Discussion
Loading...

#Tag

  • About
  • Code of conduct
  • Privacy
  • Users
  • Instances
  • About Bonfire
Stefano Marinelli
Stefano Marinelli boosted
gyptazy
@gyptazy@mastodon.gyptazy.com  ·  activity timestamp last month

It doesn’t occur often, but when it does, it brings a smile to my face. This is my error page served from the proxy when the backend can't process the requests (or is unavailable).

#manpageblog #devops #nginx #proxy #backend #linux #freebsd #tux #beastie

Sorry, no caption provided by author
Sorry, no caption provided by author
Sorry, no caption provided by author
  • Copy link
  • Flag this post
  • Block
gyptazy
@gyptazy@mastodon.gyptazy.com  ·  activity timestamp last month

It doesn’t occur often, but when it does, it brings a smile to my face. This is my error page served from the proxy when the backend can't process the requests (or is unavailable).

#manpageblog #devops #nginx #proxy #backend #linux #freebsd #tux #beastie

Sorry, no caption provided by author
Sorry, no caption provided by author
Sorry, no caption provided by author
  • Copy link
  • Flag this post
  • Block
alcea
@alcea@alceawis.com  ·  activity timestamp last month

A brutally-simple proxy for #ActivityPub that lets you circumvent instance blocks by masquerading as another domain name. All it does is replace all hostnames in the text proxied through, and for signed POST requests, it swaps the public keys and re-signs the requests

#proxy
https://gitea.moe/lamp/activitypub-proxy


Wonder what @Gargron has to say about thi-

Actually I don't.
#repost •acws #acws
  • Copy link
  • Flag this post
  • Block
Christine Lemmer-Webber 🌀
Christine Lemmer-Webber 🌀 boosted
Jeff Fortin T.
@nekohayo@mastodon.social  ·  activity timestamp last month

Thanks to @s3phy again for helping me understand another area where IPv6 is broken in Linux desktop networking configuration tools: connecting to a SSH server to create a SOCKS proxy using the NetworkManager SSH plugin. That thing only checks if the gateway address is a valid IPv4 address blobpats

I reported the issue here: https://github.com/danfruehauf/NetworkManager-ssh/issues/130

#IPv6 #networking #sysadmin#réseau#réseautique#UX#SSH #proxy#VPN#GNOME#Linux#NetworkManager

A screenshot of the nm-connection-editor GUI for NetworkManager-SSH, where an IPv6 address has been input into the "Gateway" field. With version 1.4.1 of the plugin, it will not work.
A screenshot of the nm-connection-editor GUI for NetworkManager-SSH, where an IPv6 address has been input into the "Gateway" field. With version 1.4.1 of the plugin, it will not work.
A screenshot of the nm-connection-editor GUI for NetworkManager-SSH, where an IPv6 address has been input into the "Gateway" field. With version 1.4.1 of the plugin, it will not work.
  • Copy link
  • Flag this post
  • Block
Jeff Fortin T.
@nekohayo@mastodon.social  ·  activity timestamp last month

Thanks to @s3phy again for helping me understand another area where IPv6 is broken in Linux desktop networking configuration tools: connecting to a SSH server to create a SOCKS proxy using the NetworkManager SSH plugin. That thing only checks if the gateway address is a valid IPv4 address blobpats

I reported the issue here: https://github.com/danfruehauf/NetworkManager-ssh/issues/130

#IPv6 #networking #sysadmin#réseau#réseautique#UX#SSH #proxy#VPN#GNOME#Linux#NetworkManager

A screenshot of the nm-connection-editor GUI for NetworkManager-SSH, where an IPv6 address has been input into the "Gateway" field. With version 1.4.1 of the plugin, it will not work.
A screenshot of the nm-connection-editor GUI for NetworkManager-SSH, where an IPv6 address has been input into the "Gateway" field. With version 1.4.1 of the plugin, it will not work.
A screenshot of the nm-connection-editor GUI for NetworkManager-SSH, where an IPv6 address has been input into the "Gateway" field. With version 1.4.1 of the plugin, it will not work.
  • Copy link
  • Flag this post
  • Block
Felix Palmen :freebsd: :c64:
@zirias@mastodon.bsd.cafe  ·  activity timestamp 4 months ago

Just released: #swad 0.11 -- the session-less swad is done!

Swad is the "Simple Web Authentication Daemon", it adds cookie/form #authentication to your reverse #proxy, designed to work with #nginx' "auth_request". Several modules for checking credentials are included, one of which requires solving a crypto challenge like #Anubis does, to allow "bot-safe" guest logins. Swad is written in pure #C, compiles to a small (200-300kiB) binary, has minimal dependencies (zlib, OpenSSL/LibreSSL and optionally libpam) and should work on many #POSIX-alike systems (#FreeBSD tested a lot, #Linux and #illumos also tested)

This release is the first one not to require a server-side session (which consumes a significant amount of RAM on really busy sites), instead signed Json Web Tokens are now implemented. For now, they are signed using HMAC-SHA256 with a random key generated at startup. A future direction could be support for asymmetric keys (RSA, ED25519), which could open up new possibilities like having your reverse proxy pass the signed token to a backend application, which could then verify it, but still not forge it.

Read more, grab the latest .tar.xz, build and install it ... here: 😎

https://github.com/Zirias/swad

  • Copy link
  • Flag this post
  • Block
Felix Palmen :freebsd: :c64:
@zirias@mastodon.bsd.cafe  ·  activity timestamp 5 months ago

Just released: #swad v0.3!

https://github.com/Zirias/swad/releases/tag/v0.3

swad is the "Simple Web Authentication Daemon", your tiny, efficient and (almost) dependency-free solution to add #cookie + login #form #authentication to whatever your #reverse #proxy offers. It's written in pure #C, portable across #POSIX platforms. It's designed with #nginx' 'auth_request' in mind, example configurations are included.

This release brings a file-based credential checker in addition to the already existing one using #PAM. Also lots of improvements, see details in the release notes.

I finally added complete build instructions to the README.md:

https://github.com/Zirias/swad

And there's more documentation available: manpages as well as a fully commented example configuration file.

  • Copy link
  • Flag this post
  • Block
Log in

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances
Bonfire social · 1.0.0-rc.2.21 no JS en
Automatic federation enabled
  • Explore
  • About
  • Members
  • Code of Conduct
Home
Login