Add support for a CDN in front of crates/readmes #1152
Conversation
src/uploaders.rs
Outdated
| bucket.host(), | ||
| Uploader::readme_path(crate_name, version) | ||
| )), | ||
| Uploader::S3 { ref bucket, .. } => { |
There was a problem hiding this comment.
Looks like this line needs to be changed to Uploader::S3 { ref bucket, ref cdn, .. } => {
|
@withoutboats is CloudFront reachable when using Tor? |
This should hopefully allow us to configure a CDN on Heroku (namely CloudFront) to distribute crates/readmes through.
|
Oops forgot to verify last minute change, should be fixed now. It's also worth mentioning that the motivation for this is primarily rust-lang/cargo#4670 where I was reminded that S3 is unreachable in China. The reporter there though mentioned that rust-lang.org is reachable (which uses CloudFront). I've also historically wanted to use CloudFront instead of S3 directly for download speed and reliability, but nothing has been pressing except for the China-blocks-us-west-1 problem |
|
I don't know anything about cloudfront but I know other CDNs (e.g. cloudflare) will frequently throw up captchas for tor users as a ddos mitigation. We ought to make sure the CDN will never do something like this in our use case because I expect cargo would just barf. |
|
Does www.rust-lang.org work? If so it's the same CDN. I don't know if CloudFront does captchas... |
|
Based on this white paper I think cloudfront on its own will never intercept requests as long as we don't use a service like AWS WAF https://d0.awsstatic.com/whitepapers/DDoS_White_Paper_June2015.pdf |
|
bors: r+ |
Build succeeded |
|
seems unable to load readme now? |
|
@messense on it! Thank you for letting me know! |
|
@messense readmes are fixed now! |
This should hopefully allow us to configure a CDN on Heroku (namely CloudFront)
to distribute crates/readmes through.