outpost allows you to expose self-hosted web services to the Internet via popular cloud providers. Therefore it's possible to take advantage of some features of the cloud without getting locked in to any particular vendor.
HTTP sites can be hosted with Cloudflare:
name: example_com
services:
outpost:
image: fossable/outpost:latest
depends_on:
- origin_www
environment:
OUTPOST_CLOUDFLARE_INGRESS: tls://www.example.com:443
OUTPOST_CLOUDFLARE_ORIGIN: tcp://origin_www:80
OUTPOST_CLOUDFLARE_ORIGIN_CERT: |
-----BEGIN PRIVATE KEY-----
origin_www:
image: httpd:latestThis takes advantage of Cloudflare for TLS cert generation and their CDN.
outpost can also use an EC2 proxy to expose any TCP/UDP port. The proxy
instance communicates with the origin service via an ephemeral WireGuard tunnel.
The AWS deployment uses CloudFormation to create:
name: example_com
services:
outpost:
image: fossable/outpost:latest
cap_add:
- NET_ADMIN
depends_on:
- origin_www
environment:
OUTPOST_AWS_INGRESS: tcp://www.example.com:80
OUTPOST_AWS_ORIGIN: tcp://origin_www:8080
OUTPOST_AWS_REGIONS: us-east-2 # TODO only one
OUTPOST_AWS_HOSTED_ZONE_ID: Z1234567890ABC
AWS_ACCESS_KEY_ID: <...>
AWS_SECRET_ACCESS_KEY: <...>
origin_www:
image: httpd:latest