Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Role: Public Ingress

Purpose: Route HTTPS traffic from the public internet to designated public-facing applications.

Responsibilities:

  • Terminate TLS for *.risu.tech public domains.
  • Route traffic exclusively to public-facing backend services.
  • Implement basic security headers and rate limiting for public endpoints.
  • Provide logging and observability for external traffic patterns.

Guarantees:

  • Public services are reachable via standard HTTPS protocols.
  • Hostname-based routing is deterministic and reliable.
  • Traffic is never routed to internal-only services.

Out of Scope:

  • Authentication for private services.
  • Internal-only traffic routing.
  • User identity storage.