valia-sites: 25MB Pages-limit guard; cloudflared: drop removed{} (CI TF <1.7)
Two fixes from the first live runs. (1) The sync job now skips a whole
site when any file exceeds Cloudflare Pages' 25MB per-file cap, leaving
current serving untouched — stem95su's stem_board.html references a
42.9MB stem_video.mp4, which made every run fail; the guard turns that
into a loud skip so bridge keeps syncing. (2) The CI terraform is older
than 1.7 and rejects removed{} blocks anywhere (pipelines 461/464), so
the bridge record handoff was completed with a one-time manual
'tg state rm module.cloudflared.cloudflare_record.bridge_pages' from
the main checkout; the block is deleted and the module comment records
the manual step.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
parent
695e020111
commit
e0991853e4
3 changed files with 12 additions and 15 deletions
|
|
@ -236,9 +236,10 @@ resource "cloudflare_record" "keyserver" {
|
|||
}
|
||||
|
||||
# bridge.viktorbarzin.me (Cloudflare Pages, "мост" school site) moved to
|
||||
# stacks/valia-sites (ADR-0018) — all Valia-site records live there now. The
|
||||
# state forget lives in the STACK ROOT (../..//removed-bridge.tf): removed{}
|
||||
# blocks are root-module-only.
|
||||
# stacks/valia-sites (ADR-0018) — all Valia-site records live there now.
|
||||
# State handoff was a manual `tg state rm` (2026-07-03): the CI terraform
|
||||
# (<1.7) rejects removed{} blocks even at the stack root, so declarative
|
||||
# forget wasn't available. valia-sites imported the live record by id.
|
||||
|
||||
# Enable HTTP/3 (QUIC) for Cloudflare-proxied domains
|
||||
resource "cloudflare_zone_settings_override" "http3" {
|
||||
|
|
|
|||
|
|
@ -1,12 +0,0 @@
|
|||
# bridge.viktorbarzin.me (Cloudflare Pages) moved to stacks/valia-sites
|
||||
# (ADR-0018), which has already imported the live record. Forget it from this
|
||||
# stack's state WITHOUT destroying. removed{} must sit in the root module —
|
||||
# a module-level attempt broke init (pipeline 461). Delete this file once the
|
||||
# apply has run.
|
||||
removed {
|
||||
from = module.cloudflared.cloudflare_record.bridge_pages
|
||||
|
||||
lifecycle {
|
||||
destroy = false
|
||||
}
|
||||
}
|
||||
|
|
@ -272,6 +272,14 @@ resource "kubernetes_cron_job_v1" "sync" {
|
|||
if [ "$$N" -lt 1 ] || ! printf '%s\n' "$$MANIFEST" | cut -d';' -f1 | grep -qx "$$ENTRY"; then
|
||||
echo "GUARD [$$SITE]: N=$$N / $$ENTRY missing -- skipping, site untouched"; continue
|
||||
fi
|
||||
# Cloudflare Pages hard-caps files at 25 MB — deploying
|
||||
# without an oversize file would silently break the pages
|
||||
# that reference it, so skip the whole site instead (last
|
||||
# deployed content keeps serving) and say so loudly.
|
||||
OVERSIZE=$$(printf '%s\n' "$$MANIFEST" | awk -F';' '$$3 > 26214400 {print $$1" ("$$3" B)"}')
|
||||
if [ -n "$$OVERSIZE" ]; then
|
||||
echo "GUARD [$$SITE]: file(s) exceed the 25MB Pages limit -- skipping, site untouched:"; echo "$$OVERSIZE"; continue
|
||||
fi
|
||||
HASH=$$(printf '%s' "$$MANIFEST" | sha256sum | cut -d' ' -f1)
|
||||
LAST=$$(curl -sf --cacert $$SA/ca.crt -H "Authorization: Bearer $$KTOKEN" "$$STATE_URL" | jq -r --arg s "$$SITE" '.data[$$s] // ""')
|
||||
if [ "$$HASH" = "$$LAST" ]; then echo "OK [$$SITE]: unchanged"; continue; fi
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue