provision fastly cdn for new docs-rs environment#1019
provision fastly cdn for new docs-rs environment#1019
Conversation
syphar
left a comment
syphar
left a comment
There was a problem hiding this comment.
why would we duplicate the code for the compute module? Or would the old one be removed later?
|
yes the old one will be removed later. Unfortunately we have duplicated code between terragrunt and terraform. |
marcoieni
force-pushed
the
provision-fastly-cdn-for-new-docs-rs-environment
branch
4 times, most recently
from
72048f4 to
54cf3cc
Compare
marcoieni
force-pushed
the
provision-fastly-cdn-for-new-docs-rs-environment
branch
from
54cf3cc to
7b0c2f4
Compare
| # Fastly CDN configuration. | ||
| # The docs.rs apex domain is still served by the legacy terraform/docs-rs setup. | ||
| # This CDN serves the internal domain to avoid conflicts during migration. | ||
| cdn_domain_name = "docs-rs-prod.rust-lang.net" |
There was a problem hiding this comment.
generally: I assume these domains / this load balancer won't be reachable by the internet?
not sure what the standard approach is?
or we would just add a limit to the LB only to accept fastly IP ranges.
( IMO ok to do later)
| config_store_name = "docs_rs_config" | ||
| } | ||
|
|
||
| resource "random_password" "origin_auth" { |
There was a problem hiding this comment.
I think we don't need this origin-auth piece any more, in then new setup, when it's possible to
- configure the load balancer to just accept requests from fastly ip ranges
- configure the web servers to just accept requests from the load-balancer
or am I missing something?
syphar
left a comment
syphar
left a comment
There was a problem hiding this comment.
btw, I also see us enabling the firewall for docs.rs, but later.
2 participants
No description provided.