-
Notifications
You must be signed in to change notification settings - Fork 10
Drupal CMS
Amy Farrell edited this page Dec 30, 2024
·
6 revisions
Part of USAGov Architecture patterns
The Drupal CMS runs Drupal plus some additional services in order to build the static assets for the Public static web site.
C4Context
title Drupal CMS diagram
Boundary(internet, "Internet", "the web") {
Person(DrupalUser, "Content editor, site admin, etc.")
System(GSAAuth, "GSA Auth")
Person(AnonUser, "Anonymous user")
Boundary(cloud_gov_boundary, "Cloud.gov", "") {
Boundary(usagov_boundary, "USAgov org boundary", "") {
Container(cms_app, "CMS", "drupal, nginx")
ContainerDb(s3_storage, "S3 storage", "static web assets")
ContainerDb(rds_database, "RDS", "Drupal data", "mySQL")
}
}
}
Rel(DrupalUser, cms_app, "HTTPS", "GET,HEAD,POST,PATCH")
Rel(AnonUser, cms_app, "HTTPS", "GET,HEAD")
Rel(DrupalUser, GSAAuth, "HTTPS")
Rel(cms_app, s3_storage, "HTTPS/TLS", "read/write")
Rel(cms_app, rds_database, "TLS", "read/write")
UpdateRelStyle(DrupalUser, cms_app, $offsetX="-20", $offsetY="-180")
UpdateRelStyle(AnonUser, cms_app, $offsetX="-90", $offsetY="-90")
UpdateElementStyle(AnonUser, $bgColor="gray")
UpdateElementStyle(s3_storage, $bgColor="yellow", $fontColor="black")
UpdateLayoutConfig($c4ShapeInRow="2")
- Drupal, drush
- nginx
- shell scripts
- Run drupal/tome to generate static HTML
- Assemble static HTML plus other assets
- Copy all to S3 (aws-s3)
- Cron (via s6 overlay)
GSA Auth provides authentication. There is an implicit communication between the CMS app and GSA Auth, but this is all mediated by the web client (represented here as "Drupal user").
- S3 storage is the same as the S3 storage used by the Public static web site. The CMS app writes to this S3 bucket and the WWW app reads from it.
- The WAF app sits between the public internet and the CMS.
- The CMS app uses the Egress proxy to send APM data to New Relic
- A log drain connects the CMS app to the Log shipper.