https://tech.ldas.jp/en/tags/cloudflare/Recent content in cloudflare on Digital Archive Systems Tech BlogHugoenTue, 07 Apr 2026 11:00:00 +0900https://tech.ldas.jp/en/posts/cloudflare-zero-trust-ssh/Tue, 07 Apr 2026 11:00:00 +0900https://tech.ldas.jp/en/posts/cloudflare-zero-trust-ssh/<h1 id="securing-ssh-with-cloudflare-zero-trust">Securing SSH with Cloudflare Zero Trust</h1> <h2 id="background">Background</h2> <p>To access a server via SSH, you typically need to expose port 22 to the internet. However, an open SSH port is a constant target for attacks.</p> <p>With Cloudflare Zero Trust, you can build an environment where only authenticated users can connect via SSH, <strong>while keeping the SSH port completely closed</strong>.</p> <h2 id="what-is-zero-trust">What Is Zero Trust?</h2> <p>Traditional security models relied on the assumption that &ldquo;anything inside the corporate network is trusted.&rdquo; Zero Trust discards this assumption and instead <strong>verifies every access request</strong>.</p>https://tech.ldas.jp/en/posts/cloudflare-tunnel/Tue, 07 Apr 2026 10:00:00 +0900https://tech.ldas.jp/en/posts/cloudflare-tunnel/<h1 id="securely-exposing-academic-servers-with-cloudflare-tunnel">Securely Exposing Academic Servers with Cloudflare Tunnel</h1> <h2 id="background">Background</h2> <p>When running Elasticsearch (full-text search) or Cantaloupe (IIIF image delivery) on an academic research server, you typically need to open ports to the outside world. However, opening ports introduces the risk of attacks exploiting vulnerabilities.</p> <p>With Cloudflare Tunnel, you can <strong>securely expose services to the public without opening any inbound ports</strong> on your server.</p> <h2 id="what-is-cloudflare-tunnel">What Is Cloudflare Tunnel?</h2> <p>In a conventional server setup, the server opens ports and listens for incoming connections (inbound connections). Cloudflare Tunnel reverses this model.</p>https://tech.ldas.jp/en/posts/nameserver/Tue, 07 Apr 2026 09:00:00 +0900https://tech.ldas.jp/en/posts/nameserver/<h1 id="how-name-servers-work">How Name Servers Work</h1> <h2 id="the-difference-between-name-servers-and-dns">The Difference Between Name Servers and DNS</h2> <p>These terms are often used in similar contexts, but they are technically different.</p> <div class="table-wrapper"> <table> <thead> <tr> <th></th> <th>DNS</th> <th>Name Server</th> </tr> </thead> <tbody> <tr> <td>What is it?</td> <td>The name for the entire system and set of rules</td> <td>The actual server that operates within that system</td> </tr> <tr> <td>Analogy</td> <td>&ldquo;The phone book system&rdquo;</td> <td>&ldquo;The person at the desk who holds the phone book&rdquo;</td> </tr> </tbody> </table> </div> <p><strong>DNS (Domain Name System)</strong> refers to the entire system for looking up IP addresses from domain names. It is a concept that encompasses protocols, rules, record formats, and more.</p>https://tech.ldas.jp/en/posts/elasticsearch-to-static-json-and-d1/Mon, 06 Apr 2026 22:00:00 +0900https://tech.ldas.jp/en/posts/elasticsearch-to-static-json-and-d1/<p>I implemented three search backends — Elasticsearch, Cloudflare D1 (SQLite), and Static JSON (in-memory) — for a Japanese text search API running on Cloudflare Pages, and compared their performance.</p> <h2 id="background">Background</h2> <p>I&rsquo;ve been running a full-text search API for classical Japanese texts. The existing setup used an external Elasticsearch cluster, but I wanted to explore alternatives for several reasons:</p> <ul> <li>Reduce external service dependencies</li> <li>Keep everything within Cloudflare Pages</li> <li>The dataset is small (~1,800 records) — a full-text search engine might be overkill</li> </ul> <h2 id="dataset">Dataset</h2> <div class="table-wrapper"> <table> <thead> <tr> <th>Metric</th> <th>Value</th> </tr> </thead> <tbody> <tr> <td>Records</td> <td>1,812</td> </tr> <tr> <td>Total text (UTF-8)</td> <td>~2.5 MB</td> </tr> <tr> <td>Average per record</td> <td>~1.4 KB</td> </tr> </tbody> </table> </div> <p>Each record contains classical Japanese text (a few to ~15 lines), a page number, volume name, and IIIF canvas URL.</p>