So while the content is in RAM on the Pi, a lot of the heavier lifting (TLS termination) is done elsewhere, which saves a ton of CPU load on the Pi.
On the one hand I get it, TLS is pretty heavy, and it makes sense to take advantage of a VPS or Cloudflare or however you want to do it.
But once you are spinning up a VPS, the question is ... why the Pi? The VPS in the article has less RAM, but more storage. If you're already doing TLS termination on the VPS (the most RAM intensive part), you might as well just do the whole shebang there.
I know this is all for fun, I'm just wondering -- is the Pi Zero really too slow to handle TLS, especially with an optimized TLS library? In this setup, the Pi is already being directly exposed to the Internet anyway, there's no VPN being used. That ARM11 isn't "fast", but surely a 1 GHz ARM11 can handle an optimized TLS library serving some subset of TLS1.2.
Also, all web pages are served from RAM. It's automatic that modern OSes will cache this stuff on first access.
It is still able to build software faster than it is released. It takes roughly a month to recompile the entire system :D
- R-Pi Zero W
- Sixfab UPS hat
- Sixfab Cellular IoT App Shield
- R-Pi model 1B
With all this I should be able to make a multiply redundant always-on bastion host. It's awesome that alpine supports the armhf stuff, many OSes have dropped 32bit support entirely.
MitPitt•43m ago
alfanick•34m ago
raddan•28m ago
vablings•30m ago
raddan•30m ago
The point of failure for all of these machines has been the SD card. They seem to last 4 years almost to the day. I suppose if I set up a RAMdisk they might last longer, but honestly, for the price of an SD card it’s not really worth my time.