Hi, I wanted to host a personal Lemmy instance online (for just myself, I don’t think I can take the upkeep for other users - please let me know if this is not possible) and wanted to understand how to “attach” a CDN service to it.

The idea behind doing this is that I’m in the US but I’m looking to host a server in Europe. I am looking into Cloudflare’s free CDN service, but it would be great if someone could point me towards how I can configure this setup to speed up the loading time for my Lemmy instance (which is going to be far away from me, geographically).

I would also like to know about your setups and how you have hosted Lemmy.

Thanks!

  • jjakc@lemthony.com
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    No problem! You change the name servers on your registrar to cloudflare’s so that when traffic goes to your.domain, cloudflare is the one that processes the dns request.

    If you kept the name servers of your registrar then the traffic would just be processed by the registrar, cloudflare wouldn’t even see the traffic.

    Basically the name server defines your domain’s current dns provider.

    Hope that makes sense

    • MigratingtoLemmy@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Ah, this is what I’m confused about. I get that traffic would need to flow through Cloudflare’s network, but why would Cloudflare require me to change my nameserver for that? How about a CNAME alias instead? What are the technical limitations for which Cloudflare asks this of me? I just want to understand the working behind them asking me to change my nameservers.

      Thanks!

      • kinttach@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        Setting your nameservers is simply a requirement for Cloudflare. While they theoretically could work via CNAME – they don’t. On the other hand, their DNS is really nice and is free.

        When you use their DNS, for each DNS record, you have the option to proxy traffic through Cloudflare. The proxy is what enables their CDN (and many other features such as forwarding, rewriting URLs, DDoS protection, automatic HTTPS certificates, and so on). It’s a simple on/off switch for each DNS record if you don’t want to proxy a particular host.

      • jjakc@lemthony.com
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        When you make a dns request, it goes to the nameservers first to see which server is has the dns config. A CNAME record is in the dns config

        • MigratingtoLemmy@lemmy.worldOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          I’m sorry, what I don’t understand is how does changing my nameservers to cloudflare’s nameservers help propagating my traffic through their CDN infrastructure?

          • jjakc@lemthony.com
            link
            fedilink
            English
            arrow-up
            2
            ·
            edit-2
            1 year ago

            Because changing your nameservers to cloudflare’s allows you to use their DNS service, which comes with the CDN infrastructure.

            Here is the cloudflare dns for my lemmy server’s domain:

            The switch where it says proxied means that I am using the CDN to obfuscate the real IP of the server.

            • MigratingtoLemmy@lemmy.worldOP
              link
              fedilink
              English
              arrow-up
              0
              ·
              1 year ago

              Thank you, but I’m still having trouble understanding the technical reason for Cloudflare to require users to change their nameservers. Let me try and summarise what I understand:

              When a user changes their nameservers to Cloudflare nameservers, all requests to the domain are routed to Cloudflare’s DNS endpoints. Because we are using a CDN (and are proxying traffic to our site through Cloudflare), the CDN endpoint (because it is the proxy) intercepts all traffic directed towards our domain. If we were to not change the nameservers for our domain to Cloudflare’s nameservers, Cloudflare would not be able to link our domain to the specific CDN endpoint it has likely set up for us at the back-end, which would defeat the purpose of the CDN and the proxying wouldn’t work.

              Do I understand this correctly?

              • jjakc@lemthony.com
                link
                fedilink
                English
                arrow-up
                2
                ·
                edit-2
                1 year ago

                Pretty much yes.

                If you want a more in-depth explanation of DNS and how nameservers work etc check out this article from cloudflare.

                Specifically the part; “There are 4 DNS servers involved in loading a webpage:” It explains it much better than me.

                • MigratingtoLemmy@lemmy.worldOP
                  link
                  fedilink
                  English
                  arrow-up
                  0
                  ·
                  1 year ago

                  Thank you, I conceptually understand what nameservers (and their types) are, it’s just that I’m struggling a bit to link my understanding of DNS to how Cloudflare is proxying traffic through its own network. I assume that my previous comment had an OK explanation, a high-level overview of what happens.

                  Thanks for your time!

                  • oranki@sopuli.xyz
                    link
                    fedilink
                    English
                    arrow-up
                    2
                    ·
                    1 year ago

                    Cloudflare has several reverse proxies all around the world. When you enable their proxy service, CF decides which proxy is used for your traffic. To be able to control this better, they need to have control over the DNS record.

                    If you have an issue with changing your domain’s nameservers (perfectly valid), my guess is you’ll also have an issue with the fact that using CF proxy essentially means they are a man-in-the-middle for all your HTTPS traffic and decrypt everything before proxying it forward.