=> 🏡 Home | Back to notes
Bunny CDN [1] provides a cost-effective, easy-to-use, and highly performant service for delivering web content. I currently use it to serve this website, as well as a few other systems.
=> 1
In Bunny, web content is categorised into "pull zones", where each can have an origin and a number of configurable settings. Typically you'd use one pull zone per website/app. If you've used AWS Cloudfront before, these are the same as "distributions".
Bunny also offers hosting through its storage [2] feature. Pull zones can be connected directly to a "storage zone" to allow you to keep all your web assets and service configuration in a single space.
=> 2
Once created, you can upload content directly from the browser. However, automated approaches can be better, as described below.
Bunny supports (S)FTP/s (and is reportedly soon to include S3-compatible functionality too). For interacting with Bunny storage zones, I recommend using Cyberduck's CLI tool [3].
=> 3
Download duck
using homebrew:
brew install duck
Then, upload your web content (e.g. website or built webapp):
duck -y --username USERNAME --upload ftps://uk.storage.bunnycdn.com/ path/to/content/*
(Change the username and upload destination, if needed). The first time, duck
will ask for the password for the account, but it should remember it for next time (if you let it).
And that's it. Your site is now served via Bunny's global CDN.
It's better to automate these things. We already have the password for the storage zone (for uploading files), but Bunny also offers an API, which we can use to purge the CDN cache when making updates to the website/app.
First, grab the API token from the "Account" link at the top of the Bunny dashboard. I add this token to my shell's config so I can refer to it in my scripts.
Next, write a deploy script. E.g. the one below, deploy.sh
, is for a React app.
#!/bin/bash npm run build duck -y --username USERNAME --upload ftps://uk.storage.bunnycdn.com/ build/* curl -X POST -H "AccessKey: $BUNNY_KEY" https://api.bunny.net/pullzone/ID/purgeCache
(Change the username, upload location, build path, and pull zone ID).
Finally, run chmod +x deploy.sh
on your script, and you can now run it to deploy your changes.
Modern webapps require additional browser security measures in order to help protect against common attacks. These measures can often be applied by setting response headers (for your webapp front-end) appropriate for your needs.
These headers may include Content-Security-Policy
, X-Frame-Options
, and others. I recommend using websites like securityheaders.com [4] to audit your own web applications.
=> 4
To set up the security headers in Bunny, navigate to your Pull Zone -> Edge Rules. On this page, add a new edge rule accordingly:
X-Frame-Options
)
DENY
)
Once done, you can see your headers listed, as shown below.
text/gemini;lang=en-GB
This content has been proxied by September (ba2dc).