Personal Perspective I certainly had a lot of fun setting up the install and it definitely reaffirmed my love of Cloudflare. A lot of the process was very intuitive and there was ample documentation. My favorite part of the platform is how forgiving it is. Working with the website was a breeze. I think some of the difficulties I had were working with IPv6 (I don’t currently have an address) and having the railgun listener allow inbound connections.
Bash Script Before I present the script, I would like to walkthrough my thought process and present some of the decisions I made. I ultimately wanted something relatively portable since I would be running it on a machine that had an IPv6 address. I also wanted something relatively lightweight since it’s a fairly simple task. Due to that, I decided on using bash and curl. This script assumes that you have curl and other basic UNIX tools installed.
What is Railgun Railgun is defined by Cloudflare as a software that “accelerates and secures delivery of dynamic content, through compression and WAN network optimization of communication between Cloudflare data centers and an origin server, speeding up requests that can’t be served directly from Cloudflare cache.” It’s a very interesting technology that helps cache content by only serving bytes of changed page versions, creating a single persistent connection, and caching dynamic content.
SSL Elliptic curve cryptography, as defined by Wikipedia “is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC requires smaller keys compared to non-ECC cryptography (based on plain Galois fields) to provide equivalent security.” The following instructions will allow NGINX to serve a self signed key from the origin to Cloudflare. On the box, alter /etc/nginx/nginx.conf to include references to the following:
Requirements The first step to any deployment is to find out the requirements. As this deployment will focus around Cloudflare’s Railgun, it is wise to work with that as a base. Railgun’s requirements can be found here, but it can be boiled down to the following: Dual core processor 4GB RAM 64-bit Architecture Memcache >= 1.4 with at least 512MB of storage (>1GB recommended) One of the following operating systems: