From 5cd91f8f678f852030c165e7fae6cd1dbc7ac968 Mon Sep 17 00:00:00 2001 From: Pablo Martin Date: Tue, 26 Nov 2024 11:27:49 +0100 Subject: [PATCH] add missing dns reference --- human-script.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/human-script.md b/human-script.md index feda00d..7539da5 100644 --- a/human-script.md +++ b/human-script.md @@ -7,11 +7,10 @@ Follow this to deploy the entire data infra. - You need an Azure subscription and a user with administrator rights in it. - Whenever you see ``, you should replace that with `dev`,`uat`, `prd` or whatever fits your environment. - We traditionally deploy resources on the `UK South` region. Unless stated otherwise, you should deploy resources there. -- You have an SSH key pair ready to use for access to the different machines. You can always add more pairs later. ## 010. Resource group and SSH Keypair -### 1.1 Create Resource Group +### 010.1 Create Resource Group - Create a resource group. This resource group will hold all the resources. For the rest of this guide, assume this is the resource group where you must create resources. - Name it: `superhog-data-rg-` @@ -19,7 +18,7 @@ Follow this to deploy the entire data infra. - `team: data` - `environment: ` -### 1.2 SSH Keypair +### 010.2 SSH Keypair - We will create an SSH Keypair for this deployment. It will be used to access VMs, Git repos and other services. - Create the SSH Key pair @@ -567,6 +566,7 @@ We will deploy a dedicated VM to act as a web server for internal services. - Caddy will need to be configured to act as the web server or reverse proxy of the different services within the services subnet. The details of these configurations are defined in sections below. - As a general note, the pattern will generally be: + - Create the right A record in the Private DNS records so that you point users with some subdomain towards the web gateway. - You will need to include the right entry in the `Caddyfile` at `/etc/caddy/Caddyfile`. - You will need to reload caddy with `sudo systemctl reload caddy.service`. - If the web server needs to reach a specific port in some other VM, you will need to sort networking security out. If the VM you need to reach from the web server is within the internal services subnet, you'll have to add the necessary Inbound rules in the NSG `superhog-data-nsg-services-`.