docs(readme): note Cloudflare cache caveat for placeholder mode
Some checks failed
ci / build-test (push) Failing after 1m35s
Some checks failed
ci / build-test (push) Failing after 1m35s
The placeholder serves HTTP 200, so Cloudflare's edge will cache it normally. Document the operator action (purge cache or set a short-TTL Cache Rule) needed before recovery for longer outages, so the edge doesn't keep serving the placeholder past recovery. Surfaced by final code review of the feature branch. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
@@ -44,6 +44,8 @@ To put the site into "back shortly" mode, trigger Gitea → **Actions → deploy
|
||||
|
||||
The placeholder is hand-authored static HTML in `placeholder/` and does NOT depend on `npm`/`astro build` — it is deliberately decoupled from the main build so it can ship even when that build is broken.
|
||||
|
||||
**Scope note.** The placeholder serves HTTP 200 (not 503), so Cloudflare's edge will cache it normally. This is fine for short planned maintenance windows. For longer outages or incident fallback, purge Cloudflare's cache (or set a short-TTL Cache Rule for the maintenance window) before triggering recovery via `deploy.yml`, otherwise the edge may serve the placeholder past recovery until TTL expires.
|
||||
|
||||
**Security headers** (HSTS, CSP, X-Frame-Options, etc.) are owned by **Cloudflare Transform Rules**, not by anything in this repo. Hetzner Webhosting L ignores file-based `.htaccess` (`AllowOverride None`), so origin-side header config is impossible from code. See `OPERATOR-CHECKLIST.md` §2.
|
||||
|
||||
See [`OPERATOR-CHECKLIST.md`](./OPERATOR-CHECKLIST.md) for the one-time Hetzner + Cloudflare setup.
|
||||
|
||||
Reference in New Issue
Block a user