docs(config): adds aws setup instructions to docs
This commit is contained in:
parent
8689f1331d
commit
00985c32e6
1 changed files with 47 additions and 7 deletions
|
|
@ -6,19 +6,59 @@ Overview
|
||||||
|
|
||||||
In order to deploy the circumvention resources, the following providers can be used:
|
In order to deploy the circumvention resources, the following providers can be used:
|
||||||
|
|
||||||
+------------+-----+-------+---------+----------------+-----+
|
+------------+-----+-------+---------+---------+----------------+-----+
|
||||||
| Resource | AWS | Azure | Hetzner | GandiCloud VPS | OVH |
|
| Resource | AWS | Azure | Fastly | Hetzner | GandiCloud VPS | OVH |
|
||||||
+============+=====+=======+=========+================+=====+
|
+============+=====+=======+=========+=========+================+=====+
|
||||||
| Web Proxy | ✅ | ✅ | ❌ | ❌ | ❌ |
|
| Web Proxy | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
|
||||||
+------------+-----+-------+---------+----------------+-----+
|
+------------+-----+-------+---------+---------+----------------+-----+
|
||||||
| Tor Bridge | ✅ | ❌ | ✅ | ✅ | ✅ |
|
| Tor Bridge | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ |
|
||||||
+------------+-----+-------+---------+----------------+-----+
|
+------------+-----+-------+---------+---------+----------------+-----+
|
||||||
|
|
||||||
Circumvention resource lists can be distributed via:
|
Circumvention resource lists can be distributed via:
|
||||||
|
|
||||||
* AWS S3
|
* AWS S3
|
||||||
* GitHub
|
* GitHub
|
||||||
* GitLab
|
* GitLab
|
||||||
|
* HTTP POST
|
||||||
|
|
||||||
|
AWS
|
||||||
|
---
|
||||||
|
|
||||||
|
Configuring AWS will require an
|
||||||
|
`IAM account <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html>`_
|
||||||
|
with programmatic access.
|
||||||
|
As the portal may deploy resources using many AWS services it is currently
|
||||||
|
It is recommended that a dedicated account is used for the deployement of portal managed resources.
|
||||||
|
The dedicated account may be part of an existing AWS organisation.
|
||||||
|
|
||||||
|
.. code-block:: yaml
|
||||||
|
|
||||||
|
# Amazon Web Services
|
||||||
|
AWS_ACTIVATED: true
|
||||||
|
AWS_ACCESS_KEY: AKIAIOSFODNN7EXAMPLE
|
||||||
|
AWS_SECRET_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
|
||||||
|
|
||||||
|
Route 53
|
||||||
|
^^^^^^^^
|
||||||
|
|
||||||
|
Some resources that can be deployed via the portal, e.g. mirrors, rely on DNS names to map internal connections.
|
||||||
|
These DNS names are only used within AWS and are never accessed directly by end users.
|
||||||
|
A registered domain must be used for this purpose.
|
||||||
|
|
||||||
|
Once a domain name has been registered,
|
||||||
|
`create a hosted zone <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingHostedZone.html>`_
|
||||||
|
within Route 53.
|
||||||
|
Ensure that the domain registrar is updated to point to the Route 53 nameservers.
|
||||||
|
Optionally, enable DNSSEC to improve the security of the hosted zone.
|
||||||
|
Add the domain name, including the terminating period, to the configuration for the portal:
|
||||||
|
|
||||||
|
.. code-block:: yaml
|
||||||
|
|
||||||
|
SMART_ZONE: example.com.
|
||||||
|
|
||||||
|
.. warning::
|
||||||
|
|
||||||
|
Do not create any other records on this domain manually as these may conflict with names created by the portal.
|
||||||
|
|
||||||
GitHub
|
GitHub
|
||||||
------
|
------
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue