search

Knowledge-Graph-Hub / knowledge-graph-hub-support

Issues, support, and discussion for KG-Hub. Covers tools, infrastructure, and graph projects.
BSD 3-Clause "New" or "Revised" License
5 stars 2 forks source link

SSL conversion for kghub.io #9

Closed caufieldjh closed 4 months ago

caufieldjh commented 1 year ago

And any related issues for Cloudfront transition.

@kltm

kltm commented 1 year ago

From a discussion with @caufieldjh :

For now, we'll just move the proxy from LBL to AWS to avoid LBL security interference (by making sure we are not transiting through LBL machines). After publication we can migrate kghub.io to be the primary data deliverer and look at shutting down or forwarding kg-hub.berkeleybop.io.

build.berkeleybop.io has already transitioned to Cloudflare.

kltm commented 1 year ago

@caufieldjh Okay, as I worked through this, it became apparent that moving the proxy would be fiddly and I've gone ahead with a more robust (and simple) solution: kghub.io is now a CloudFront distribution in exactly the same way that kg-hub.berkeleybop.io is, with both being backed by the same S3 bucket. The only change from an external perspective would be that the there is no longer a forward, but both domains work. (It might even be work decommissioning kg-hub.berkeleybop.io when you're comfortable to prevent alternate URLs existing for the same data.)

As a final step, I'll setup LBL Cloudflare to front AWS CloudFront, which will give us activity and logging, as well as reducing costs.

Final note for today, I also noticed the existence of kg-hub-rdf.berkeleybop.io, which we did not get a chance to discuss. It does not seem to be LBL, so can remain as-is for now. However, the name is a little odd and you might want to think about the future of it before publication (assuming it is actually used or intended to be a public resource).

Please take a look around and let me know; switching back for anything written here is as simple as changing one DNS record.

caufieldjh commented 1 year ago

Ok, thanks @kltm !

I'm not aware of kg-hub-rdf.berkeleybop.io being used for anything. Is there a date for when that was created?

I'll need to check on whether any scripts are expecting to use berkeleybop.io - most don't care about anything beyond the S3 bucket.

Sounds good otherwise!

caufieldjh commented 1 year ago

Oh, kg-hub-rdf.berkeleybop.io is the KG-COVID-19 blazegraph endpoint. Not a high priority for now.

kltm commented 1 year ago

Oh, kg-hub-rdf.berkeleybop.io is the KG-COVID-19 blazegraph endpoint. Not a high priority for now.

@caufieldjh "not a high priority" as in it is used but off your radar, or can it be blinked out without negative consequence?

caufieldjh commented 1 year ago

The former

kltm commented 4 months ago

Is this still open?

caufieldjh commented 4 months ago

Will consider this fixed as per #18