Skip to content

alokbiyengar/fsly-demo

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

185 Commits
.devcontainer
.devcontainer
 
 
edgeapp
edgeapp
 
 
puppets
puppets
 
 
vcl
vcl
 
 
.gitignore
.gitignore
 
 
README.mac-arm.md
README.mac-arm.md
 
 
README.md
README.md
 
 
bigquery.tf
bigquery.tf
 
 
bqlog_schema.json
bqlog_schema.json
 
 
edgeapp.tf
edgeapp.tf
 
 
fastly-magento-module.sh
fastly-magento-module.sh
 
 
fastly-wordpress-plugin.sh
fastly-wordpress-plugin.sh
 
 
log_format_string.json
log_format_string.json
 
 
magento.sh
magento.sh
 
 
magento.tf
magento.tf
 
 
main.tf
main.tf
 
 
modsec.sh
modsec.sh
 
 
ngwaf.tf
ngwaf.tf
 
 
outputs.tf
outputs.tf
 
 
puppeteer.sh
puppeteer.sh
 
 
puppeteer.tf
puppeteer.tf
 
 
randomhack.tf
randomhack.tf
 
 
terraform.tfvars.example
terraform.tfvars.example
 
 
variables.tf
variables.tf
 
 
vcl-service.tf
vcl-service.tf
 
 
versions.tf
versions.tf
 
 
wordpress.sh
wordpress.sh
 
 
wordpress.tf
wordpress.tf
 
 

Repository files navigation

what is this

  • short term: a place for me to learn and rough out minimal examples of fastly products with terraform
  • medium term: a foundation on which to build live product demonstrations
  • long term: a resource for managing bespoke partner demonstration environments

what does it do

  • deploys a javascript compute@edge application that uses geoip data, a secret-store, and makes an api call
  • creates a virtual machine on google cloud, installs magento and the fastly magento plugin
  • creates a fastly service with edge rate-limiting, image-optimizaiton and bigquery logging to sit in front of it
  • attaches an ngwaf@edge deployment to the service
  • spools up some attack tooling to generate traffic and graph data

diagrams

edgeapp

flowchart LR
  site[site-name.edgecompute.app] --> xqd[compute service]
  xqd --> secretstore
  xqd --> fastlyapi
Loading

website

flowchart LR
  puppeteer --> site[site-name.freetls.fastly.net]
  randomhack --> site
  site --> varnish[varnish service]
  varnish --> ngwaf
  ngwaf --> origin[origin vm]
  varnish --> bq[bigquery logs]
Loading

pre-reqs

  • a fastly account with the following feature flags enabled
    • security_ui
    • secret_store
    • io_entitlement
    • rate_limiting with hctl commands
    • also, you must navigate to the compute tab in the fastly web interface and enable your compute trial, if you haven't already, by deploying any compute service
  • a sigsci account (corp)
  • a GCP account with access to the SE development project

howto

first time setup

chose one of the following three options for where to run this from

option 1 - a github codespace

  • click the green "Code" button at the top of the github repo
  • click the Codespaces tab within the modal
  • click the green "Create codespace..." button
  • watch and wait for it to setup (takes ~5m)

option 2 - locally using vscode with a devcontainer

  • install the devcontainer extension in vscode
  • open this folder in the devcontainer
  • wait for it (takes ~5m)
  • open another terminal to work in

option 3 - install dependencies on an M1/M2 mac with homebrew

click here

configure authentication(s)

  • create a fastly api token for your user (creating api tokens)
  • configure the fastly cli with it
    fastly profile create
  • configure the google terraform provider's access
    gcloud auth application-default login
  • click on the file named terraform.tfvars in the left menu and populate its values

test loop

  • terraform apply
  • click the links
  • terraform destroy

cleanup (if using codespaces)

  • in the same github web modal that you created the codespace you will now see it listed with a random name
  • click the "..." next to it
  • click Delete

About

fsly-demo

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HCL 49.5%
  • Shell 25.2%
  • JavaScript 19.7%
  • VCL 4.6%
  • HTML 1.0%