blueboat VS workers-sdk

Right now it is an exciting time for JavaScript. We just got a new shiny fast runtime Bun, with the last new kid Deno being released only 4 years ago, and we have edge computing/serverless runtimes like Cloudflare worker and Blueboat. With all these hypes for the JavaScript community, I could not help but ask, how come only JavaScript gets all these fancy new runtimes? Why don’t we hear these more often in other languages?

Hello HN! I'm building mvsqlite, a distributed variant of SQLite with MVCC transactions, that runs on FoundationDB. It is a drop-in replacement that just needs an `LD_PRELOAD` for existing applications using SQLite.

I made this because [Blueboat](https://github.com/losfair/blueboat) needs a native SQL interface to persistent data. Apparently, just providing a transactional key-value store isn’t enough - it is more easy and efficient to build complex business logic on an SQL database, and it seems necessary to bring a self-hostable distributed SQL DB onto the platform. Since FoundationDB is Blueboat’s only stateful external dependency, I decided to build the SQL capabilities on top of it.

At its core, mvsqlite’s storage engine, mvstore, is a multi-version page store built on FoundationDB. It addresses the duration and size limits (5 secs, 10 MB) of FDB transactions, by handling multi-versioning itself. Pages are fully versioned, so they are always snapshot-readable in the future. An SQLite transaction fetches the read version during `BEGIN TRANSACTION`, and this version is used as the per-page range scan upper bound in future page read requests.

For writes, pages are first written to a content-addressed store keyed by the page's hash. At commit, hashes of each written page in the SQLite transaction is written to the page index in a single FDB transaction to preserve atomicity. With 8K pages and ~60B per key-value entry in the page index, each SQLite transaction can be as large as 1.3 GB (compared to FDB's native txn size limit of 10 MB).

mvsqlite is not yet "production-ready", since it hasn’t received enough testing, and I may still have a few changes to make to the on-disk format. But please ask here if you have any questions!

This sounds quite a bit like Cloudflare Workers, and they have a comparison page - https://github.com/losfair/blueboat/wiki/Comparison-with-Clo....

Blueboat may be what you’re looking for

https://github.com/losfair/blueboat

> If one writes Go or Rust, there are much better ways to run them than targeting WASM

wasm has its place, especially for contained workloads that can be wrapped in its strict capability boundaries (think, file-encoding jobs that shouldn't access anything else but said files: https://news.ycombinator.com/item?id=29112713).

> Containers are still the defacto standard.

wasmedge [0], atmo [1], krustlet [2], blueboat [3] and numerous other projects are turning up the heat [4]!

[0] https://github.com/WasmEdge/WasmEdge

[1] https://github.com/suborbital/atmo

[2] https://github.com/krustlet/krustlet

[3] https://github.com/losfair/blueboat

[4] https://news.ycombinator.com/item?id=30155295

https://github.com/losfair/rusty-workers

They're not perfectly isolated to a high security standard such that you could deploy your own v8 workers SaaS. And they do have quirks and development woes. I haven't tested in production but if it's just your trusted apps wanting to exceed the cloudflare workers 30 scripts limit then both are wonderfully powerful solutions to put behind a https proxy.

And what about the DX of using Workers with Pages?

I tried to use that recently and it was a disaster. I wrote about my experience here:

https://twitter.com/pierbover/status/1641474067013271552

I then opened these two issues:

https://github.com/cloudflare/workers-sdk/issues/2962

https://github.com/cloudflare/workers-sdk/issues/2964

I ended up moving the project over to Netlify + Edge functions. I had it all working in like 5-10 mins as it should. Took me two hours to figure out why Workers weren't working in my Pages project, and could never get Workers working properly with my Astro project.

I think you're working exclusively on the engine of Workers which is really top notch, but Cloudflare really needs to improve the outer layer which affects DX considerably.

If you think this is a bug, please open an issue at: https://github.com/cloudflare/workers-sdk/issues/new/choose ```

Source: Conversation with Bing, 3/17/2023(1) Introducing Cloudflare Workers. https://blog.cloudflare.com/introducing-cloudflare-workers/ Accessed 3/17/2023. (2) Cloudflare Workers®. https://workers.cloudflare.com/ Accessed 3/17/2023. (3) Cloudflare Workers | Build and deploy code with Easy-to Use Developer .... https://www.cloudflare.com/products/workers/ Accessed 3/17/2023. (4) Cloudflare Workers documentation · Cloudflare Workers docs. https://developers.cloudflare.com/workers/ Accessed 3/17/2023. (5) Introducing Cloudflare Workers. https://blog.cloudflare.com/introducing-cloudflare-workers/ Accessed 3/17/2023.

Workers KV How KV Works

The always 200 issue should be resolved by https://github.com/cloudflare/wrangler2/pull/2485 if you use the latest version of Wrangler. It's disappointing that it took this long to be resolved, but glad it's finally fixed.

Cloudflare Workers

Their docs are pretty good, try making a small project with it, you'll learn it in no time - Docs

// An example Worker that serves static files from disk. This includes logic to do things like // set Content-Type based on file extension, look for `index.html` in directories, etc. // // This code supports several configuration options to control the serving logic, but, better // yet, because it's just JavaScript, you can freely edit it to suit your unique needs. export default { async fetch(req, env) { if (req.method != "GET" && req.method != "HEAD") { return new Response("Not Implemented", {status: 501}); } let url = new URL(req.url); let path = url.pathname; let origPath = path; let config = env.config || {}; if (path.endsWith("/") && !config.allowDirectoryListing) { path = path + "index.html"; } let content = await env.files.fetch("http://dummy" + path, {method: req.method}); if (content.status == 404) { if (config.hideHtmlExtension && !path.endsWith(".html")) { // Try with the `.html` extension. path = path + ".html"; content = await env.files.fetch("http://dummy" + path, {method: req.method}); } if (!content.ok && config.singlePageApp) { // For any file not found, serve the main page -- NOT as a 404. path = "/index.html"; content = await env.files.fetch("http://dummy" + path, {method: req.method}); } if (!content.ok) { // None of the fallbacks worked. // // Look for a 404 page. content = await env.files.fetch("http://dummy/404.html", {method: req.method}); if (content.ok) { // Return it with a 404 status code. return wrapContent(req, 404, "404.html", content.body, content.headers); } else { // Give up and return generic 404 message. return new Response("404 Not found", {status: 404}); } } } if (!content.ok) { // Some error other than 404? console.error("Fetching '" + path + "' returned unexpected status: " + content.status); return new Response("Internal Server Error", {status: 500}); } if (content.headers.get("Content-Type") == "application/json") { // This is a directory. if (path.endsWith("/")) { // This must be because `allowDirectoryListing` is `true`, so this is actually OK! let listingHtml = null; if (req.method != "HEAD") { let html = await makeListingHtml(origPath, await content.json(), env.files); return wrapContent(req, 200, "listing.html", html); } } else { // redirect to add '/' suffix. url.pathname = path + "/"; return Response.redirect(url); } } if (origPath.endsWith("/index.html")) { // The file exists, but was requested as "index.html", which we want to hide, so redirect // to remove it. url.pathname = origPath.slice(0, -"index.html".length); return Response.redirect(url); } if (config.hideHtmlExtension && origPath.endsWith(".html")) { // The file exists, but was requested with the `.html` extension, which we want to hide, so // redirect to remove it. url.pathname = origPath.slice(0, -".html".length); return Response.redirect(url); } return wrapContent(req, 200, path.split("/").pop(), content.body, content.headers); } } function wrapContent(req, status, filename, contentBody, contentHeaders) { let type = TYPES[filename.split(".").pop().toLowerCase()] || "application/octet-stream"; let headers = { "Content-Type": type }; if (type.endsWith(";charset=utf-8")) { let accept = req.headers.get("Accept-Encoding") || ""; if (accept.split(",").map(s => s.trim()).includes("gzip")) { // Apply gzip encoding on the fly. // TODO(someday): Support storing gziped copies of files on disk in advance so that gzip // doesn't need to be applied on the fly. headers["Content-Encoding"] = "gzip"; } } if (req.method == "HEAD" && contentHeaders) { // Carry over Content-Length header on HEAD requests. let len = contentHeaders.get("Content-Length"); if (len) { headers["Content-Length"] = len; } } return new Response(contentBody, {headers, status}); } let TYPES = { txt: "text/plain;charset=utf-8", html: "text/html;charset=utf-8", htm: "text/html;charset=utf-8", css: "text/css;charset=utf-8", js: "text/javascript;charset=utf-8", md: "text/markdown;charset=utf-8", sh: "application/x-shellscript;charset=utf-8", svg: "image/svg+xml;charset=utf-8", xml: "text/xml;charset=utf-8", png: "image/png", jpeg: "image/jpeg", jpg: "image/jpeg", jpe: "image/jpeg", gif: "image/gif", ttf: "font/ttf", woff: "font/woff", woff2: "font/woff2", eot: "application/vnd.ms-fontobject", // When serving files with the .gz extension, we do NOT want to use `Content-Encoding: gzip`, // because this will cause the user agent to unzip it, which is usually not what the user wants // when downloading a gzipped archive. gz: "application/gzip", bz: "application/x-bzip", bz2: "application/x-bzip2", xz: "application/x-xz", zst: "application/zst", } async function makeListingHtml(path, listing, dir) { if (!path.endsWith("/")) path += "/"; let htmlList = []; for (let file of listing) { let len, modified; if (file.type == "file" || file.type == "directory") { let meta = await dir.fetch("http://dummy" + path + file.name, {method: "HEAD"}); console.log(meta.status, "http://dummy" + path + file.name, meta.headers.get("Content-Length")); len = meta.headers.get("Content-Length"); modified = meta.headers.get("Last-Modified"); } len = len || `(${file.type})`; modified = modified || ""; htmlList.push( ` ` + `${encodeURIComponent(file.name)}">${file.name}` + `${modified}${len}`); } return ` Index of ${path} td { padding-right: 16px; text-align: right; } td:nth-of-type(1) { font-family: monospace; text-align: left; } th { text-align: left; } Index of ${path} ${htmlList.join("\n")} `} Enter fullscreen mode Exit fullscreen mode Et je lance l’exposition de mon contenu statique avec Workerd afin de mimer Cloudflare Pages :Cloudflare Pages [email protected]:~/gatsby-starter-netlify-cms# workerd serve config.capnp Enter fullscreen mode Exit fullscreen mode FilenameModifiedSize Et il apparaît directement comme prévu sur le port HTTP 80 … [email protected]:~# netstat -tunlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 858/sshd: /usr/sbin tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 13700/systemd-resol tcp6 0 0 :::22 :::* LISTEN 858/sshd: /usr/sbin tcp6 0 0 :::80 :::* LISTEN 38659/workerd udp 0 0 127.0.0.53:53 0.0.0.0:* 13700/systemd-resol udp 0 0 45.32.146.22:68 0.0.0.0:* 13695/systemd-netwo Enter fullscreen mode Exit fullscreen mode Avec une exposition globale et plus sécurisée par exemple via … Cloudflare Tunnel : Preview Local Projects with Cloudflare Tunnel · Cloudflare Pages docs [email protected]:~/gatsby-starter-netlify-cms# cloudflared tunnel --url http://localhost:80 2022-12-04T23:36:19Z INF Thank you for trying Cloudflare Tunnel. Doing so, without a Cloudflare account, is a quick way to experiment and try it out. However, be aware that these account-less Tunnels have no uptime guarantee. If you intend to use Tunnels in production you should use a pre-created named tunnel by following: https://developers.cloudflare.com/cloudflare-one/connections/connect-apps 2022-12-04T23:36:19Z INF Requesting new quick Tunnel on trycloudflare.com... 2022-12-04T23:36:22Z INF +--------------------------------------------------------------------------------------------+ 2022-12-04T23:36:22Z INF | Your quick Tunnel has been created! Visit it at (it may take some time to be reachable): | 2022-12-04T23:36:22Z INF | https://springs-adipex-ceiling-notebooks.trycloudflare.com | 2022-12-04T23:36:22Z INF +--------------------------------------------------------------------------------------------+ Enter fullscreen mode Exit fullscreen mode J’aurais pu également utiliser Wrangler2 pour mimer Cloudflare Pages en lieu et place de Workerd : GitHub - cloudflare/wrangler2: ⛅️ The CLI for Cloudflare Workers® Cloudflare Workers documentation · Cloudflare Workers docs [email protected]:~/gatsby-starter-netlify-cms# npm install wrangler -g [email protected]:~/gatsby-starter-netlify-cms# wrangler pages dev --help wrangler pages dev [directory] [-- command..] 🧑‍💻 Develop your full-stack Pages application locally Positionals: directory The directory of static assets to serve [string] command The proxy command to run [string] Flags: -e, --env Environment to use for operations and .env files [string] -h, --help Show help [boolean] -v, --version Show version number [boolean] Options: --local Run on my machine [boolean] [default: true] --compatibility-date Date to use for compatibility checks [string] --compatibility-flags, --compatibility-flag Flags to use for compatibility checks [array] --ip The IP address to listen on [string] [default: "0.0.0.0"] --port The port to listen on (serve from) [number] [default: 8788] --inspector-port Port for devtools to connect to [number] --proxy The port to proxy (where the static assets are served) [number] --script-path The location of the single Worker script if not using functions [string] [default: "_worker.js"] -b, --binding Bind variable/secret (KEY=VALUE) [array] -k, --kv KV namespace to bind (--kv KV_BINDING) [array] --d1 D1 database to bind [array] -o, --do Durable Object to bind (--do NAME=CLASS) [array] --r2 R2 bucket to bind (--r2 R2_BINDING) [array] --live-reload Auto reload HTML pages when change is detected [boolean] [default: false] --local-protocol Protocol to listen to requests on, defaults to http. [choices: "http", "https"] --persist Enable persistence for local mode, using default path: .wrangler/state [boolean] --persist-to Specify directory to use for local persistence (implies --persist) [string] --log-level Specify logging level [choices: "debug", "info", "log", "warn", "error", "none"] 🚧 'wrangler pages ' is a beta command. Please report any issues to https://github.com/cloudflare/wrangler2/issues/new/choose [email protected]:~/gatsby-starter-netlify-cms# wrangler pages dev ./public/ --ip "0.0.0.0" --port "80" --compatibility-date "2022-12-04" --local 🚧 'wrangler pages ' is a beta command. Please report any issues to https://github.com/cloudflare/wrangler2/issues/new/choose No functions. Shimming... ╭─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮ │ [b] open a browser, [d] open Devtools, [c] clear console, [x] to exit │ ╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ [pages:wrn] Parsed 22 valid header rules. [pages:wrn] Service bindings are experimental. There may be breaking changes in the future. [email protected]:~# netstat -tunlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 858/sshd: /usr/sbin tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 39444/node tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 13700/systemd-resol tcp6 0 0 :::22 :::* LISTEN 858/sshd: /usr/sbin tcp6 0 0 :::6284 :::* LISTEN 39428/node tcp6 0 0 :::9229 :::* LISTEN 39428/node udp 0 0 127.0.0.53:53 0.0.0.0:* 13700/systemd-resol udp 0 0 45.32.146.22:68 0.0.0.0:* 13695/systemd-netwo Enter fullscreen mode Exit fullscreen mode Le site web statique avec Gatsby est également disponible en HTTP/80 : Pour simuler un environnement de production, installation de PM2 : PM2 - Home [email protected]:~/gatsby-starter-netlify-cms# npm install -g [email protected] [email protected]:~/gatsby-starter-netlify-cms# pm2 ------------- __/\\\\\\\\\\\\\____ /\\\\ ____________/\\\\____ /\\\\\\\\\ _____ _\/\\\/////////\\\_\/\\\\\\ ________/\\\\\\__ /\\\///////\\\___ _\/\\\ _______\/\\\_\/\\\//\\\____ /\\\//\\\_\/// ______\//\\\__ _\/\\\\\\\\\\\\\/ __\/\\\\///\\\/\\\/_\/\\\___________ /\\\/___ _\/\\\///////// ____\/\\\__ \///\\\/ ___\/\\\________ /\\\// _____ _\/\\\ _____________\/\\\____ \/// _____\/\\\_____ /\\\// ________ _\/\\\ _____________\/\\\_____________ \/\\\ ___/\\\/___________ _\/\\\ _____________\/\\\_____________ \/\\\__/\\\\\\\\\\\\\\\_ _\/// ______________\///______________ \/// __\///////////////__ Runtime Edition PM2 is a Production Process Manager for Node.js applications with a built-in Load Balancer. Start and Daemonize any application: $ pm2 start app.js Load Balance 4 instances of api.js: $ pm2 start api.js -i 4 Monitor in production: $ pm2 monitor Make pm2 auto-boot at server restart: $ pm2 startup To go further checkout: http://pm2.io/ ------------- usage: pm2 [options] pm2 -h, --help all available commands and options pm2 examples display pm2 usage examples pm2 -h help on a specific command Access pm2 files in ~/.pm2 Enter fullscreen mode Exit fullscreen mode Puis lancement de Workerd en mode Cluster : PM2 - Cluster Mode [email protected]:~/gatsby-starter-netlify-cms# chmod +x start.sh [email protected]:~/gatsby-starter-netlify-cms# cat start.sh #!/bin/sh /usr/bin/workerd serve config.capnp [email protected]:~/gatsby-starter-netlify-cms# pm2 start start.sh -i max [PM2] Spawning PM2 daemon with pm2_home=/root/.pm2 [PM2] PM2 Successfully daemonized [PM2] Starting /root/gatsby-starter-netlify-cms/start.sh in fork_mode (0 instance) [PM2] Done. ┌─────┬──────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐ │ id │ name │ namespace │ version │ mode │ pid │ uptime │ ↺ │ status │ cpu │ mem │ user │ watching │ ├─────┼──────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤ │ 0 │ start │ default │ 1.1.3 │ fork │ 40261 │ 0s │ 0 │ online │ 0% │ 3.4mb │ root │ disabled │ │ 1 │ start │ default │ 1.1.3 │ fork │ 40263 │ 0s │ 0 │ online │ 0% │ 3.4mb │ root │ disabled │ └─────┴──────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘ Enter fullscreen mode Exit fullscreen mode PM2 peut générer des scripts de démarrage et les configurer afin de conserver votre liste de processus intacte lors des redémarrages prévus ou imprévus de la machine : [PM2] Init System found: systemd Platform systemd Template [Unit] Description=PM2 process manager Documentation=https://pm2.keymetrics.io/ After=network.target [Service] Type=forking User=root LimitNOFILE=infinity LimitNPROC=infinity LimitCORE=infinity Environment=PATH=/root/.nvm/versions/node/v18.12.1/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin Environment=PM2_HOME=/root/.pm2 PIDFile=/root/.pm2/pm2.pid Restart=on-failure ExecStart=/root/.nvm/versions/node/v18.12.1/lib/node_modules/pm2/bin/pm2 resurrect ExecReload=/root/.nvm/versions/node/v18.12.1/lib/node_modules/pm2/bin/pm2 reload all ExecStop=/root/.nvm/versions/node/v18.12.1/lib/node_modules/pm2/bin/pm2 kill [Install] WantedBy=multi-user.target Target path /etc/systemd/system/pm2-root.service Command list ['systemctl enable pm2-root'] [PM2] Writing init configuration in /etc/systemd/system/pm2-root.service [PM2] Making script booting at startup... [PM2] [-] Executing: systemctl enable pm2-root... Created symlink /etc/systemd/system/multi-user.target.wants/pm2-root.service → /etc/systemd/system/pm2-root.service. [PM2] [v] Command successfully executed. +---------------------------------------+ [PM2] Freeze a process list on reboot via: $ pm2 save [PM2] Remove init script via: $ pm2 unstartup systemd [email protected]:~/gatsby-starter-netlify-cms# pm2 save [PM2] Saving current process list... [PM2] Successfully saved in /root/.pm2/dump.pm2 [email protected]:~/gatsby-starter-netlify-cms# pm2 kill [PM2] Applying action deleteProcessId on app [all](ids: [0, 1]) [PM2] [all](1) ✓ [PM2] [start](0) ✓ [PM2] [v] All Applications Stopped [PM2] [v] PM2 Daemon Stopped [email protected]:~/gatsby-starter-netlify-cms# pm2 resurrect [PM2] Spawning PM2 daemon with pm2_home=/root/.pm2 [PM2] PM2 Successfully daemonized [PM2] Resurrecting [PM2] Restoring processes located in /root/.pm2/dump.pm2 [PM2] Process /root/gatsby-starter-netlify-cms/start.sh restored [PM2] Process /root/gatsby-starter-netlify-cms/start.sh restored ┌─────┬──────────┬─────────────┬─────────┬─────────┬──────────┬────────┬──────┬───────────┬──────────┬──────────┬──────────┬──────────┐ │ id │ name │ namespace │ version │ mode │ pid │ uptime │ ↺ │ status │ cpu │ mem │ user │ watching │ ├─────┼──────────┼─────────────┼─────────┼─────────┼──────────┼────────┼──────┼───────────┼──────────┼──────────┼──────────┼──────────┤ │ 0 │ start │ default │ 1.1.3 │ fork │ 41347 │ 0s │ 0 │ online │ 0% │ 3.5mb │ root │ disabled │ │ 1 │ start │ default │ 1.1.3 │ fork │ 41349 │ 0s │ 0 │ online │ 0% │ 3.4mb │ root │ disabled │ └─────┴──────────┴─────────────┴─────────┴─────────┴──────────┴────────┴──────┴───────────┴──────────┴──────────┴──────────┴──────────┘ Enter fullscreen mode Exit fullscreen mode D’ailleurs à ce propos, Cloudflare a apporté au début de cette année une expérience de développement local avec les workers via Miniflare 2.0 : un simulateur local de Cloudflare Workers : 🔥 Miniflare · Miniflare GitHub - cloudflare/miniflare: 🔥 Fully-local simulator for Cloudflare Workers Et on apprend que : Avec le runtime Workers désormais en open-source, Miniflare 3 peut exploiter les mêmes implémentations qui sont déployées sur le réseau de Cloudflare https://blog.cloudflare.com/miniflare-and-workerd/ Au cours des prochains mois, l’équipe de Cloudflare Workers prévoit d’améliorer encore l’expérience de développement local en mettant l’accent sur les tests automatisés en étudiant les moyens d’intégrer les environnements Jest/Vitest de Miniflare 2 à Workerd. Miniflare 3.0 est maintenant inclus dans Wrangler ! Je peux me baser sur les exemples fournis par Cloudflare avec la possibilité de servir des applications full stack côté serveur avec des fonctions dédiées à Cloudflare Pages … via encore une fois la dernière version de Wrangler. https://blog.cloudflare.com/pages-full-stack-frameworks/ Exemple avec Astro : Deploy your Astro Site to Cloudflare Pages [email protected]:~# npm create [email protected] Need to install the following packages: [email protected] Ok to proceed? (y) y ╭─────╮ Houston: │ ◠ ◡ ◠ Let's build something great! ╰─────╯ astro v1.6.12 Launch sequence initiated. ? Where would you like to create your new project? › tremendous-transit ✔ Where would you like to create your new project? … tremendous-transit ✔ How would you like to setup your new project? › a few best practices (recommended) ■■▶ Copying project files...(node:39599) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time (Use `node --trace-warnings ...` to show where the warning was created) ✔ Template copied! ✔ Would you like to install npm dependencies? (recommended) … yes ✔ Packages installed! ✔ Would you like to initialize a new git repository? (optional) … no ◼ Sounds good! You can come back and run git init later. ✔ How would you like to setup TypeScript? › Strict ✔ TypeScript settings applied! next Liftoff confirmed. Explore your project! Enter your project directory using cd ./tremendous-transit Run npm run dev to start the dev server. CTRL+C to stop. Add frameworks like react or tailwind using astro add. Stuck? Join us at https://astro.build/chat ╭─────╮ Houston: │ ◠ ◡ ◠ Good luck out there, astronaut! ╰─────╯ [email protected]:~# cd tremendous-transit/ [email protected]:~/tremendous-transit# npx astro add cloudflare ⠋ Resolving packages...(node:39679) ExperimentalWarning: The Fetch API is an experimental feature. This feature could change at any time (Use `node --trace-warnings ...` to show where the warning was created) ✔ Resolving packages... Astro will run the following command: If you skip this step, you can always run it yourself later ╭────────────────────────────────────────────────╮ │ npm install @astrojs/cloudflare [email protected]^1.6.11 │ ╰────────────────────────────────────────────────╯ ✔ Continue? … yes ✔ Installing dependencies... Astro will make the following changes to your config file: ╭ astro.config.mjs ──────────────────────────────╮ │ import { defineConfig } from 'astro/config'; │ │ │ │ // https://astro.build/config │ │ import cloudflare from "@astrojs/cloudflare"; │ │ │ │ // https://astro.build/config │ │ export default defineConfig({ │ │ output: "server", │ │ adapter: cloudflare() │ │ }); │ ╰────────────────────────────────────────────────╯ For complete deployment options, visit https://docs.astro.build/en/guides/deploy/ ✔ Continue? … yes success Added the following integration to your project: - @astrojs/cloudflare Enter fullscreen mode Exit fullscreen mode Génération du contenu statique : [email protected]:~/tremendous-transit# npm run build > @example/[email protected] build > astro build 10:37:27 PM [build] output target: server 10:37:27 PM [build] deploy adapter: @astrojs/cloudflare 10:37:27 PM [build] Collecting build info... 10:37:27 PM [build] Completed in 12ms. 10:37:27 PM [build] Building server entrypoints... 10:37:29 PM [build] Completed in 1.55s. finalizing server assets 10:37:29 PM [build] Rearranging server assets... 10:37:29 PM [build] Server built in 1.66s 10:37:29 PM [build] Complete! Enter fullscreen mode Exit fullscreen mode et lancement de la fonction d’exposition avec [email protected] : [email protected]:~/tremendous-transit# npx [email protected] pages dev ./dist/ --ip "0.0.0.0" --port "80" --compatibility-date "2022-12-04" --local 🚧 'wrangler pages ' is a beta command. Please report any issues to https://github.com/cloudflare/wrangler2/issues/new/choose ╭─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮ │ [b] open a browser, [d] open Devtools, [c] clear console, [x] to exit │ ╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ [pages:wrn] Service bindings are experimental. There may be breaking changes in the future. GET / 200 OK (32.55ms) GET /assets/index.0e7318e4.css 200 OK (9.77ms) GET /favicon.svg 200 OK (6.38ms) GET / 200 OK (15.53ms) GET /favicon.svg 200 OK (6.59ms) Enter fullscreen mode Exit fullscreen mode La même chose avec le framework SolidStart : GitHub - solidjs/solid-start: SolidStart, the Solid app framework [email protected]:~# mkdir my-app [email protected]:~# cd my-app/ [email protected]:~/my-app# npm init solid Need to install the following packages: [email protected] Ok to proceed? (y) y create-solid version 0.1.2 Welcome to the SolidStart setup wizard! There are definitely bugs and some feature might not work yet. If you encounter an issue, have a look at https://github.com/solidjs/solid-start/issues and open a new one, if it is not already tracked. ✔ Which template do you want to use? › hackernews ✔ Server Side Rendering? … yes ✔ Use TypeScript? … yes found matching commit hash: 88a111f8fcf7fe810bf84814766ac4b40cdcac34 downloading https://github.com/solidjs/solid-start/archive/88a111f8fcf7fe810bf84814766ac4b40cdcac34.tar.gz to /root/.degit/github/solidjs/solid-start/88a111f8fcf7fe810bf84814766ac4b40cdcac34.tar.gz extracting /examples/hackernews from /root/.degit/github/solidjs/solid-start/88a111f8fcf7fe810bf84814766ac4b40cdcac34.tar.gz to /root/my-app/.solid-start cloned solidjs/solid-start#main to /root/my-app/.solid-start ✔ Copied project files Next steps: 1: npm install (or pnpm install, or yarn) 2: npm run dev -- --open To close the dev server, hit Ctrl-C [email protected]:~/my-app# npm install --save-dev solid-start-cloudflare-pages npm WARN deprecated [email protected]: Please use @jridgewell/sourcemap-codec instead added 414 packages, and audited 415 packages in 33s 36 packages are looking for funding run `npm fund` for details found 0 vulnerabilities [email protected]:~/my-app# npm install up to date, audited 415 packages in 1s 36 packages are looking for funding run `npm fund` for details found 0 vulnerabilities Enter fullscreen mode Exit fullscreen mode Mise à jour du fichier de configuration pour prendre en compte encore une fois le plugin Cloudflare installé préalablement : [email protected]:~/my-app# cat vite.config.ts import solid from "solid-start/vite"; import { defineConfig } from "vite"; import cloudflare from "solid-start-cloudflare-pages"; export default defineConfig({ plugins: [solid({ adapter: cloudflare({}) })], }); Enter fullscreen mode Exit fullscreen mode Génération du contenu statique : [email protected]:~/my-app# npm run build > build > solid-start build solid-start build version 0.2.7 (node:40114) ExperimentalWarning: The Ed25519 Web Crypto API algorithm is an experimental feature. This feature could change at any time (Use `node --trace-warnings ...` to show where the warning was created) adapter cloudflare-pages solid-start building client... vite v3.2.4 building for production... ✓ 59 modules transformed. dist/public/manifest.json 1.03 KiB dist/public/ssr-manifest.json 1.57 KiB dist/public/assets/_...stories_.85c7ccd5.js 2.92 KiB / gzip: 1.10 KiB dist/public/assets/entry-client.e7f092e1.js 38.02 KiB / gzip: 14.73 KiB dist/public/assets/_id_.53422822.js 2.17 KiB / gzip: 0.87 KiB dist/public/assets/_id_.d20e093b.js 1.55 KiB / gzip: 0.71 KiB dist/public/assets/entry-client.fba9e0c8.css 3.48 KiB / gzip: 1.15 KiB solid-start client built in: 2.270s solid-start building server... vite v3.2.4 building SSR bundle for production... ✓ 60 modules transformed. .solid/server/manifest.json 0.18 KiB .solid/server/entry-server.js 63.39 KiB solid-start server built in: 1.096s Enter fullscreen mode Exit fullscreen mode et exposition publique avec ce clone du site Hacker News … [email protected]:~/my-app# npx [email protected] pages dev ./dist/public/ --ip "0.0.0.0" --port "80" --compatibility-date "2022-12-04" --local 🚧 'wrangler pages ' is a beta command. Please report any issues to https://github.com/cloudflare/wrangler2/issues/new/choose Compiling worker to "/tmp/functionsWorker-0.3042531527544843.mjs"... Compiled Worker successfully. ╭─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╮ │ [b] open a browser, [d] open Devtools, [c] clear console, [x] to exit │ ╰─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯ [pages:wrn] Parsed 1 valid header rule. [pages:wrn] Service bindings are experimental. There may be breaking changes in the future. GET / 200 OK (380.60ms) GET /assets/_...stories_.85c7ccd5.js 200 OK (10.72ms) GET /assets/entry-client.e7f092e1.js 200 OK (7.27ms) GET /assets/entry-client.fba9e0c8.css 200 OK (5.62ms) GET /favicon.ico 200 OK (5.79ms) Enter fullscreen mode Exit fullscreen mode Pour conclure, Workerd même en version Beta à la rédaction de cet article, comme on a pu le voir dans ce rapide aperçu permet d’inclure ces cas d’usage avec notamment ceci : En tant que serveur d’applications, héberger vous-même des applications conçues pour Cloudflare Workers. En tant qu’outil de développement, développer et tester ce code localement. En tant que proxy HTTP programmable (direct ou inverse), intercepter, modifier et acheminer efficacement les requêtes réseau. En prenant bien évidemment en compte cet avertissement dans son usage : Workerd n’est pas un sandbox durci Workerd tente d’isoler chaque Workers afin qu’il ne puisse accéder qu’aux ressources auxquelles il est configuré. Cependant, Workerd ne contient pas à lui seul une défense en profondeur appropriée contre la possibilité de bogues d’implémentation. Lorsque vous utilisez workerd pour exécuter du code potentiellement malveillant, vous devez l’exécuter dans un bac à sable sécurisé approprié, tel qu’une machine virtuelle. Le service d’hébergement Cloudflare Workers, en particulier, utilise de nombreuses couches supplémentaires de défense en profondeur … À suivre !

Initially, we had an Express backend for my PR to process form submissions. However, we wanted to eliminate the need for maintaining and configuring the backend on our own. Therefore, we decided to go serverless, using Cloudflare Workers.

> The fact that Apple itself relies on Linux for most of its servers is a pretty powerful heuristic that Linux is relatively safe [paraphrased by me]

Many world-class companies depend on Windows, so does that mean you think Windows is safe?

An individual does not have the same access to custom tools, and teams of competent people, that ensure their usage is safe.

A recent example: I was investigating using CloudFlare Functions, because I think CloudFlare has world-class security and that “serverless” product avoids many security issues I might have with other solutions. Yet one setup step suggested piping in a script from curl to shell (commonly suggested for install steps!). Even worse, https://github.com/cloudflare/wrangler2 is their CLI tool to help development, and Wrangler is based on the node ecology, which is completely insecurable IMHO (unless you are a trillion dollar company). I use a VM to provide some sandboxing, but it still leaves me feeling icky.