This avoids issues where NGINX will refuse to start if there are no DNS entries for these servers, as is the case over the summer while we don't run them. However it does so in a manner which won't inherently catch errors when the upstreams are present.
Since we expect that nginx will be restarted (or at least reloaded) regularly as part of TLS certificate updates, this trade-off is accepted for overall reliability.
Code review
Testing
[x] applied the configuration locally
[x] manually validated the new behaviour
Links
Alternative approach to #50, though they could be combined.
Summary
This avoids issues where NGINX will refuse to start if there are no DNS entries for these servers, as is the case over the summer while we don't run them. However it does so in a manner which won't inherently catch errors when the upstreams are present.
Since we expect that nginx will be restarted (or at least reloaded) regularly as part of TLS certificate updates, this trade-off is accepted for overall reliability.
Code review
Testing
Links
Alternative approach to #50, though they could be combined.