`
+	`Returns the CNAME target where custom domains should point.`
+
+	`Configurable via:`
+
+	`config :my_app, MyApp.Hosting.DNS, cname_target: "your-app.fly.dev"`
+
+	`## Examples`
+
+	`iex> cname_target()`
+	`"proxy.fly.dev"`
+
+	`"""`
+	`@spec cname_target() :: String.t()`
+	`def cname_target do`
+	`config()[:cname_target] \|\| @default_cname_target`
+	`end`
+
+	`@doc """`
+	`Looks up TXT records for a given hostname.`
+
+	`Delegates to the configured resolver.`
+
+	`## Examples`
+
+	`iex> lookup_txt_records("example.com")`
+	`{:ok, ["v=spf1 include:_spf.google.com ~all", "myapp-verification=abc123"]}`
+
+	`"""`
+	`@spec lookup_txt_records(String.t()) :: {:ok, [String.t()]} \| {:error, atom()}`
+	`def lookup_txt_records(hostname) when is_binary(hostname) do`
+	`resolver().lookup_txt(hostname)`
+	`end`
+
+	`defp resolver do`
+	`config()[:resolver] \|\| raise "No DNS resolver configured"`
+	`end`
+
+	`defp config do`
+	`Application.get_env(:my_app, __MODULE__, [])`
+	`end`
+	`end`

Live DNS resolver

The production resolver uses Erlang's :inet_res module for real DNS lookups. It handles the quirks of TXT records: they come back as lists of charlists (since TXT records can be split into 255-byte chunks) that need to be joined and converted to strings. An empty result from :inet_res.lookup/4 is ambiguous (could be no records or NXDOMAIN), so it falls back to :inet_res.resolve/4 to distinguish between the two.

lib/my_app/hosting/dns/live_resolver.ex Reveal

	`-0,0 +1,50 @@`
+	`defmodule MyApp.Hosting.DNS.LiveResolver do`
+	`@moduledoc """`
+	DNS resolver that performs real TXT record lookups via `:inet_res`.
+
+	`## Configuration`
+
+	`config :my_app, MyApp.Hosting.DNS,`
+	`resolver: MyApp.Hosting.DNS.LiveResolver`
+
+	`"""`
+
+	`@behaviour MyApp.Hosting.DNS`
+
+	`@dns_timeout 5_000`
+
+	`@impl true`
+	`def lookup_txt(hostname) when is_binary(hostname) do`
+	`hostname_charlist = String.to_charlist(hostname)`
+
+	`case :inet_res.lookup(hostname_charlist, :in, :txt, timeout: @dns_timeout) do`
+	`[] ->`
+	`# Empty result could mean no records or NXDOMAIN - check explicitly`
+	`case :inet_res.resolve(hostname_charlist, :in, :txt, timeout: @dns_timeout) do`
+	`{:ok, _} -> {:ok, []}`
+	`{:error, reason} -> {:error, reason}`
+	`end`
+
+	`records when is_list(records) ->`
+	`# TXT records come back as lists of charlists, flatten and convert`
+	`parsed =`
+	`records`
+	`\|> Enum.map(&parse_txt_record/1)`
+	`\|> Enum.reject(&is_nil/1)`
+
+	`{:ok, parsed}`
+	`end`
+	`rescue`
+	`_ -> {:error, :dns_error}`
+	`end`
+
+	`# TXT records can be split into multiple strings (each max 255 chars)`
+	`# :inet_res returns them as a list of charlists that need to be joined`
+	`defp parse_txt_record(record) when is_list(record) do`
+	`record`
+	`\|> Enum.map(&to_string/1)`
+	`\|> Enum.join()`
+	`rescue`
+	`_ -> nil`
+	`end`
+	`end`

Local DNS resolver

The development resolver auto-verifies all domains by looking up the hostname's txt_record_secret directly from the database and returning it as a TXT record. This means clicking "Verify" in development always succeeds without needing actual DNS configuration. It parses the _myapp-verify. prefix from the lookup hostname to find the actual domain, then queries the Hostname record.

lib/my_app/hosting/dns/local_resolver.ex Reveal

	`-0,0 +1,50 @@`
+	`defmodule MyApp.Hosting.DNS.LocalResolver do`
+	`@moduledoc """`
+	`DNS resolver for local development that auto-verifies all domains.`
+
+	`Returns the queried hostname as a TXT record value, which means`
+	`verify_domain/1` will always find a matching record as long as the
+	hostname has a valid `txt_record_secret`.
+
+	`## Configuration`
+
+	`config :my_app, MyApp.Hosting.DNS, resolver: MyApp.Hosting.DNS.LocalResolver`
+
+	`"""`
+
+	`@behaviour MyApp.Hosting.DNS`
+
+	`require Logger`
+
+	`@verification_prefix "myapp-verification="`
+
+	`@impl true`
+	`def lookup_txt(hostname) do`
+	`Logger.info("[DNS.LocalResolver] Auto-verifying TXT lookup for #{hostname}")`
+
+	`# Extract the secret from the database by pattern-matching the verification hostname,`
+	`# but since we don't have DB access here, return all possible prefixed values.`
+	`# Instead, we use a simpler approach: look up the hostname record and return`
+	`# whatever the caller expects.`
+	`#`
+	`# Since we can't know the expected secret here, we query the DB for it.`
+	`case lookup_hostname_secret(hostname) do`
+	`{:ok, secret} -> {:ok, [@verification_prefix <> secret]}`
+	`:error -> {:ok, []}`
+	`end`
+	`end`
+
+	`defp lookup_hostname_secret(verification_hostname) do`
+	`# Strip the "_myapp-verify." prefix to get the actual domain`
+	`case String.split(verification_hostname, ".", parts: 2) do`
+	`["_myapp-verify", domain] ->`
+	`case MyApp.Repo.get_by(MyApp.Hosting.Hostname, domain: domain) do`
+	`%{txt_record_secret: secret} -> {:ok, secret}`
+	`nil -> :error`
+	`end`
+
+	`_ ->`
+	`:error`
+	`end`
+	`end`
+	`end`

Hostname schema

The Hostname schema stores custom domains pointed at a site. Each hostname has a domain , a txt_record_secret for DNS ownership verification, and timestamp fields tracking the verification and certificate lifecycle: verified_at , certificate_requested_at , and certificate_issued_at .

When a hostname is first created, maybe_generate_secret/1 generates a cryptographically random 32-byte token (base64-encoded) that becomes the TXT record value the user must set. Domain validation uses a regex that enforces valid DNS domain format and a unique constraint ensures no two hostnames share the same domain globally.

Separate changesets handle different stages of the lifecycle: verification_changeset/2 sets the verified timestamp, and certificate_changeset/2 updates certificate fields.

lib/my_app/hosting/hostname.ex Reveal

	`-0,0 +1,59 @@`
+	`defmodule MyApp.Hosting.Hostname do`
+	`use Ecto.Schema`
+
+	`import Ecto.Changeset`
+
+	`@rand_size 32`
+
+	`@primary_key {:id, :binary_id, autogenerate: true}`
+	`@foreign_key_type :binary_id`
+
+	`schema "hostnames" do`
+	`field :domain, :string`
+	`field :txt_record_secret, :string`
+	`field :verified_at, :utc_datetime`
+	`field :certificate_requested_at, :utc_datetime`
+	`field :certificate_issued_at, :utc_datetime`
+
+	`belongs_to :site, MyApp.Hosting.Site`
+
+	`timestamps(type: :utc_datetime)`
+	`end`
+
+	`@domain_regex ~r/^(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z]{2,}$/i`
+
+	`def changeset(hostname, site, attrs) do`
+	`hostname`
+	`\|> cast(attrs, [:domain])`
+	`\|> validate_required([:domain])`
+	`\|> update_change(:domain, &String.downcase/1)`
+	`\|> validate_format(:domain, @domain_regex,`
+	`message: "must be a valid domain (e.g., example.com)"`
+	`)`
+	`\|> validate_length(:domain, max: 253)`
+	`\|> unique_constraint(:domain, message: "is already registered")`
+	`\|> maybe_generate_secret()`
+	`\|> put_change(:site_id, site.id)`
+	`end`
+
+	`defp maybe_generate_secret(%{data: %{txt_record_secret: nil}} = changeset) do`
+	`put_change(changeset, :txt_record_secret, generate_secret_token())`
+	`end`
+
+	`defp maybe_generate_secret(changeset), do: changeset`
+
+	`def generate_secret_token do`
+	`token = :crypto.strong_rand_bytes(@rand_size)`
+	`Base.encode64(token, padding: false)`
+	`end`
+
+	`def verification_changeset(hostname, verified_at) do`
+	`hostname`
+	`\|> change(verified_at: verified_at)`
+	`end`
+
+	`def certificate_changeset(hostname, attrs) do`
+	`hostname`
+	`\|> cast(attrs, [:certificate_requested_at, :certificate_issued_at])`
+	`end`
+	`end`

Site schema

The Site schema represents a hosted site belonging to a user. Each site has a name and a unique subdomain used for subdomain-based routing (e.g., my-site.my-app.test ).

The changeset/4 function validates that subdomains are lowercase alphanumeric with hyphens, enforces a max length of 63 characters, and ensures uniqueness. A cast_default_subdomain option auto-generates a subdomain from the site name by lowercasing and replacing non-alphanumeric characters with hyphens, providing a nice UX when creating sites.

lib/my_app/hosting/site.ex Reveal

	`-0,0 +1,52 @@`
+	`defmodule MyApp.Hosting.Site do`
+	`use Ecto.Schema`
+	`import Ecto.Changeset`
+
+	`@primary_key {:id, :binary_id, autogenerate: true}`
+	`@foreign_key_type :binary_id`
+
+	`schema "sites" do`
+	`field :name, :string`
+	`field :subdomain, :string`
+
+	`belongs_to :user, MyApp.Accounts.User`
+
+	`has_many :hostnames, MyApp.Hosting.Hostname`
+
+	`timestamps(type: :utc_datetime)`
+	`end`
+
+	`@subdomain_regex ~r/^[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?$/`
+
+	`def changeset(site, attrs, user_scope, opts \\ []) do`
+	`site`
+	`\|> cast(attrs, [:name, :subdomain])`
+	`\|> cast_default_subdomain(opts)`
+	`\|> validate_required([:name, :subdomain])`
+	`\|> validate_format(:subdomain, @subdomain_regex,`
+	`message: "must be lowercase alphanumeric characters and hyphens only"`
+	`)`
+	`\|> validate_length(:subdomain, max: 63)`
+	`\|> unique_constraint(:subdomain)`
+	`\|> put_change(:user_id, user_scope.user.id)`
+	`end`
+
+	`def cast_default_subdomain(changeset, opts) do`
+	`case {opts[:cast_default_subdomain], fetch_field(changeset, :name)} do`
+	`{true, {_type, name}} when is_binary(name) ->`
+	`put_change(changeset, :subdomain, name_to_subdomain(name))`
+
+	`_otherwise ->`
+	`changeset`
+	`end`
+	`end`
+
+	`def name_to_subdomain(name) when is_binary(name) do`
+	`name`
+	`\|> String.downcase()`
+	`\|> String.replace(~r/[^a-z0-9]/, "-")`
+	`\|> String.trim("-")`
+	`end`
+
+	`def name_to_subdomain(_), do: ""`
+	`end`

lib/my_app_web/controllers/hosted_controller.ex Reveal

	`-0,0 +1,11 @@`
+	`defmodule MyAppWeb.HostedController do`
+	`use MyAppWeb, :controller`
+
+	`def show(conn, %{"path" => _path} = _params) do`
+	`site = conn.assigns.current_site`
+
+	`conn`
+	`\|> Plug.Conn.put_status(:ok)`
+	`\|> html("Success! #{site.name}")`
+	`end`
+	`end`

Endpoint configuration

The ServeHostedSite plug is added to the endpoint just before MyAppWeb.Router . This placement is important: it needs access to the session (for CSRF in the hosted router) but must intercept requests before the main router handles them.

lib/my_app_web/endpoint.ex Reveal

	`-51,5 +51,7 @@ defmodule MyAppWeb.Endpoint do`
	`plug Plug.MethodOverride`
	`plug Plug.Head`
	`plug Plug.Session, @session_options`
+
+	`plug MyAppWeb.Plugs.ServeHostedSite, router: MyAppWeb.HostedRouter`
	`plug MyAppWeb.Router`
	`end`

Hostname LiveView - Form

A simple form for adding custom domains to a site. After creating a hostname, it redirects to the hostname show page where the user can see the DNS verification instructions.

lib/my_app_web/live/hostname_live/form.ex Reveal

	`-0,0 +1,141 @@`
+	`defmodule MyAppWeb.HostnameLive.Form do`
+	`use MyAppWeb, :live_view`
+
+	`alias MyApp.Hosting`
+	`alias MyApp.Hosting.Hostname`
+
+	`@impl true`
+	`def render(assigns) do`
+	`~H"""`
+	`<Layouts.app flash={@flash} current_scope={@current_scope}>`
+	`<.header>`
+	`{@page_title}`
+	`<:subtitle>Use this form to manage hostname records in your database.</:subtitle>`
+	`</.header>`
+
+	`<.form for={@form} id="hostname-form" phx-change="validate" phx-submit="save">`
+	`<.input field={@form[:domain]} type="text" label="Domain" />`
+	`<footer>`
+	`<.button phx-disable-with="Saving..." variant="primary">Save Hostname</.button>`
+	`<.button navigate={return_path(@current_scope, @return_to, @site, @hostname)}>`
+	`Cancel`
+	`</.button>`
+	`</footer>`
+	`</.form>`
+	`</Layouts.app>`
+	`"""`
+	`end`
+
+	`@impl true`
+	`def mount(%{"site_id" => site_id} = params, _session, socket) do`
+	`{:ok,`
+	`socket`
+	`\|> assign(:return_to, return_to(params["return_to"]))`
+	`\|> assign(:site, Hosting.get_site!(socket.assigns.current_scope, site_id))`
+	`\|> apply_action(socket.assigns.live_action, params)}`
+	`end`
+
+	`defp return_to(_), do: "site"`
+
+	`defp apply_action(socket, :edit, %{"id" => id}) do`
+	`hostname =`
+	`Hosting.get_hostname!(socket.assigns.current_scope, socket.assigns.site, id)`
+
+	`socket`
+	`\|> assign(:page_title, "Edit Hostname")`
+	`\|> assign(:hostname, hostname)`
+	`\|> assign(`
+	`:form,`
+	`to_form(`
+	`Hosting.change_hostname(`
+	`socket.assigns.current_scope,`
+	`hostname,`
+	`socket.assigns.site`
+	`)`
+	`)`
+	`)`
+	`end`
+
+	`defp apply_action(socket, :new, _params) do`
+	`hostname = %Hostname{site_id: socket.assigns.site.id}`
+
+	`socket`
+	`\|> assign(:page_title, "New Hostname")`
+	`\|> assign(:hostname, hostname)`
+	`\|> assign(`
+	`:form,`
+	`to_form(`
+	`Hosting.change_hostname(`
+	`socket.assigns.current_scope,`
+	`hostname,`
+	`socket.assigns.site`
+	`)`
+	`)`
+	`)`
+	`end`
+
+	`@impl true`
+	`def handle_event("validate", %{"hostname" => hostname_params}, socket) do`
+	`changeset =`
+	`Hosting.change_hostname(`
+	`socket.assigns.current_scope,`
+	`socket.assigns.hostname,`
+	`socket.assigns.site,`
+	`hostname_params`
+	`)`
+
+	`{:noreply, assign(socket, form: to_form(changeset, action: :validate))}`
+	`end`
+
+	`def handle_event("save", %{"hostname" => hostname_params}, socket) do`
+	`save_hostname(socket, socket.assigns.live_action, hostname_params)`
+	`end`
+
+	`defp save_hostname(socket, :edit, hostname_params) do`
+	`case Hosting.update_hostname(`
+	`socket.assigns.current_scope,`
+	`socket.assigns.hostname,`
+	`socket.assigns.site,`
+	`hostname_params`
+	`) do`
+	`{:ok, hostname} ->`
+	`{:noreply,`
+	`socket`
+	`\|> put_flash(:info, "Hostname updated successfully")`
+	`\|> push_navigate(`
+	`to:`
+	`return_path(`
+	`socket.assigns.current_scope,`
+	`socket.assigns.return_to,`
+	`socket.assigns.site,`
+	`hostname`
+	`)`
+	`)}`
+
+	`{:error, %Ecto.Changeset{} = changeset} ->`
+	`{:noreply, assign(socket, form: to_form(changeset))}`
+	`end`
+	`end`
+
+	`defp save_hostname(socket, :new, hostname_params) do`
+	`case Hosting.create_hostname(`
+	`socket.assigns.current_scope,`
+	`socket.assigns.site,`
+	`hostname_params`
+	`) do`
+	`{:ok, hostname} ->`
+	`{:noreply,`
+	`socket`
+	`\|> put_flash(`
+	`:info,`
+	`"Hostname created successfully. Configure your DNS to verify ownership."`
+	`)`
+	`\|> push_navigate(to: ~p"/sites/#{socket.assigns.site}/hostnames/#{hostname}")}`
+
+	`{:error, %Ecto.Changeset{} = changeset} ->`
+	`{:noreply, assign(socket, form: to_form(changeset))}`
+	`end`
+	`end`
+
+	`defp return_path(_scope, "site", site, _hostname), do: ~p"/sites/#{site}"`
+	`end`

Hostname LiveView - Show

The hostname detail page shows the domain, current status (Pending verification / Verified / Certificate pending / Active), and DNS configuration instructions. The page guides users through the setup process:

Once the certificate is issued, the DNS configuration section hides and the status shows "Active".

lib/my_app_web/live/hostname_live/show.ex Reveal

	`-0,0 +1,179 @@`
+	`defmodule MyAppWeb.HostnameLive.Show do`
+	`use MyAppWeb, :live_view`
+
+	`alias MyApp.Hosting`
+
+	`@impl true`
+	`def render(assigns) do`
+	`~H"""`
+	`<Layouts.app flash={@flash} current_scope={@current_scope}>`
+	`<.header>`
+	`{@hostname.domain}`
+	`<:subtitle>Custom hostname for {@site.name}</:subtitle>`
+	`<:actions>`
+	`<.button navigate={~p"/sites/#{@site}"}>`
+	`<.icon name="hero-arrow-left" /> Back to site`
+	`</.button>`
+	`</:actions>`
+	`</.header>`
+
+	`<.list>`
+	`<:item title="Domain">{@hostname.domain}</:item>`
+	`<:item title="Status">`
+	`<%= cond do %>`
+	`<% @hostname.certificate_issued_at -> %>`
+	`<span class="text-success">Active</span>`
+	`<% @hostname.certificate_requested_at -> %>`
+	`<span class="text-warning">Certificate pending</span>`
+	`<% @hostname.verified_at -> %>`
+	`<span class="text-success">Verified</span>`
+	`<% true -> %>`
+	`<span class="text-warning">Pending verification</span>`
+	`<% end %>`
+	`</:item>`
+	`<:item :if={@hostname.verified_at} title="Verified at">`
+	`{Calendar.strftime(@hostname.verified_at, "%Y-%m-%d %H:%M:%S UTC")}`
+	`</:item>`
+	`<:item :if={@hostname.certificate_issued_at} title="Certificate issued">`
+	`{Calendar.strftime(@hostname.certificate_issued_at, "%Y-%m-%d %H:%M:%S UTC")}`
+	`</:item>`
+	`</.list>`
+
+	`<div :if={@hostname.certificate_issued_at == nil} class="mt-8">`
+	`<.header>`
+	`DNS Configuration`
+	`<:subtitle>`
+	`Add both of the following records to your DNS provider. You can add them at the same time.`
+	`</:subtitle>`
+	`</.header>`
+
+	`<div class="mt-4 rounded-lg bg-base-200 p-4 font-mono text-sm">`
+	`<h3 class="font-semibold mb-2">TXT Record (ownership verification)</h3>`
+	`<div class="grid grid-cols-[auto_1fr] gap-x-4 gap-y-2">`
+	`<span class="font-semibold">Type:</span>`
+	`<span>{@verification.record_type}</span>`
+
+	`<span class="font-semibold">Host:</span>`
+	`<span class="break-all">{@verification.host}</span>`
+
+	`<span class="font-semibold">Value:</span>`
+	`<span class="break-all">{@verification.record_value}</span>`
+	`</div>`
+	`</div>`
+
+	`<div class="mt-4 rounded-lg bg-base-200 p-4 font-mono text-sm">`
+	`<h3 class="font-semibold mb-2">CNAME Record (point domain to our servers)</h3>`
+	`<div class="grid grid-cols-[auto_1fr] gap-x-4 gap-y-2">`
+	`<span class="font-semibold">Type:</span>`
+	`<span>{@cname.record_type}</span>`
+
+	`<span class="font-semibold">Host:</span>`
+	`<span class="break-all">{@cname.host}</span>`
+
+	`<span class="font-semibold">Value:</span>`
+	`<span class="break-all">{@cname.record_value}</span>`
+	`</div>`
+	`</div>`
+
+	`<div :if={@hostname.verified_at == nil} class="mt-4">`
+	`<.button phx-click="verify" phx-disable-with="Verifying...">`
+	`<.icon name="hero-arrow-path" /> Verify and activate`
+	`</.button>`
+	`</div>`
+
+	`<div`
+	`:if={@hostname.certificate_requested_at && @hostname.certificate_issued_at == nil}`
+	`class="mt-4"`
+	`>`
+	`<.button phx-click="check_certificate" phx-disable-with="Checking...">`
+	`<.icon name="hero-arrow-path" /> Check certificate status`
+	`</.button>`
+	`</div>`
+	`</div>`
+	`</Layouts.app>`
+	`"""`
+	`end`
+
+	`@impl true`
+	`def mount(%{"site_id" => site_id, "id" => id}, _session, socket) do`
+	`site = Hosting.get_site!(socket.assigns.current_scope, site_id)`
+	`hostname = Hosting.get_hostname!(socket.assigns.current_scope, site, id)`
+
+	`{:ok,`
+	`socket`
+	`\|> assign(:page_title, hostname.domain)`
+	`\|> assign(:site, site)`
+	`\|> assign(:hostname, hostname)`
+	`\|> assign(:verification, Hosting.verification_instructions(hostname))`
+	`\|> assign(:cname, Hosting.cname_instructions(hostname))}`
+	`end`
+
+	`@impl true`
+	`def handle_event("verify", _params, socket) do`
+	`case Hosting.verify_hostname(socket.assigns.current_scope, socket.assigns.hostname) do`
+	`{:ok, hostname} ->`
+	`socket = assign(socket, :hostname, hostname)`
+	`issue_certificate(socket)`
+
+	`{:error, :not_found} ->`
+	`{:noreply,`
+	`put_flash(socket, :error, "TXT record not found. Please check your DNS configuration.")}`
+
+	`{:error, :dns_error} ->`
+	`{:noreply,`
+	`put_flash(`
+	`socket,`
+	`:error,`
+	`"DNS record not detected yet. It may take a few minutes to propagate — please try again shortly."`
+	`)}`
+	`end`
+	`end`
+
+	`def handle_event("issue_certificate", _params, socket) do`
+	`issue_certificate(socket)`
+	`end`
+
+	`def handle_event("check_certificate", _params, socket) do`
+	`case Hosting.refresh_certificate_status(`
+	`socket.assigns.current_scope,`
+	`socket.assigns.hostname`
+	`) do`
+	`{:ok, %MyApp.Hosting.Hostname{} = hostname} ->`
+	`{:noreply,`
+	`socket`
+	`\|> assign(:hostname, hostname)`
+	`\|> put_flash(:info, "Certificate issued successfully!")}`
+
+	`{:ok, :pending} ->`
+	`{:noreply, put_flash(socket, :info, "Certificate is still being provisioned.")}`
+
+	`{:error, reason} ->`
+	`{:noreply, put_flash(socket, :error, "Failed to check certificate: #{inspect(reason)}")}`
+	`end`
+	`end`
+
+	`defp issue_certificate(socket) do`
+	`case Hosting.issue_certificate(socket.assigns.current_scope, socket.assigns.hostname) do`
+	`{:ok, hostname} ->`
+	`message =`
+	`if hostname.certificate_issued_at do`
+	`"Domain verified and certificate issued successfully!"`
+	`else`
+	`"Domain verified and certificate requested. It may take a moment to provision."`
+	`end`
+
+	`{:noreply,`
+	`socket`
+	`\|> assign(:hostname, hostname)`
+	`\|> put_flash(:info, message)}`
+
+	`{:error, reason} ->`
+	`{:noreply,`
+	`socket`
+	`\|> put_flash(`
+	`:warning,`
+	`"Domain verified, but certificate issuance failed: #{inspect(reason)}"`
+	`)}`
+	`end`
+	`end`
+	`end`

Sites LiveView - Form

Handles both creating and editing sites with name and subdomain fields. Uses the standard Phoenix LiveView form pattern with validation on change and save on submit.

lib/my_app_web/live/site_live/form.ex Reveal

	`-0,0 +1,101 @@`
+	`defmodule MyAppWeb.SiteLive.Form do`
+	`use MyAppWeb, :live_view`
+
+	`alias MyApp.Hosting`
+	`alias MyApp.Hosting.Site`
+
+	`@impl true`
+	`def render(assigns) do`
+	`~H"""`
+	`<Layouts.app flash={@flash} current_scope={@current_scope}>`
+	`<.header>`
+	`{@page_title}`
+	`<:subtitle>Use this form to manage site records in your database.</:subtitle>`
+	`</.header>`
+
+	`<.form for={@form} id="site-form" phx-change="validate" phx-submit="save">`
+	`<.input field={@form[:name]} type="text" label="Name" />`
+	`<.input field={@form[:subdomain]} type="text" label="Subdomain" />`
+	`<footer>`
+	`<.button phx-disable-with="Saving..." variant="primary">Save Site</.button>`
+	`<.button navigate={return_path(@current_scope, @return_to, @site)}>Cancel</.button>`
+	`</footer>`
+	`</.form>`
+	`</Layouts.app>`
+	`"""`
+	`end`
+
+	`@impl true`
+	`def mount(params, _session, socket) do`
+	`{:ok,`
+	`socket`
+	`\|> assign(:return_to, return_to(params["return_to"]))`
+	`\|> apply_action(socket.assigns.live_action, params)}`
+	`end`
+
+	`defp return_to("show"), do: "show"`
+	`defp return_to(_), do: "index"`
+
+	`defp apply_action(socket, :edit, %{"id" => id}) do`
+	`site = Hosting.get_site!(socket.assigns.current_scope, id)`
+
+	`socket`
+	`\|> assign(:page_title, "Edit Site")`
+	`\|> assign(:site, site)`
+	`\|> assign(:form, to_form(Hosting.change_site(socket.assigns.current_scope, site)))`
+	`end`
+
+	`defp apply_action(socket, :new, _params) do`
+	`site = %Site{user_id: socket.assigns.current_scope.user.id}`
+
+	`socket`
+	`\|> assign(:page_title, "New Site")`
+	`\|> assign(:site, site)`
+	`\|> assign(:form, to_form(Hosting.change_site(socket.assigns.current_scope, site)))`
+	`end`
+
+	`@impl true`
+	`def handle_event("validate", %{"site" => site_params}, socket) do`
+	`changeset =`
+	`Hosting.change_site(socket.assigns.current_scope, socket.assigns.site, site_params)`
+
+	`{:noreply, assign(socket, form: to_form(changeset, action: :validate))}`
+	`end`
+
+	`def handle_event("save", %{"site" => site_params}, socket) do`
+	`save_site(socket, socket.assigns.live_action, site_params)`
+	`end`
+
+	`defp save_site(socket, :edit, site_params) do`
+	`case Hosting.update_site(socket.assigns.current_scope, socket.assigns.site, site_params) do`
+	`{:ok, site} ->`
+	`{:noreply,`
+	`socket`
+	`\|> put_flash(:info, "Site updated successfully")`
+	`\|> push_navigate(`
+	`to: return_path(socket.assigns.current_scope, socket.assigns.return_to, site)`
+	`)}`
+
+	`{:error, %Ecto.Changeset{} = changeset} ->`
+	`{:noreply, assign(socket, form: to_form(changeset))}`
+	`end`
+	`end`
+
+	`defp save_site(socket, :new, site_params) do`
+	`case Hosting.create_site(socket.assigns.current_scope, site_params) do`
+	`{:ok, site} ->`
+	`{:noreply,`
+	`socket`
+	`\|> put_flash(:info, "Site created successfully")`
+	`\|> push_navigate(`
+	`to: return_path(socket.assigns.current_scope, socket.assigns.return_to, site)`
+	`)}`
+
+	`{:error, %Ecto.Changeset{} = changeset} ->`
+	`{:noreply, assign(socket, form: to_form(changeset))}`
+	`end`
+	`end`
+
+	`defp return_path(_scope, "index", _site), do: ~p"/sites"`
+	`defp return_path(_scope, "show", site), do: ~p"/sites/#{site}"`
+	`end`

Sites LiveView - Index

A standard list page showing all sites for the current user in a table with name and subdomain columns. Supports creating, editing, and deleting sites with real-time updates via PubSub subscriptions.

lib/my_app_web/live/site_live/index.ex Reveal

	`-0,0 +1,74 @@`
+	`defmodule MyAppWeb.SiteLive.Index do`
+	`use MyAppWeb, :live_view`
+
+	`alias MyApp.Hosting`
+
+	`@impl true`
+	`def render(assigns) do`
+	`~H"""`
+	`<Layouts.app flash={@flash} current_scope={@current_scope}>`
+	`<.header>`
+	`Listing Sites`
+	`<:actions>`
+	`<.button variant="primary" navigate={~p"/sites/new"}>`
+	`<.icon name="hero-plus" /> New Site`
+	`</.button>`
+	`</:actions>`
+	`</.header>`
+
+	`<.table`
+	`id="sites"`
+	`rows={@streams.sites}`
+	`row_click={fn {_id, site} -> JS.navigate(~p"/sites/#{site}") end}`
+	`>`
+	`<:col :let={{_id, site}} label="Name">{site.name}</:col>`
+	`<:col :let={{_id, site}} label="Subdomain">{site.subdomain}</:col>`
+	`<:action :let={{_id, site}}>`
+	`<div class="sr-only">`
+	`<.link navigate={~p"/sites/#{site}"}>Show</.link>`
+	`</div>`
+	`<.link navigate={~p"/sites/#{site}/edit"}>Edit</.link>`
+	`</:action>`
+	`<:action :let={{id, site}}>`
+	`<.link`
+	`phx-click={JS.push("delete", value: %{id: site.id}) \|> hide("##{id}")}`
+	`data-confirm="Are you sure?"`
+	`>`
+	`Delete`
+	`</.link>`
+	`</:action>`
+	`</.table>`
+	`</Layouts.app>`
+	`"""`
+	`end`
+
+	`@impl true`
+	`def mount(_params, _session, socket) do`
+	`if connected?(socket) do`
+	`Hosting.subscribe_sites(socket.assigns.current_scope)`
+	`end`
+
+	`{:ok,`
+	`socket`
+	`\|> assign(:page_title, "Listing Sites")`
+	`\|> stream(:sites, list_sites(socket.assigns.current_scope))}`
+	`end`
+
+	`@impl true`
+	`def handle_event("delete", %{"id" => id}, socket) do`
+	`site = Hosting.get_site!(socket.assigns.current_scope, id)`
+	`{:ok, _} = Hosting.delete_site(socket.assigns.current_scope, site)`
+
+	`{:noreply, stream_delete(socket, :sites, site)}`
+	`end`
+
+	`@impl true`
+	`def handle_info({type, %MyApp.Hosting.Site{}}, socket)`
+	`when type in [:created, :updated, :deleted] do`
+	`{:noreply, stream(socket, :sites, list_sites(socket.assigns.current_scope), reset: true)}`
+	`end`
+
+	`defp list_sites(current_scope) do`
+	`Hosting.list_sites(current_scope)`
+	`end`
+	`end`

Sites LiveView - Show

The site detail page displays the site info and a table of associated hostnames with their verification status. Users can add new hostnames, view hostname details, and delete hostnames. Subscribes to both site and hostname PubSub topics for real-time updates.

lib/my_app_web/live/site_live/show.ex Reveal

	`-0,0 +1,127 @@`
+	`defmodule MyAppWeb.SiteLive.Show do`
+	`use MyAppWeb, :live_view`
+
+	`alias MyApp.Hosting`
+
+	`@impl true`
+	`def render(assigns) do`
+	`~H"""`
+	`<Layouts.app flash={@flash} current_scope={@current_scope}>`
+	`<.header>`
+	`{@site.name}`
+	`<:subtitle>This is a site record from your database.</:subtitle>`
+	`<:actions>`
+	`<.button navigate={~p"/sites"}>`
+	`<.icon name="hero-arrow-left" />`
+	`</.button>`
+	`<.button variant="primary" navigate={~p"/sites/#{@site}/edit?return_to=show"}>`
+	`<.icon name="hero-pencil-square" /> Edit site`
+	`</.button>`
+	`</:actions>`
+	`</.header>`
+
+	`<.list>`
+	`<:item title="Name">{@site.name}</:item>`
+	`<:item title="Subdomain">{@site.subdomain}</:item>`
+	`</.list>`
+
+	`<.header>`
+	`Hostnames`
+	`<:actions>`
+	`<.button variant="primary" navigate={~p"/sites/#{@site}/hostnames/new"}>`
+	`<.icon name="hero-plus" /> New Hostname`
+	`</.button>`
+	`</:actions>`
+	`</.header>`
+
+	`<.table id="hostnames" rows={@streams.hostnames}>`
+	`<:col :let={{_id, hostname}} label="Domain">{hostname.domain}</:col>`
+	`<:col :let={{_id, hostname}} label="Status">`
+	`<%= if hostname.verified_at do %>`
+	`<span class="text-success">Verified</span>`
+	`<% else %>`
+	`<span class="text-warning">Pending</span>`
+	`<% end %>`
+	`</:col>`
+	`<:action :let={{_id, hostname}}>`
+	`<.link navigate={~p"/sites/#{@site}/hostnames/#{hostname}"}>`
+	`View`
+	`</.link>`
+	`</:action>`
+	`<:action :let={{id, hostname}}>`
+	`<.link`
+	`phx-click={JS.push("delete_hostname", value: %{id: hostname.id}) \|> hide("##{id}")}`
+	`data-confirm="Are you sure?"`
+	`>`
+	`Delete`
+	`</.link>`
+	`</:action>`
+	`</.table>`
+	`</Layouts.app>`
+	`"""`
+	`end`
+
+	`@impl true`
+	`def mount(%{"id" => id}, _session, socket) do`
+	`if connected?(socket) do`
+	`Hosting.subscribe_sites(socket.assigns.current_scope)`
+	`Hosting.subscribe_hostnames(socket.assigns.current_scope)`
+	`end`
+
+	`site = Hosting.get_site!(socket.assigns.current_scope, id)`
+
+	`{:ok,`
+	`socket`
+	`\|> assign(:page_title, site.name)`
+	`\|> assign(:site, site)`
+	`\|> stream(:hostnames, list_hostnames(socket.assigns.current_scope, site))}`
+	`end`
+
+	`@impl true`
+	`def handle_event("delete_hostname", %{"id" => id}, socket) do`
+	`hostname =`
+	`Hosting.get_hostname!(socket.assigns.current_scope, socket.assigns.site, id)`
+
+	`{:ok, _} = Hosting.delete_hostname(socket.assigns.current_scope, hostname)`
+
+	`{:noreply, stream_delete(socket, :hostnames, hostname)}`
+	`end`
+
+	`@impl true`
+	`def handle_info(`
+	`{:updated, %MyApp.Hosting.Site{id: id} = site},`
+	`%{assigns: %{site: %{id: id}}} = socket`
+	`) do`
+	`{:noreply, assign(socket, :site, site)}`
+	`end`
+
+	`def handle_info(`
+	`{:deleted, %MyApp.Hosting.Site{id: id}},`
+	`%{assigns: %{site: %{id: id}}} = socket`
+	`) do`
+	`{:noreply,`
+	`socket`
+	`\|> put_flash(:error, "The current site was deleted.")`
+	`\|> push_navigate(to: ~p"/sites")}`
+	`end`
+
+	`def handle_info({type, %MyApp.Hosting.Site{}}, socket)`
+	`when type in [:created, :updated, :deleted] do`
+	`{:noreply, socket}`
+	`end`
+
+	`def handle_info({type, %MyApp.Hosting.Hostname{}}, socket)`
+	`when type in [:created, :updated, :deleted] do`
+	`{:noreply,`
+	`stream(`
+	`socket,`
+	`:hostnames,`
+	`list_hostnames(socket.assigns.current_scope, socket.assigns.site),`
+	`reset: true`
+	`)}`
+	`end`
+
+	`defp list_hostnames(current_scope, site) do`
+	`Hosting.list_hostnames(current_scope, site)`
+	`end`
+	`end`

ServeHostedSite plug

This plug sits in the endpoint pipeline before the main router and intercepts requests destined for hosted sites. It compares the request host against the endpoint's configured host to determine routing:

When a site is found, the plug assigns current_site to the conn and dispatches to the HostedRouter . If no site matches, it returns a 404. The plug calls halt() after dispatching to the hosted router, preventing the request from continuing to the main app router.

lib/my_app_web/plugs/serve_hosted_site.ex Reveal

	`-0,0 +1,60 @@`
+	`defmodule MyAppWeb.Plugs.ServeHostedSite do`
+	`@moduledoc false`
+
+	`@behaviour Plug`
+	`import Plug.Conn`
+
+	`require Logger`
+
+	`alias MyApp.Hosting`
+	`alias MyApp.Hosting.Site`
+
+	`@doc false`
+	`def init(default), do: default`
+
+	`@doc false`
+	`@spec call(Plug.Conn.t(), Keyword.t()) :: Plug.Conn.t()`
+	`def call(%Plug.Conn{host: host} = conn, opts) do`
+	`router = opts[:router] \|\| raise "Must specify :router opt to use ServeHostedSite plug"`
+
+	`split_endpoint_host = String.split(conn.private.phoenix_endpoint.host(), ".")`
+	`split_host = String.split(host, ".")`
+
+	`with {:ok, hosting_type, value} <- hosted_site(split_endpoint_host, split_host),`
+	`{:ok, %Site{} = site} <- get_site(hosting_type, value) do`
+	`conn`
+	`\|> assign(:current_site, site)`
+	`\|> router.call(router.init([]))`
+	`\|> halt()`
+	`else`
+	`{:error, :not_hosted} ->`
+	`conn`
+
+	`{:error, :not_found} ->`
+	`conn`
+	`\|> Plug.Conn.put_status(:not_found)`
+	`\|> Phoenix.Controller.html("Not Found")`
+	`end`
+	`end`
+
+	`@spec hosted_site(String.t(), [String.t()]) ::`
+	`{:ok, :subdomain \| :hostname, String.t()} \| {:error, :not_hosted}`
+	`defp hosted_site(_host, ["localhost"]), do: {:error, :not_hosted}`
+	`defp hosted_site(host, host), do: {:error, :not_hosted}`
+	`defp hosted_site(host, [subdomain \| host]), do: {:ok, :subdomain, subdomain}`
+	`defp hosted_site(_host, domain), do: {:ok, :hostname, Enum.join(domain, ".")}`
+
+	`@spec get_site(:subdomain \| :hostname, String.t()) :: {:ok, Site.t()} \| {:error, :not_found}`
+	`defp get_site(hosting_type, value) do`
+	`result =`
+	`case hosting_type do`
+	`:subdomain -> Hosting.get_site_by_subdomain(value)`
+	`:hostname -> Hosting.get_site_by_hostname(value)`
+	`end`
+
+	`case result do`
+	`nil -> {:error, :not_found}`
+	`site -> {:ok, site}`
+	`end`
+	`end`
+	`end`

Router

Site and hostname routes are added under the authenticated scope. Sites get full CRUD routes, while hostnames are nested under sites with routes for creating and viewing.

lib/my_app_web/router.ex Reveal

	`-54,6 +54,18 @@ defmodule MyAppWeb.Router do`
	`on_mount: [{MyAppWeb.UserAuth, :require_authenticated}] do`
	`live "/users/settings", UserLive.Settings, :edit`
	`live "/users/settings/confirm-email/:token", UserLive.Settings, :confirm_email`
+
+	`## Sites`
+
+	`live "/sites", SiteLive.Index, :index`
+	`live "/sites/new", SiteLive.Form, :new`
+	`live "/sites/:id", SiteLive.Show, :show`
+	`live "/sites/:id/edit", SiteLive.Form, :edit`
+
+	`## Hostnames`
+
+	`live "/sites/:site_id/hostnames/new", HostnameLive.Form, :new`
+	`live "/sites/:site_id/hostnames/:id", HostnameLive.Show, :show`
	`end`

	`post "/users/update-password", UserSessionController, :update_password`

Hosted router and controller

The HostedRouter is a separate router for hosted site requests. It has its own browser pipeline (session, CSRF, etc.) and a catch-all route that sends all paths to HostedController.show/2 . The controller simply renders a success page with the site name — in a real app, you'd replace this with your hosted site rendering logic.

lib/my_app_web/routers/hosted_router.ex Reveal

	`-0,0 +1,21 @@`
+	`defmodule MyAppWeb.HostedRouter do`
+	`use MyAppWeb, :router`
+
+	`import MyAppWeb.UserAuth`
+
+	`pipeline :browser do`
+	`plug :accepts, ["html"]`
+	`plug :fetch_session`
+	`plug :fetch_live_flash`
+	`plug :put_root_layout, html: {MyAppWeb.Layouts, :root}`
+	`plug :protect_from_forgery`
+	`plug :put_secure_browser_headers`
+	`plug :fetch_current_scope_for_user`
+	`end`
+
+	`scope "/", MyAppWeb do`
+	`pipe_through :browser`
+
+	`get "/*path", HostedController, :show`
+	`end`
+	`end`

Migrations

Two migrations create the sites and hostnames tables. Sites have a unique index on subdomain and a foreign key to users . Hostnames have a unique index on domain (globally unique across all sites) and a foreign key to sites with cascade delete.

priv/repo/migrations/0001_create_sites.exs Reveal

	`-0,0 +1,17 @@`
+	`defmodule MyApp.Repo.Migrations.CreateSites do`
+	`use Ecto.Migration`
+
+	`def change do`
+	`create table(:sites, primary_key: false) do`
+	`add :id, :binary_id, primary_key: true`
+	`add :name, :string, null: false`
+	`add :subdomain, :string, null: false`
+	`add :user_id, references(:users, type: :binary_id, on_delete: :delete_all), null: false`
+
+	`timestamps(type: :utc_datetime)`
+	`end`
+
+	`create index(:sites, [:user_id])`
+	`create unique_index(:sites, [:subdomain])`
+	`end`
+	`end`

priv/repo/migrations/0002_create_hostnames.exs Reveal

	`-0,0 +1,20 @@`
+	`defmodule MyApp.Repo.Migrations.CreateHostnames do`
+	`use Ecto.Migration`
+
+	`def change do`
+	`create table(:hostnames, primary_key: false) do`
+	`add :id, :binary_id, primary_key: true`
+	`add :domain, :string, null: false`
+	`add :txt_record_secret, :string, null: false`
+	`add :verified_at, :utc_datetime`
+	`add :certificate_requested_at, :utc_datetime`
+	`add :certificate_issued_at, :utc_datetime`
+	`add :site_id, references(:sites, type: :binary_id, on_delete: :delete_all), null: false`
+
+	`timestamps(type: :utc_datetime)`
+	`end`
+
+	`create index(:hostnames, [:site_id])`
+	`create unique_index(:hostnames, [:domain])`
+	`end`
+	`end`

test/my_app/hosting/certificates_test.exs Reveal

	`-0,0 +1,125 @@`
+	`defmodule MyApp.Hosting.CertificatesTest do`
+	`use MyApp.DataCase, async: false`
+
+	`alias MyApp.Hosting.Certificates`
+	`alias MyApp.Hosting.Certificates.MockAdapter`
+	`alias MyApp.Hosting.Hostname`
+
+	`setup do`
+	`Application.put_env(:my_app, Certificates, adapter: MockAdapter)`
+
+	`on_exit(fn ->`
+	`Application.delete_env(:my_app, Certificates)`
+	`end)`
+
+	`:ok`
+	`end`
+
+	`describe "issue_certificate/1" do`
+	`test "issues certificate for domain" do`
+	`hostname = %Hostname{`
+	`domain: "verified.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`assert {:ok, result} = Certificates.issue_certificate(hostname)`
+	`assert result.hostname == "verified.com"`
+	`assert result.status == :pending`
+	`end`
+
+	`test "uses mocked response when configured" do`
+	`hostname = %Hostname{`
+	`domain: "custom.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`MockAdapter.mock_add_certificate(`
+	`"custom.com",`
+	`{:ok,`
+	`%{`
+	`hostname: "custom.com",`
+	`status: :issued,`
+	`dns_validation_hostname: nil,`
+	`dns_validation_target: nil,`
+	`issued_at: DateTime.utc_now(),`
+	`expires_at: DateTime.utc_now() \|> DateTime.add(90, :day),`
+	`error: nil`
+	`}}`
+	`)`
+
+	`assert {:ok, result} = Certificates.issue_certificate(hostname)`
+	`assert result.status == :issued`
+	`end`
+
+	`test "returns error from adapter" do`
+	`hostname = %Hostname{`
+	`domain: "error.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`MockAdapter.mock_add_certificate("error.com", {:error, "API rate limit exceeded"})`
+
+	`assert {:error, "API rate limit exceeded"} = Certificates.issue_certificate(hostname)`
+	`end`
+	`end`
+
+	`describe "check_certificate/1" do`
+	`test "checks certificate status" do`
+	`hostname = %Hostname{`
+	`domain: "check.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`assert {:ok, result} = Certificates.check_certificate(hostname)`
+	`assert result.hostname == "check.com"`
+	`assert result.status == :issued`
+	`end`
+
+	`test "returns mocked check response" do`
+	`hostname = %Hostname{`
+	`domain: "pending.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`MockAdapter.mock_check_certificate(`
+	`"pending.com",`
+	`{:ok,`
+	`%{`
+	`hostname: "pending.com",`
+	`status: :pending,`
+	`dns_validation_hostname: "_acme-challenge.pending.com",`
+	`dns_validation_target: "validation.target.com",`
+	`issued_at: nil,`
+	`expires_at: nil,`
+	`error: nil`
+	`}}`
+	`)`
+
+	`assert {:ok, result} = Certificates.check_certificate(hostname)`
+	`assert result.status == :pending`
+	`assert result.dns_validation_hostname == "_acme-challenge.pending.com"`
+	`end`
+	`end`
+
+	`describe "delete_certificate/1" do`
+	`test "deletes certificate" do`
+	`hostname = %Hostname{`
+	`domain: "delete.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`assert :ok = Certificates.delete_certificate(hostname)`
+	`end`
+
+	`test "returns mocked error" do`
+	`hostname = %Hostname{`
+	`domain: "nodelete.com",`
+	`verified_at: DateTime.utc_now()`
+	`}`
+
+	`MockAdapter.mock_delete_certificate("nodelete.com", {:error, :not_found})`
+
+	`assert {:error, :not_found} = Certificates.delete_certificate(hostname)`
+	`end`
+	`end`
+	`end`

test/my_app/hosting/dns_test.exs Reveal

	`-0,0 +1,125 @@`
+	`defmodule MyApp.Hosting.DNSTest do`
+	`use ExUnit.Case, async: false`
+
+	`alias MyApp.Hosting.DNS`
+
+	`# Mock resolver that uses the process dictionary for test-specific responses`
+	`defmodule MockResolver do`
+	`@behaviour MyApp.Hosting.DNS`
+
+	`@impl true`
+	`def lookup_txt(hostname) do`
+	`case Process.get({:dns_mock, hostname}) do`
+	`nil -> {:error, :nxdomain}`
+	`result -> result`
+	`end`
+	`end`
+	`end`
+
+	`setup do`
+	`# Configure the mock resolver for tests`
+	`Application.put_env(:my_app, DNS, resolver: MockResolver)`
+
+	`on_exit(fn ->`
+	`Application.delete_env(:my_app, DNS)`
+	`end)`
+
+	`:ok`
+	`end`
+
+	`defp mock_txt_records(hostname, records) when is_list(records) do`
+	`Process.put({:dns_mock, hostname}, {:ok, records})`
+	`end`
+
+	`defp mock_dns_error(hostname, reason) do`
+	`Process.put({:dns_mock, hostname}, {:error, reason})`
+	`end`
+
+	`describe "verify_domain/2" do`
+	`test "returns {:ok, :verified} when TXT record matches" do`
+	`mock_txt_records("_myapp-verify.example.com", [`
+	`"myapp-verification=secret123"`
+	`])`
+
+	`assert {:ok, :verified} = DNS.verify_domain("example.com", "secret123")`
+	`end`
+
+	`test "returns {:ok, :verified} when TXT record is among multiple records" do`
+	`mock_txt_records("_myapp-verify.example.com", [`
+	`"v=spf1 include:_spf.google.com ~all",`
+	`"myapp-verification=secret123",`
+	`"some-other-record=value"`
+	`])`
+
+	`assert {:ok, :verified} = DNS.verify_domain("example.com", "secret123")`
+	`end`
+
+	`test "returns {:error, :not_found} when TXT record doesn't match" do`
+	`mock_txt_records("_myapp-verify.example.com", [`
+	`"myapp-verification=wrong-secret"`
+	`])`
+
+	`assert {:error, :not_found} = DNS.verify_domain("example.com", "secret123")`
+	`end`
+
+	`test "returns {:error, :not_found} when no TXT records exist" do`
+	`mock_txt_records("_myapp-verify.example.com", [])`
+
+	`assert {:error, :not_found} = DNS.verify_domain("example.com", "secret123")`
+	`end`
+
+	`test "returns {:error, :dns_error} when DNS lookup fails" do`
+	`mock_dns_error("_myapp-verify.example.com", :nxdomain)`
+
+	`assert {:error, :dns_error} = DNS.verify_domain("example.com", "secret123")`
+	`end`
+	`end`
+
+	`describe "verify_domain/1 with Hostname struct" do`
+	`test "verifies using hostname fields" do`
+	`mock_txt_records("_myapp-verify.mydomain.com", [`
+	`"myapp-verification=abc123"`
+	`])`
+
+	`hostname = %MyApp.Hosting.Hostname{`
+	`domain: "mydomain.com",`
+	`txt_record_secret: "abc123"`
+	`}`
+
+	`assert {:ok, :verified} = DNS.verify_domain(hostname)`
+	`end`
+	`end`
+
+	`describe "verification_hostname/1" do`
+	`test "prepends verification subdomain" do`
+	`assert "_myapp-verify.example.com" = DNS.verification_hostname("example.com")`
+	`assert "_myapp-verify.sub.example.com" = DNS.verification_hostname("sub.example.com")`
+	`end`
+	`end`
+
+	`describe "verification_record_value/1" do`
+	`test "prepends verification prefix" do`
+	`assert "myapp-verification=abc123" = DNS.verification_record_value("abc123")`
+	`end`
+	`end`
+
+	`describe "lookup_txt_records/1" do`
+	`test "returns list of TXT records" do`
+	`mock_txt_records("example.com", ["record1", "record2"])`
+
+	`assert {:ok, ["record1", "record2"]} = DNS.lookup_txt_records("example.com")`
+	`end`
+
+	`test "returns empty list when no records" do`
+	`mock_txt_records("example.com", [])`
+
+	`assert {:ok, []} = DNS.lookup_txt_records("example.com")`
+	`end`
+
+	`test "returns error on DNS failure" do`
+	`mock_dns_error("example.com", :timeout)`
+
+	`assert {:error, :timeout} = DNS.lookup_txt_records("example.com")`
+	`end`
+	`end`
+	`end`

test/my_app/hosting_test.exs Reveal

	`-0,0 +1,493 @@`
+	`defmodule MyApp.HostingTest do`
+	`use MyApp.DataCase`
+
+	`alias MyApp.Hosting`
+
+	`describe "sites" do`
+	`alias MyApp.Hosting.Site`
+
+	`import MyApp.AccountsFixtures, only: [user_scope_fixture: 0]`
+	`import MyApp.HostingFixtures`
+
+	`@invalid_attrs %{name: nil, subdomain: nil}`
+
+	`test "create_site/2 rejects invalid subdomain format" do`
+	`scope = user_scope_fixture()`
+
+	`assert {:error, changeset} =`
+	`Hosting.create_site(scope, %{name: "test", subdomain: "has spaces"})`
+
+	`assert {"must be lowercase alphanumeric characters and hyphens only", _} =`
+	`changeset.errors[:subdomain]`
+	`end`
+
+	`test "list_sites/1 returns all scoped sites" do`
+	`scope = user_scope_fixture()`
+	`other_scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`other_site = site_fixture(other_scope)`
+	`assert Hosting.list_sites(scope) == [site]`
+	`assert Hosting.list_sites(other_scope) == [other_site]`
+	`end`
+
+	`test "get_site!/2 returns the site with given id" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`other_scope = user_scope_fixture()`
+	`assert Hosting.get_site!(scope, site.id) == site`
+	`assert_raise Ecto.NoResultsError, fn -> Hosting.get_site!(other_scope, site.id) end`
+	`end`
+
+	`test "create_site/2 with valid data creates a site" do`
+	`valid_attrs = %{name: "some name", subdomain: "some-subdomain"}`
+	`scope = user_scope_fixture()`
+
+	`assert {:ok, %Site{} = site} = Hosting.create_site(scope, valid_attrs)`
+	`assert site.name == "some name"`
+	`assert site.subdomain == "some-subdomain"`
+	`assert site.user_id == scope.user.id`
+	`end`
+
+	`test "create_site/2 with invalid data returns error changeset" do`
+	`scope = user_scope_fixture()`
+	`assert {:error, %Ecto.Changeset{}} = Hosting.create_site(scope, @invalid_attrs)`
+	`end`
+
+	`test "update_site/3 with valid data updates the site" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`update_attrs = %{name: "some updated name", subdomain: "some-updated-subdomain"}`
+
+	`assert {:ok, %Site{} = site} = Hosting.update_site(scope, site, update_attrs)`
+	`assert site.name == "some updated name"`
+	`assert site.subdomain == "some-updated-subdomain"`
+	`end`
+
+	`test "update_site/3 with invalid scope raises" do`
+	`scope = user_scope_fixture()`
+	`other_scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+
+	`assert_raise MatchError, fn ->`
+	`Hosting.update_site(other_scope, site, %{})`
+	`end`
+	`end`
+
+	`test "update_site/3 with invalid data returns error changeset" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`assert {:error, %Ecto.Changeset{}} = Hosting.update_site(scope, site, @invalid_attrs)`
+	`assert site == Hosting.get_site!(scope, site.id)`
+	`end`
+
+	`test "delete_site/2 deletes the site" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`assert {:ok, %Site{}} = Hosting.delete_site(scope, site)`
+	`assert_raise Ecto.NoResultsError, fn -> Hosting.get_site!(scope, site.id) end`
+	`end`
+
+	`test "delete_site/2 with invalid scope raises" do`
+	`scope = user_scope_fixture()`
+	`other_scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`assert_raise MatchError, fn -> Hosting.delete_site(other_scope, site) end`
+	`end`
+
+	`test "change_site/2 returns a site changeset" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`assert %Ecto.Changeset{} = Hosting.change_site(scope, site)`
+	`end`
+	`end`
+
+	`describe "hostnames" do`
+	`alias MyApp.Hosting.Hostname`
+
+	`import MyApp.AccountsFixtures, only: [user_scope_fixture: 0]`
+	`import MyApp.HostingFixtures`
+
+	`@invalid_attrs %{domain: nil}`
+
+	`test "list_hostnames/2 returns all hostnames for a site" do`
+	`scope = user_scope_fixture()`
+	`other_scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`other_site = site_fixture(other_scope)`
+	`hostname = hostname_fixture(scope, site)`
+	`other_hostname = hostname_fixture(other_scope, other_site)`
+	`assert Hosting.list_hostnames(scope, site) == [hostname]`
+	`assert Hosting.list_hostnames(other_scope, other_site) == [other_hostname]`
+	`end`
+
+	`test "get_hostname!/3 returns the hostname with given id" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site)`
+	`assert Hosting.get_hostname!(scope, site, hostname.id) == hostname`
+	`end`
+
+	`test "create_hostname/3 with valid data creates a hostname" do`
+	`valid_attrs = %{domain: "example.com"}`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+
+	`assert {:ok, %Hostname{} = hostname} =`
+	`Hosting.create_hostname(scope, site, valid_attrs)`
+
+	`assert hostname.domain == "example.com"`
+	`assert hostname.site_id == site.id`
+	`end`
+
+	`test "create_hostname/3 with invalid data returns error changeset" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`assert {:error, %Ecto.Changeset{}} = Hosting.create_hostname(scope, site, @invalid_attrs)`
+	`end`
+
+	`test "create_hostname/3 rejects invalid domain format" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+
+	`invalid_domains = ["not a domain", "missing-tld", "http://example.com", "-invalid.com"]`
+
+	`for domain <- invalid_domains do`
+	`assert {:error, changeset} = Hosting.create_hostname(scope, site, %{domain: domain})`
+	`assert {"must be a valid domain (e.g., example.com)", _} = changeset.errors[:domain]`
+	`end`
+	`end`
+
+	`test "create_hostname/3 rejects duplicate domains" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+
+	`{:ok, _} = Hosting.create_hostname(scope, site, %{domain: "unique-test.com"})`
+
+	`# Same domain on same site`
+	`assert {:error, changeset} =`
+	`Hosting.create_hostname(scope, site, %{domain: "unique-test.com"})`
+
+	`assert {"is already registered", _} = changeset.errors[:domain]`
+
+	`# Same domain on different site (still should fail - domains are globally unique)`
+	`other_scope = user_scope_fixture()`
+	`other_site = site_fixture(other_scope)`
+
+	`assert {:error, changeset} =`
+	`Hosting.create_hostname(other_scope, other_site, %{domain: "unique-test.com"})`
+
+	`assert {"is already registered", _} = changeset.errors[:domain]`
+	`end`
+
+	`test "create_hostname/3 normalizes domain to lowercase" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+
+	`{:ok, hostname} = Hosting.create_hostname(scope, site, %{domain: "UPPERCASE.COM"})`
+	`assert hostname.domain == "uppercase.com"`
+	`end`
+
+	`test "update_hostname/4 with valid data updates the hostname" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site)`
+	`update_attrs = %{domain: "updated.example.com"}`
+
+	`assert {:ok, %Hostname{} = hostname} =`
+	`Hosting.update_hostname(scope, hostname, site, update_attrs)`
+
+	`assert hostname.domain == "updated.example.com"`
+	`end`
+
+	`test "update_hostname/4 with invalid data returns error changeset" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site)`
+
+	`assert {:error, %Ecto.Changeset{}} =`
+	`Hosting.update_hostname(scope, hostname, site, @invalid_attrs)`
+
+	`assert hostname == Hosting.get_hostname!(scope, site, hostname.id)`
+	`end`
+
+	`test "delete_hostname/2 deletes the hostname" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site)`
+	`assert {:ok, %Hostname{}} = Hosting.delete_hostname(scope, hostname)`
+
+	`assert_raise Ecto.NoResultsError, fn ->`
+	`Hosting.get_hostname!(scope, site, hostname.id)`
+	`end`
+	`end`
+
+	`test "change_hostname/4 returns a hostname changeset" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site)`
+	`assert %Ecto.Changeset{} = Hosting.change_hostname(scope, hostname, site)`
+	`end`
+	`end`
+
+	`describe "domain verification" do`
+	`alias MyApp.Hosting.Hostname`
+	`alias MyApp.Hosting.DNS`
+
+	`import MyApp.AccountsFixtures, only: [user_scope_fixture: 0]`
+	`import MyApp.HostingFixtures`
+
+	`# Mock resolver for DNS tests`
+	`defmodule MockResolver do`
+	`@behaviour MyApp.Hosting.DNS`
+
+	`@impl true`
+	`def lookup_txt(hostname) do`
+	`case Process.get({:dns_mock, hostname}) do`
+	`nil -> {:error, :nxdomain}`
+	`result -> result`
+	`end`
+	`end`
+	`end`
+
+	`setup do`
+	`Application.put_env(:my_app, DNS, resolver: MockResolver)`
+
+	`on_exit(fn ->`
+	`Application.delete_env(:my_app, DNS)`
+	`end)`
+
+	`:ok`
+	`end`
+
+	`defp mock_txt_records(hostname, records) do`
+	`Process.put({:dns_mock, hostname}, {:ok, records})`
+	`end`
+
+	`defp mock_dns_error(hostname, reason) do`
+	`Process.put({:dns_mock, hostname}, {:error, reason})`
+	`end`
+
+	`test "verify_hostname/2 sets verified_at on success" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "mytest.com"})`
+
+	`# Mock the expected TXT record`
+	`expected_value = "myapp-verification=#{hostname.txt_record_secret}"`
+	`mock_txt_records("_myapp-verify.mytest.com", [expected_value])`
+
+	`assert is_nil(hostname.verified_at)`
+
+	`assert {:ok, %Hostname{} = verified} = Hosting.verify_hostname(scope, hostname)`
+	`assert verified.verified_at != nil`
+	`end`
+
+	`test "verify_hostname/2 returns error when TXT record not found" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "unverified.com"})`
+
+	`mock_txt_records("_myapp-verify.unverified.com", [])`
+
+	`assert {:error, :not_found} = Hosting.verify_hostname(scope, hostname)`
+	`end`
+
+	`test "verify_hostname/2 returns error on DNS failure" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "error.com"})`
+
+	`mock_dns_error("_myapp-verify.error.com", :timeout)`
+
+	`assert {:error, :dns_error} = Hosting.verify_hostname(scope, hostname)`
+	`end`
+
+	`test "verification_instructions/1 returns correct DNS setup info" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "setup.com"})`
+
+	`instructions = Hosting.verification_instructions(hostname)`
+
+	`assert instructions.host == "_myapp-verify"`
+	`assert instructions.record_type == "TXT"`
+	`assert instructions.record_value == "myapp-verification=#{hostname.txt_record_secret}"`
+	`end`
+	`end`
+
+	`describe "certificate management" do`
+	`alias MyApp.Hosting.Hostname`
+	`alias MyApp.Hosting.Certificates`
+	`alias MyApp.Hosting.Certificates.MockAdapter`
+
+	`import MyApp.AccountsFixtures, only: [user_scope_fixture: 0]`
+	`import MyApp.HostingFixtures`
+
+	`setup do`
+	`Application.put_env(:my_app, Certificates, adapter: MockAdapter)`
+
+	`on_exit(fn ->`
+	`Application.delete_env(:my_app, Certificates)`
+	`end)`
+
+	`:ok`
+	`end`
+
+	`test "issue_certificate/2 returns error for unverified domain" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "unverified.com"})`
+
+	`assert is_nil(hostname.verified_at)`
+	`assert {:error, :domain_not_verified} = Hosting.issue_certificate(scope, hostname)`
+	`end`
+
+	`test "issue_certificate/2 sets certificate_requested_at" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "verified-cert.com"})`
+
+	`# Verify the domain first`
+	`{:ok, verified} =`
+	`hostname`
+	`\|> Hostname.verification_changeset(DateTime.utc_now() \|> DateTime.truncate(:second))`
+	`\|> MyApp.Repo.update()`
+
+	`assert {:ok, %Hostname{} = with_cert} = Hosting.issue_certificate(scope, verified)`
+	`assert with_cert.certificate_requested_at != nil`
+	`end`
+
+	`test "issue_certificate/2 sets certificate_issued_at when adapter returns :issued" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "instant-cert.com"})`
+
+	`# Mock adapter to return :issued status`
+	`MockAdapter.mock_add_certificate(`
+	`"instant-cert.com",`
+	`{:ok,`
+	`%{`
+	`hostname: "instant-cert.com",`
+	`status: :issued,`
+	`dns_validation_hostname: nil,`
+	`dns_validation_target: nil,`
+	`issued_at: DateTime.utc_now(:second),`
+	`expires_at: DateTime.utc_now(:second) \|> DateTime.add(90, :day),`
+	`error: nil`
+	`}}`
+	`)`
+
+	`{:ok, verified} =`
+	`hostname`
+	`\|> Hostname.verification_changeset(DateTime.utc_now() \|> DateTime.truncate(:second))`
+	`\|> MyApp.Repo.update()`
+
+	`assert {:ok, %Hostname{} = with_cert} = Hosting.issue_certificate(scope, verified)`
+	`assert with_cert.certificate_requested_at != nil`
+	`assert with_cert.certificate_issued_at != nil`
+	`end`
+
+	`test "issue_certificate/2 leaves certificate_issued_at nil when adapter returns :pending" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "pending-cert.com"})`
+
+	`# Default mock returns :pending status`
+	`{:ok, verified} =`
+	`hostname`
+	`\|> Hostname.verification_changeset(DateTime.utc_now() \|> DateTime.truncate(:second))`
+	`\|> MyApp.Repo.update()`
+
+	`assert {:ok, %Hostname{} = with_cert} = Hosting.issue_certificate(scope, verified)`
+	`assert with_cert.certificate_requested_at != nil`
+	`assert is_nil(with_cert.certificate_issued_at)`
+	`end`
+
+	`test "refresh_certificate_status/2 updates hostname when cert is issued" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "refresh-cert.com"})`
+
+	`# Set up as requested but not yet issued`
+	`{:ok, pending} =`
+	`hostname`
+	`\|> Hostname.certificate_changeset(%{`
+	`certificate_requested_at: DateTime.utc_now(:second)`
+	`})`
+	`\|> MyApp.Repo.update()`
+
+	`assert is_nil(pending.certificate_issued_at)`
+
+	`# Mock check to return :issued`
+	`MockAdapter.mock_check_certificate(`
+	`"refresh-cert.com",`
+	`{:ok,`
+	`%{`
+	`hostname: "refresh-cert.com",`
+	`status: :issued,`
+	`dns_validation_hostname: nil,`
+	`dns_validation_target: nil,`
+	`issued_at: DateTime.utc_now(:second),`
+	`expires_at: DateTime.utc_now(:second) \|> DateTime.add(90, :day),`
+	`error: nil`
+	`}}`
+	`)`
+
+	`assert {:ok, %Hostname{} = updated} =`
+	`Hosting.refresh_certificate_status(scope, pending)`
+
+	`assert updated.certificate_issued_at != nil`
+	`end`
+
+	`test "refresh_certificate_status/2 returns :pending when cert not yet issued" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "still-pending.com"})`
+
+	`{:ok, pending} =`
+	`hostname`
+	`\|> Hostname.certificate_changeset(%{`
+	`certificate_requested_at: DateTime.utc_now(:second)`
+	`})`
+	`\|> MyApp.Repo.update()`
+
+	`MockAdapter.mock_check_certificate(`
+	`"still-pending.com",`
+	`{:ok,`
+	`%{`
+	`hostname: "still-pending.com",`
+	`status: :pending,`
+	`dns_validation_hostname: "_acme-challenge.still-pending.com",`
+	`dns_validation_target: "validation.target.com",`
+	`issued_at: nil,`
+	`expires_at: nil,`
+	`error: nil`
+	`}}`
+	`)`
+
+	`assert {:ok, :pending} = Hosting.refresh_certificate_status(scope, pending)`
+	`end`
+
+	`test "delete_certificate/2 clears certificate fields" do`
+	`scope = user_scope_fixture()`
+	`site = site_fixture(scope)`
+	`hostname = hostname_fixture(scope, site, %{domain: "to-delete.com"})`
+
+	`# Set up a hostname with a certificate`
+	`{:ok, with_cert} =`
+	`hostname`
+	`\|> Hostname.certificate_changeset(%{`
+	`certificate_requested_at: DateTime.utc_now(),`
+	`certificate_issued_at: DateTime.utc_now()`
+	`})`
+	`\|> MyApp.Repo.update()`
+
+	`assert with_cert.certificate_issued_at != nil`
+	`assert with_cert.certificate_requested_at != nil`
+
+	`assert {:ok, %Hostname{} = cleared} = Hosting.delete_certificate(scope, with_cert)`
+	`assert is_nil(cleared.certificate_issued_at)`
+	`assert is_nil(cleared.certificate_requested_at)`
+	`end`
+	`end`
+	`end`

test/my_app_web/live/hostname_live_test.exs Reveal

	`-0,0 +1,152 @@`
+	`defmodule MyAppWeb.HostnameLiveTest do`
+	`use MyAppWeb.ConnCase`
+
+	`import Phoenix.LiveViewTest`
+	`import MyApp.HostingFixtures`
+
+	`@create_attrs %{domain: "some-domain.com"}`
+	`@invalid_attrs %{domain: nil}`
+
+	`setup :register_and_log_in_user`
+
+	`defp create_site(%{scope: scope}) do`
+	`site = site_fixture(scope)`
+	`%{site: site}`
+	`end`
+
+	`defp create_hostname(%{scope: scope, site: site}) do`
+	`hostname = hostname_fixture(scope, site)`
+	`%{hostname: hostname}`
+	`end`
+
+	`describe "New Hostname" do`
+	`setup [:create_site]`
+
+	`test "renders new hostname form", %{conn: conn, site: site} do`
+	`{:ok, _live, html} = live(conn, ~p"/sites/#{site}/hostnames/new")`
+
+	`assert html =~ "New Hostname"`
+	`end`
+
+	`test "saves new hostname and redirects to show page with verification details", %{`
+	`conn: conn,`
+	`site: site`
+	`} do`
+	`{:ok, form_live, _html} = live(conn, ~p"/sites/#{site}/hostnames/new")`
+
+	`assert form_live`
+	`\|> form("#hostname-form", hostname: @invalid_attrs)`
+	`\|> render_change() =~ "can't be blank"`
+
+	`assert {:ok, show_live, html} =`
+	`form_live`
+	`\|> form("#hostname-form", hostname: @create_attrs)`
+	`\|> render_submit()`
+	`\|> follow_redirect(conn)`
+
+	`assert html =~ "Hostname created successfully"`
+	`assert html =~ "some-domain.com"`
+	`assert html =~ "DNS Configuration"`
+	`assert html =~ "_myapp-verify"`
+
+	`# Verify the show page has a verify button`
+	`assert has_element?(show_live, "button", "Verify and activate")`
+	`end`
+	`end`
+
+	`describe "Show Hostname" do`
+	`setup [:create_site, :create_hostname]`
+
+	`test "displays hostname details and verification instructions", %{`
+	`conn: conn,`
+	`site: site,`
+	`hostname: hostname`
+	`} do`
+	`{:ok, _live, html} = live(conn, ~p"/sites/#{site}/hostnames/#{hostname}")`
+
+	`assert html =~ hostname.domain`
+	`assert html =~ "Pending verification"`
+	`assert html =~ "DNS Configuration"`
+	`assert html =~ "_myapp-verify"`
+	`assert html =~ "myapp-verification="`
+	`end`
+
+	`test "displays verified status when hostname is verified", %{`
+	`conn: conn,`
+	`site: site,`
+	`hostname: hostname`
+	`} do`
+	`# Mark hostname as verified`
+	`{:ok, verified} =`
+	`hostname`
+	`\|> MyApp.Hosting.Hostname.verification_changeset(`
+	`DateTime.utc_now()`
+	`\|> DateTime.truncate(:second)`
+	`)`
+	`\|> MyApp.Repo.update()`
+
+	`{:ok, _live, html} = live(conn, ~p"/sites/#{site}/hostnames/#{verified}")`
+
+	`assert html =~ "Verified"`
+	`# DNS config still shown until certificate is issued`
+	`assert html =~ "DNS Configuration"`
+	`end`
+
+	`test "hides DNS configuration when certificate is issued", %{`
+	`conn: conn,`
+	`site: site,`
+	`hostname: hostname`
+	`} do`
+	`now = DateTime.utc_now() \|> DateTime.truncate(:second)`
+
+	`{:ok, active} =`
+	`hostname`
+	`\|> Ecto.Changeset.change(%{`
+	`verified_at: now,`
+	`certificate_requested_at: now,`
+	`certificate_issued_at: now`
+	`})`
+	`\|> MyApp.Repo.update()`
+
+	`{:ok, _live, html} = live(conn, ~p"/sites/#{site}/hostnames/#{active}")`
+
+	`assert html =~ "Active"`
+	`refute html =~ "DNS Configuration"`
+	`end`
+	`end`
+
+	`describe "Site Show with Hostnames" do`
+	`setup [:create_site, :create_hostname]`
+
+	`test "lists hostnames on site page", %{conn: conn, site: site, hostname: hostname} do`
+	`{:ok, _live, html} = live(conn, ~p"/sites/#{site}")`
+
+	`assert html =~ "Hostnames"`
+	`assert html =~ hostname.domain`
+	`assert html =~ "Pending"`
+	`end`
+
+	`test "links to hostname show page", %{conn: conn, site: site, hostname: hostname} do`
+	`{:ok, live, _html} = live(conn, ~p"/sites/#{site}")`
+
+	`assert {:ok, _show_live, html} =`
+	`live`
+	`\|> element("#hostnames-#{hostname.id} a", "View")`
+	`\|> render_click()`
+	`\|> follow_redirect(conn, ~p"/sites/#{site}/hostnames/#{hostname}")`
+
+	`assert html =~ hostname.domain`
+	`assert html =~ "DNS Configuration"`
+	`end`
+
+	`test "deletes hostname from site page", %{conn: conn, site: site, hostname: hostname} do`
+	`{:ok, live, _html} = live(conn, ~p"/sites/#{site}")`
+
+	`assert live`
+	`\|> element("#hostnames-#{hostname.id} a", "Delete")`
+	`\|> render_click()`
+
+	`refute has_element?(live, "#hostnames-#{hostname.id}")`
+	`end`
+	`end`
+	`end`

test/my_app_web/live/site_live_test.exs Reveal

	`-0,0 +1,125 @@`
+	`defmodule MyAppWeb.SiteLiveTest do`
+	`use MyAppWeb.ConnCase`
+
+	`import Phoenix.LiveViewTest`
+	`import MyApp.HostingFixtures`
+
+	`@create_attrs %{name: "some name", subdomain: "some-subdomain"}`
+	`@update_attrs %{name: "some updated name", subdomain: "some-updated-subdomain"}`
+	`@invalid_attrs %{name: nil, subdomain: nil}`
+
+	`setup :register_and_log_in_user`
+
+	`defp create_site(%{scope: scope}) do`
+	`site = site_fixture(scope)`
+
+	`%{site: site}`
+	`end`
+
+	`describe "Index" do`
+	`setup [:create_site]`
+
+	`test "lists all sites", %{conn: conn, site: site} do`
+	`{:ok, _index_live, html} = live(conn, ~p"/sites")`
+
+	`assert html =~ "Listing Sites"`
+	`assert html =~ site.name`
+	`end`
+
+	`test "saves new site", %{conn: conn} do`
+	`{:ok, index_live, _html} = live(conn, ~p"/sites")`
+
+	`assert {:ok, form_live, _} =`
+	`index_live`
+	`\|> element("a", "New Site")`
+	`\|> render_click()`
+	`\|> follow_redirect(conn, ~p"/sites/new")`
+
+	`assert render(form_live) =~ "New Site"`
+
+	`assert form_live`
+	`\|> form("#site-form", site: @invalid_attrs)`
+	`\|> render_change() =~ "can't be blank"`
+
+	`assert {:ok, index_live, _html} =`
+	`form_live`
+	`\|> form("#site-form", site: @create_attrs)`
+	`\|> render_submit()`
+	`\|> follow_redirect(conn, ~p"/sites")`
+
+	`html = render(index_live)`
+	`assert html =~ "Site created successfully"`
+	`assert html =~ "some name"`
+	`end`
+
+	`test "updates site in listing", %{conn: conn, site: site} do`
+	`{:ok, index_live, _html} = live(conn, ~p"/sites")`
+
+	`assert {:ok, form_live, _html} =`
+	`index_live`
+	`\|> element("#sites-#{site.id} a", "Edit")`
+	`\|> render_click()`
+	`\|> follow_redirect(conn, ~p"/sites/#{site}/edit")`
+
+	`assert render(form_live) =~ "Edit Site"`
+
+	`assert form_live`
+	`\|> form("#site-form", site: @invalid_attrs)`
+	`\|> render_change() =~ "can't be blank"`
+
+	`assert {:ok, index_live, _html} =`
+	`form_live`
+	`\|> form("#site-form", site: @update_attrs)`
+	`\|> render_submit()`
+	`\|> follow_redirect(conn, ~p"/sites")`
+
+	`html = render(index_live)`
+	`assert html =~ "Site updated successfully"`
+	`assert html =~ "some updated name"`
+	`end`
+
+	`test "deletes site in listing", %{conn: conn, site: site} do`
+	`{:ok, index_live, _html} = live(conn, ~p"/sites")`
+
+	`assert index_live \|> element("#sites-#{site.id} a", "Delete") \|> render_click()`
+	`refute has_element?(index_live, "#sites-#{site.id}")`
+	`end`
+	`end`
+
+	`describe "Show" do`
+	`setup [:create_site]`
+
+	`test "displays site", %{conn: conn, site: site} do`
+	`{:ok, _show_live, html} = live(conn, ~p"/sites/#{site}")`
+
+	`assert html =~ site.name`
+	`assert html =~ site.subdomain`
+	`end`
+
+	`test "updates site and returns to show", %{conn: conn, site: site} do`
+	`{:ok, show_live, _html} = live(conn, ~p"/sites/#{site}")`
+
+	`assert {:ok, form_live, _} =`
+	`show_live`
+	`\|> element("a", "Edit")`
+	`\|> render_click()`
+	`\|> follow_redirect(conn, ~p"/sites/#{site}/edit?return_to=show")`
+
+	`assert render(form_live) =~ "Edit Site"`
+
+	`assert form_live`
+	`\|> form("#site-form", site: @invalid_attrs)`
+	`\|> render_change() =~ "can't be blank"`
+
+	`assert {:ok, show_live, _html} =`
+	`form_live`
+	`\|> form("#site-form", site: @update_attrs)`
+	`\|> render_submit()`
+	`\|> follow_redirect(conn, ~p"/sites/#{site}")`
+
+	`html = render(show_live)`
+	`assert html =~ "Site updated successfully"`
+	`assert html =~ "some updated name"`
+	`end`
+	`end`
+	`end`

test/support/fixtures/hosting_fixtures.ex Reveal

	`-0,0 +1,37 @@`
+	`defmodule MyApp.HostingFixtures do`
+	`@moduledoc """`
+	`This module defines test helpers for creating`
+	entities via the `MyApp.Hosting` context.
+	`"""`
+
+	`@doc """`
+	`Generate a site.`
+	`"""`
+	`def site_fixture(scope, attrs \\ %{}) do`
+	`unique_id = System.unique_integer([:positive])`
+
+	`attrs =`
+	`Enum.into(attrs, %{`
+	`name: "some name #{unique_id}",`
+	`subdomain: "subdomain-#{unique_id}"`
+	`})`
+
+	`{:ok, site} = MyApp.Hosting.create_site(scope, attrs)`
+	`site`
+	`end`
+
+	`@doc """`
+	`Generate a hostname.`
+	`"""`
+	`def hostname_fixture(scope, site \\ nil, attrs \\ %{}) do`
+	`site = site \|\| site_fixture(scope)`
+
+	`attrs =`
+	`Enum.into(attrs, %{`
+	`domain: "example-#{System.unique_integer([:positive])}.com"`
+	`})`
+
+	`{:ok, hostname} = MyApp.Hosting.create_hostname(scope, site, attrs)`
+	`hostname`
+	`end`
+	`end`

Custom Domains (DNS)

Related

Jump to file