feat: gateway with dedicated cf gateway #1546
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR adds our dedicated CF gateway as the gateway to be used 🎉
I had our dedicated CF gateway
cf.nftstorage.link
setup with Cloudflare team, this will be an offering from them in the future and we had a manual process with them to have the DNS setup and proxying to ipfs.cloudflare.com.With this dedicated gateway we have more freedom and powers with custom rate limits. With this in mind, a set of rules were put in place to avoid abuse and hammering this domain:
cf.nftstorage.link/*
from the outside world (only our worker can access it, same CF zone ID)cf.nftstorage.link/*
perX-Forwarded-For
cf-connecting-ip
instead, given clients can easily manipulateX-Forwarded-For
to add fake proxies just to circumvent limits. If so, we will need to add a new header to the request to the gateways to use it. Thoughts?Closes #1195