Deploying web applications is hard to do, and there are a bewildering variety of ways to do it. Today I’d like to confuse the matter further by proposing yet another approach. As a preview, here are the components I’ll discuss:
* TLS termination and when to not do it
* TLS Server Name Indication to route entire connections
* PROXY protocol to forward clients’ addresses without parsing the request stream
* Unix sockets to communicate with backend applications
* Unix permissions to isolate applications
* TLS termination and when to not do it
* TLS Server Name Indication to route entire connections
* PROXY protocol to forward clients’ addresses without parsing the request stream
* Unix sockets to communicate with backend applications
* Unix permissions to isolate applications