Skip to main content
Skip table of contents

HCMS CSK infrastructure overview

[]

HCMS CSK infrastructure overview

Introduction

Headless CMS Client Starter Kit (HCMS CSK) is a cloud-native application that takes another existing, purely backend application, e.g., Headless CMS, and adds a fully fledged frontend and middleware (mainly authorization) to provide fully functional Single Page Application (SPA). HCMS Client is the frontend part of it, the SPA.

HCMS Client is one of the many possible ways to make use of the Headless CMS.

A minimal basic setup

The source code for both the SPA and the middleware lives in the same GitLab repository. It is also complied into one and the same Docker image. We call the product a Starter Kit as the repository includes not only the SPA and the middleware source code, but also some sample configuration files, some basic building blocks for deployment, and a CLI tool that can communicate with the censhare Server.

Warning: HCMS CSK always needs another backend application as it does not store any data on its own.

On the diagram below, we show an example where the backend is represented by the Headless CMS on top of the censhare Server.

In this case, the censhare Server stores all digital assets. The HCMS satellite communicates with the censhare Server, on behalf of the HCMS Client, providing access to the censhare assets and synchronizing any changes on them made in the HCMS Client.

The HCMS satellite runs independently from the HCMS Client and middleware, and each of the Docker containers has its own internal HTTP server. However, from the user/browser perspective, it is the same application running as a single HTTPs server on a single HTTPS domain. This is achieved by using a reverse proxy. See this article for more information.

This setup is the best practice for a web application, especially in cloud-based environments. The importance of one domain for both services cannot be overstated, because web browsers by default require that HTTP requests and all cookies are always on the same domain with the JavaScript code that invokes those requests. Also, everything needs to be served on HTTPS instead of HTTP. It is possible to use some special headers to bypass these restrictions, but such a configuration is considered insecure and fails any security audit (and for a reason, as it provides some attack vectors).

Infrastructure to use

HCMS CSK is infrastructure agnostic and does not prescribe using any particular one. We provide a setup guide for AWS. If you want to use Azure, the steps are very similar.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close