In the world of web infrastructure, what starts as a simple goal can often lead you down a fascinating rabbit hole of history, philosophy, and clever engineering. This is the story of our journey to build a simple, single-purpose, open-source CDN for changelog.com and the one major hurdle that stood in our way: Varnish, our HTTP caching layer of choice, doesn't support TLS backends.Enter Nabeel Sulieman, a shipit.show guest, who had previously introduced us to KCert, a simpler alternative to cert-manager. We knew if anyone could help us solve this TLS conundrum, it was him. After a couple of false starts, we finally recorded the final solution. As Nabeel aptly put it: Third time is the charm.🍿 This entire conversation is available to Make it Work members as full videos served from the CDN, and also a Jellyfin media server: makeitwork.tv/i-love-tls 👈 Scroll to the bottom of the page for CDN & media server infoLINKS🐙 github.com/thechangelog/pipely pull-request #8🐙 github.com/nabsul/tls-exterminator 👀 Varnish - Why no SSL?🚲 PHKs Bikeshed🏡 bikeshed.orgEPISODE CHAPTERS
(00:00) - How this started

(02:05) - What makes TLS & SSL interesting for you?

(05:58) - Disabling issues & pull requests

(08:19) - What is Pipely?

(14:03) - Why no SSL? (in Varnish)

(15:36) - Who is Poul-Henning Kamp?

(17:30) - The Bikeshed

(19:46) - Pipely pull request #8

(23:56) - Dagger instead of Docker

(29:41) - pipely Dagger module

(36:52) - What is saswqatch?

(40:44) - ghcr.io/gerhard/sysadmin

(43:45) - Let's benchmark!

(51:52) - What happens next?

(01:00:17) - Wrap-up

Ver todos los episodios