External Access
External access lets you expose your applications to the internet with a custom domain and automatic TLS (HTTPS) certificates.
Enabling External Access
- Navigate to your application’s External Access tab
- Enter your custom domain (e.g.,
app.example.com) - Toggle Enable TLS (HTTPS) — recommended for production
- Click Enable External Access
Configuring DNS
After enabling external access, Kovra provides a load balancer address (IP or hostname). You need to create a DNS record with your domain registrar:
| Record Type | When to Use | Example |
|---|---|---|
| A Record | Load balancer provides an IP address | app.example.com → 1.2.3.4 |
| CNAME | Load balancer provides a hostname | app.example.com → lb.example.aws.com |
Verification
After creating your DNS record:
- Click Verify DNS in the External Access tab
- Kovra checks that your domain points to the correct load balancer
- If TLS is enabled, a certificate is automatically provisioned via Let’s Encrypt
Status Tracking
| Status | Description |
|---|---|
| DNS Pending | Waiting for DNS propagation (can take up to 48 hours) |
| DNS Verified | DNS is correctly configured |
| DNS Failed | DNS check failed — verify your record points to the right target |
| TLS Pending | Waiting for certificate provisioning |
| TLS Issuing | Let’s Encrypt certificate being provisioned |
| TLS Ready | Certificate active — your app is accessible via HTTPS |
Disabling External Access
Click Disable External Access to remove the public endpoint. The DNS record in your registrar will need to be manually deleted.
Last updated on