Erich Blume
fe0e913963
All checks were successful
Deploy Fly.io Proxy / deploy (push) Successful in 1m37s
## Summary - Replace per-request DNS resolution (variable-based `proxy_pass`) with static `upstream` blocks and `keepalive` connection pools - Reuses TLS connections through the Tailscale tunnel instead of handshaking per request - Add `mise run fly-reload` for nginx config reload without full redeploy (re-resolves upstream DNS) ## Trade-off DNS is resolved at config load, not per-request. If Tailscale Ingress pods get new IPs (restart, reschedule), `mise run fly-reload` is needed. A Grafana alert will be added to detect this. ## Still TODO on this branch - [ ] Grafana alert for upstream unreachable (triggers fly-reload reminder) - [ ] Docs pass - [ ] Deploy from branch and verify latency improvement - [ ] Changelog fragment 🤖 Generated with [Claude Code](https://claude.com/claude-code) Reviewed-on: #337 |
||
|---|---|---|
| .. | ||
| connect-to-postgres.md | ||
| deploy-prowler.md | ||
| manage-flyio-proxy.md | ||
| read-compliance-reports.md | ||
| rebuild-minikube-cluster.md | ||
| record-review-evidence.md | ||
| restart-indri.md | ||
| restore-1password-backup.md | ||
| review-compensating-controls.md | ||
| run-1password-backup.md | ||
| troubleshoot-sifaka-nfs.md | ||
| troubleshooting.md | ||