Hello beautiful people!
Current Dgraph + AWS + TLS Result:
A Cloudflare Workers server that is the only entity allowed to query a load balanced Dgraph database in AWS! Please feel free to update the ingredients + recipe, & I’ll update them as I learn from the best + arrive at a working solution!
- EC2 Instance (t2.micro + Ubuntu)
- Elastic IP (22.214.171.124)
- EC2 Load Balancer
- Route 53 Domain (example.com)
- ACM Certificates
- Dgraph Certificates (dgraph cert)
- Create EC2 Instance
- Add Dgraph to EC2 Instance
curl https://get.dgraph.io -sSf | bash
- Create dgraph certificates
dgraph cert -n example.com,126.96.36.199,localhost -c dgraphuser
- Create Elastic IP + assign to EC2 Instance
- Create Load Balancer + assign to EC2 Instance
- Create Security Group that only allows Cloudflare Workers to access Load Balancer (I’m confused here b/c I’m unsure what Cloudflares IP address is + how to align Security Groups between Load balancer + EC2)
- Create Domain + assign to EC2 Load Balancer
- Create ACM Certificates + assign to Domain (I’m confused here) (maybe instead I import dgraph’s ca.crt certificate & don’t create any ACM certificates?) (or maybe I add ACM certificates to Dgraph?)
- Start Dgraph w/ TLS
sudo su dgraph zero --my=localhost:5080 dgraph alpha --my=localhost:7080 --lru_mb=1024 --zero=localhost:5080 --tls_dir tls --tls_client_auth VERIFYIFGIVEN
- In a Cloudflare Worker call our Dgraph database
- We arrive in Heaven! Thank you friends!