docs(config): adds aws setup instructions to docs
This commit is contained in:
parent
8689f1331d
commit
00985c32e6
1 changed files with 47 additions and 7 deletions
|
|
@ -6,19 +6,59 @@ Overview
|
|||
|
||||
In order to deploy the circumvention resources, the following providers can be used:
|
||||
|
||||
+------------+-----+-------+---------+----------------+-----+
|
||||
| Resource | AWS | Azure | Hetzner | GandiCloud VPS | OVH |
|
||||
+============+=====+=======+=========+================+=====+
|
||||
| Web Proxy | ✅ | ✅ | ❌ | ❌ | ❌ |
|
||||
+------------+-----+-------+---------+----------------+-----+
|
||||
| Tor Bridge | ✅ | ❌ | ✅ | ✅ | ✅ |
|
||||
+------------+-----+-------+---------+----------------+-----+
|
||||
+------------+-----+-------+---------+---------+----------------+-----+
|
||||
| Resource | AWS | Azure | Fastly | Hetzner | GandiCloud VPS | OVH |
|
||||
+============+=====+=======+=========+=========+================+=====+
|
||||
| Web Proxy | ✅ | ✅ | ✅ | ❌ | ❌ | ❌ |
|
||||
+------------+-----+-------+---------+---------+----------------+-----+
|
||||
| Tor Bridge | ✅ | ❌ | ❌ | ✅ | ✅ | ✅ |
|
||||
+------------+-----+-------+---------+---------+----------------+-----+
|
||||
|
||||
Circumvention resource lists can be distributed via:
|
||||
|
||||
* AWS S3
|
||||
* GitHub
|
||||
* GitLab
|
||||
* HTTP POST
|
||||
|
||||
AWS
|
||||
---
|
||||
|
||||
Configuring AWS will require an
|
||||
`IAM account <https://docs.aws.amazon.com/IAM/latest/UserGuide/id_users_create.html>`_
|
||||
with programmatic access.
|
||||
As the portal may deploy resources using many AWS services it is currently
|
||||
It is recommended that a dedicated account is used for the deployement of portal managed resources.
|
||||
The dedicated account may be part of an existing AWS organisation.
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
# Amazon Web Services
|
||||
AWS_ACTIVATED: true
|
||||
AWS_ACCESS_KEY: AKIAIOSFODNN7EXAMPLE
|
||||
AWS_SECRET_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
|
||||
|
||||
Route 53
|
||||
^^^^^^^^
|
||||
|
||||
Some resources that can be deployed via the portal, e.g. mirrors, rely on DNS names to map internal connections.
|
||||
These DNS names are only used within AWS and are never accessed directly by end users.
|
||||
A registered domain must be used for this purpose.
|
||||
|
||||
Once a domain name has been registered,
|
||||
`create a hosted zone <https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/CreatingHostedZone.html>`_
|
||||
within Route 53.
|
||||
Ensure that the domain registrar is updated to point to the Route 53 nameservers.
|
||||
Optionally, enable DNSSEC to improve the security of the hosted zone.
|
||||
Add the domain name, including the terminating period, to the configuration for the portal:
|
||||
|
||||
.. code-block:: yaml
|
||||
|
||||
SMART_ZONE: example.com.
|
||||
|
||||
.. warning::
|
||||
|
||||
Do not create any other records on this domain manually as these may conflict with names created by the portal.
|
||||
|
||||
GitHub
|
||||
------
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue