counterweight/superhog-infra-repo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add missing dns reference

Browse source
This commit is contained in:
Pablo Martin 2024-11-26 11:27:49 +01:00
parent 94191161b6
commit 5cd91f8f67
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
human-script.md
View file

@ -7,11 +7,10 @@ Follow this to deploy the entire data infra.
- You need an Azure subscription and a user with administrator rights in it.
- Whenever you see `<your-env>`, you should replace that with `dev`,`uat`, `prd` or whatever fits your environment.
- We traditionally deploy resources on the `UK South` region. Unless stated otherwise, you should deploy resources there.
- You have an SSH key pair ready to use for access to the different machines. You can always add more pairs later.
## 010. Resource group and SSH Keypair
### 1.1 Create Resource Group
### 010.1 Create Resource Group
- Create a resource group. This resource group will hold all the resources. For the rest of this guide, assume this is the resource group where you must create resources.
- Name it: `superhog-data-rg-<your-env>`
@ -19,7 +18,7 @@ Follow this to deploy the entire data infra.
- `team: data`
- `environment: <your-env>`
### 1.2 SSH Keypair
### 010.2 SSH Keypair
- We will create an SSH Keypair for this deployment. It will be used to access VMs, Git repos and other services.
- Create the SSH Key pair
@ -567,6 +566,7 @@ We will deploy a dedicated VM to act as a web server for internal services.
- Caddy will need to be configured to act as the web server or reverse proxy of the different services within the services subnet. The details of these configurations are defined in sections below.
- As a general note, the pattern will generally be:
- Create the right A record in the Private DNS records so that you point users with some subdomain towards the web gateway.
- You will need to include the right entry in the `Caddyfile` at `/etc/caddy/Caddyfile`.
- You will need to reload caddy with `sudo systemctl reload caddy.service`.
- If the web server needs to reach a specific port in some other VM, you will need to sort networking security out. If the VM you need to reach from the web server is within the internal services subnet, you'll have to add the necessary Inbound rules in the NSG `superhog-data-nsg-services-<your-env>`.