Need help configuring CDN

Well, made the jump and went to migrate my uploads. Just to share from my newbie journey some suggestions and questions that may help some others or serve as feedback. Where setting up S3 bucket is well documented, the CDN space seems much less so. Examples:

  • Took me (a non-coder) a little while to figure out there where two modes of using a cdn. One is for uploads and the other a separate one is for ‘assets’ like I suppose for CSS and visuals for the site design?
  • Setting up CDN’s for either type could benefit from some documentation / guidance. Push vs. pull? Restricted bucket access? The object storage guide seems to assume everyone knows how to set that up.
  • For me was also a bit confusing the overlap of UI Admin settings and the environmental variables. You can do both but the latter is recommended. Focussing on just the uploads for now, I found that I needed only a subset of the environmental variables of the object storage guide? (wanted to avoid enabling the assets CDN because didn’t know how to configure that one (push/pull).
  • For me it is also not apparent how to enable the custom domain for the CDN. The CNAME I get, but how to enable the SSL? Should I get the letsencrypt certificate to work with AWS CDN somehow?
  • The migrate_to_s3 script failed and exited with a suggestion to redo it with a trace. I iterated it a couple of times as well as rebaking posts manually. At last it did complete with a cheerful “Done!” and looks like every uploads is now loaded via the CDN.
  • What I didn’t expect was that all the uploads would also remain on the Discourse machine. Is that the intended behavior? I would expect that migration would mean the rake job would also delete the local copies? Or will that happen later on through some obsolete files cleanup process?

Glad I made the jump (not faint-hearted after all). Site is still working well but still some open items:

  • restricted bucket access (yes/no)
  • removing the uploads still residing on the server so I can work with the smaller backups
  • SSL certificate for the custom domain for the CDN
  • howto set up a push (or was it pull?) CDN for the assets CDN? Does that just bring more site speed?

The good thing about having them as ENV variables is that they exist even before you restore your site. So if you have all of your S3 config in your YML file and have backups in S3, all you need to restore your site is the YML file. You just rebuild the container and do a command-line restore.

The other good thing about using EnV variables is that those settings are then hidden from the UX, so an admin (who doesn’t have access to the filesystem) can’t see those settings. (And also, can’t change them). But that can be bad since you can’t see or change them from the UX if you want to. :man_shrugging:

Just pull. Nothing fancy.