Feature requests - what do you already love, what could be better?

Support a concept of Environment files.

Netlify has a concept of environment variables. It also has a concept of SSH deploy keys which are super opinionated and basically require you to use Git submodules.

A lot of people write insane hacks to provide themselves with files (like, put an SSH private key in an env variable, write it to a file using a preinstall script), for a plethora of common use cases.

Wouldn’t it be simpler to have a concept of “Environment files”, which you would upload from your Build section of the site (same as Environment variables) and have them be available at a predictable path inside the build container? It would also be trivial to test locally with the netlify-build-image.
It could first and foremost be used to provide yourself with SSH keys without using the Deploy keys abstraction (which is a sub-par abstraction) or committing anything to your repo, but it could also be used for config files or any other type of file that you need to have on the server at build time.

Hey @Valerio_Versace ! Thanks for such a thoughtful and well written feature request. I have written up an issue with the information you have provided, and linked this post and that issue, so we can update you here if we decide to implement this! thank you again.

It would be very useful if the file based configuration had wildcard support for branch names:

[context."feature/*"]
    command = "echo 'special branch'"
    base = "branch"

I love the support for branch deploys within Netlify. For instance, if I set up a branch deploy for the develop branch, it is deployed to develop--mysite.netlify.app.

However, my main site is hosted at mysite.com (CNAME for mysite.netlify.app).

I think a really useful feature would enable setting up some type of certificate for develop.mysite.com as a CNAME for develop--mysite.netlify.app, making the development version easier to remember / easier to find / and more easily shareable with stakeholders. (I can do this today, but the certificate is not handled, so things look insecure).

I could see different use cases potentially requiring different domains entirely (dev-mysite.com), so a wildcard may not suffice, and I could likewise see this becoming somewhat complex, so am thinking mostly of long-lived, static branches (like develop).

1 Like

hi there cole, this doesn’t address all the points you raised, but you are welcome to ask us to extend an SSL certificate to a branch if your main concern is that the branches look insecure. As long as Netlify DNS is used for the apex domain, extending the SSL cert to cover subdomains is something we can do without problems.

This is an open request above.

You can find a workaround on this thread.

This may sound a little out there, but is it possible to completely disable HTTPS on a particular website?

The reason for this is backwards compatibility with old hardware/browsers for a non-interactive, information-only site intended to be as accessible as possible.

I cannot find the ability to do so anywhere, so I would like to request the ability to easily do so. I love how easy it is to have a secure site set up, but for certain niches using browsers that are no longer updated, it can cause issues.

Hi, @mrudden. Sorry about the delay on this. I asked for an internal review of this policy before answering and that is what caused the delay.

The short answer is: No, it won’t be possible to disable HTTPS for sites hosted with our service.

Normally, we would file a feature request for any unsupported requirements that people might have. In this case, though, I’m certain this is a feature that we not will ever provide and I’ll try to explain why.

We made a change to enforce SSL on all sites back in 2018 and there is a blog post about this here:

Making it possible to opt out of this wasn’t allowed at that time. I can enter a feature request but it not being possible to disable it is intentional and changing this is very unlikely to occur. Even for non-interactive sites, the absence of SSL makes it trivial for third-parties to modify the sites content invisibly to both the web server and the client browser receiving the content.

For an example of how easy it is to modify site content when there is no SSL enabled, please see the Upside-Down-Ternet site.

I am explaining this because I want to be 100% transparent that if we were to file a feature request for this it almost certainly never will actually get made and I don’t want you waiting for a feature request that will never exist.

To summarize, you cannot opt out of using SSL at Netlify and this is unlikely to ever change.

3 Likes

This should be the quote of the year!

@luke I get too busy, but I just would like to say, I love reading your responses. These have to be very hard to convey sometimes and although I think this is a good hill to die on, it shouldn’t even be an issue. :heart_eyes:

There are plenty of other hosting options where HTTPS is not the default.

Thank you @luke, for your thoughtful response. I understand totally where Netlify is coming from and appreciate it - it’s an extremely niche audience that would be unable to view these sites completely - and only if HTTPS is forced. It’s totally reasonable to not allow opt-out from having these certs issued.

I did test visiting one of my Netlify sites using IE8 on Windows 7, and it does not load. This appears to indicate that HTTPS is forced on Netlify. GitLab and GitHub’s pages features both allow opting out of forced/enforced HTTPS which increases backwards compatibility. Testing with those features, sites I have hosted on those platforms will not load while enabled, but will allow use of HTTP if not enabled.

I think it might be a nice addition to the DNS documentation pages to include one or more tools to help guide people through the configuration process.

The first could be a field where the user enters the Netlify subdomain name, and it spits out the A and CNAME records for those wishing to delegate DNS elsewhere.

The second could be “built-in” consoles pre-configured for various permutations of whois, dig, httpstat, sslopen, etc, so users could enter their apex and subdomain(s), see what the DNS system current shows, and then give examples of what they should be seeing. I’m thinking this could easily be done with something like Termible.

2 Likes

I would love to see an automatic HTML, CSS and JavaScript minifier upon deployment. I am aware the there is a third party HTML minifier available as an add-on but it would be nice to see this as a native Netlify feature.

Thanks,
Damian

Hi @dk-raw,

We already have Post Processing that does this: https://app.netlify.com/sites/<site-name>/settings/deploys#asset-optimization.

I’m not sure if you’re talking about this as an add-on. It’s a native Netlify feature.

1 Like

Hi!
Thanks for replying so quickly. I guess the I did not scour through the settings that firmly.
Once again, thank you for your service.

I would love to see or have some way to download detailed verbose build log when build failed.

File-based configuration for Deploy Notifications

I recently set up a bunch of different environments for a few clients’ websites on their accounts and one of the most tedious parts of it was having to copy/paste some of the site configuration settings from one site to another.

A perfect example of this is deploy notifications. On every site we set up, we want both Slack and webhook notifications for three events (deploy started, failed, succeeded). The endpoint URLs are the same for every single one. That’s six copy-and-pastes per site, multiplied by many sites. I’d much rather this be a part of our boilerplate netlify.toml. G-d forbid one of those URLs should change some day and we’d have to do this … a hundred times over :scream:

Basically netlify.toml is awesome but I want it to do more so we don’t have to copy/paste things into an admin panel. Any plans to include this? Thanks!

1 Like

hi there @mfan, that’s an intersting idea! i have forwarded it on to the relevant team, if we end up implementing something like this i will definitely let you know.

1 Like

Conditional deploy notifications

HI, we currently have two sources of triggering a build: Github and hooks from our CMS. The deploy succeeded notifcations are triggered after each succesful deploy (as they should).

However we have some (resource intensive) activities that only need to take place after a build hook from the CMS has been triggered. We would like to be able to configure a deploy notification that is triggered ONLY when the build has been inititated by a certain hook. In this way, the intensive task is not executed on code only changes from github.

Keep up the good work :wave:t2:

Hey there, @redmagic :wave:

Thanks so much for taking the time to write this up! I have shared your idea with the product team.

Happy building :netliconfetti: