Login

Recent searches

No recent searches

Search options

Not available on mastodon.xyz.
mastodon.xyz is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Mastodon instance, open to everyone, but mainly English and French speaking.

Administered by:

Server stats:

815
active users

mastodon.xyz: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#reverseproxy

2 posts2 participants0 posts today
Public
zeitverschreib [friendica]

Gemini

Vorab: ich finde es ziemlich störend, dass der Suchbegriff „Gemini“ seit einiger Zeit hauptsächlich irreführende Ergebnisse liefert. Wen interessiert schon dies Google-AI-Monster?

Vor ein paar Tagen bin ich durch einen Post im Fediverse mal wieder daran erinnert worden, dass meine eigene Gemini Capsule ordentlich Staub angesetzt hat. Staub, äh, Asche auf mein Haupt.

Da ich die Funktionstüchtigkeit des Servers zwar ab und an über den zusätzlich vorhandenen https-Link, aber nicht über z.B. LaGrange getest habe, ist mir der Ablauf des Zertifikats auf Port 1965 leider nicht aufgefallen. Seit der Zwischenschaltung des Reverse Proxy werden die Lets-Encrypt-Zertifikate nicht mehr auf dem heimischen Yunohost verwaltet und aktualisiert. Nun stehe ich also vor der Problematik, diese Teilung für eine einzelne Domain wieder aufheben zu müssen.

Da ich darauf nicht zu viel Zeit ver(sch)wenden möchte, könnte es durchaus passieren, dass der Gemini-Server auf den externen VPS umzieht. Der liefert sowieso schon GoToSocial als externes Backup, ergo keine zusätzlichen Kosten/Resourcen benötigt.

Wird außerdem Zeit, dass ich mich wieder mehr mit dem Thema Small Web beschäftige.

#gemini#reverseproxy#yunohost
Public *
Matthias Klein 🇩🇪|🇪🇺

🌐 In the past three days, I've switched my #homelab to a new #ReverseProxy! After using #NginxProxyManager and #Zoraxy, I've now moved to #Pangolin.

Pangolin allows me to provide my #selfhosted services from my home lab without needing to open a port in my #firewall. 🔒

Essentially, it's a self-hosted alternative to #CloudflareTunnels, running on a #VPS. Due to the current political situation in the #USA, I preferred not to use Cloudflare.

Pangolin is based on #WireGuard and #Newt, enabling a #certificate-based direct connection after installing a client on the home server. 🔗

I'm extremely satisfied with it and now have no open ports in my private #network! 🎉

github.com/fosrl/pangolin

Tunneled Mesh Reverse Proxy Server with Identity and Access Control and Dashboard UI - fosrl/pangolin
GitHubGitHub - fosrl/pangolin: Tunneled Mesh Reverse Proxy Server with Identity and Access Control and Dashboard UITunneled Mesh Reverse Proxy Server with Identity and Access Control and Dashboard UI - fosrl/pangolin
Continued thread
Public
SP⟁CED GO⟁T

#Apache #WebServer #ReverseProxy

So, I don't seem to be seeing any useful information in systemd journal, but every time I enable this config and reload Apache it fails. I can't seem to figure out what I'm missing here. Any of y'all have any thoughts or suggestions?

Even if the ports aren't listening, that shouldn't cause Apache to crash out, I've been in that situation many times before. I don't normally use ServerAlias' much, but otherwise I have other almost identical configs that work.

<VirtualHost *:80> ServerName chat.heavy.rocks ServerAlias groups.chat.heavy.rocks ServerAlias share.chat.heavy.rocks ProxyPreserveHost On ProxyPass / http://127.0.0.1:5080/ ProxyPassReverse / http://127.0.0.1:5080/ </VirtualHost> <VirtualHost *:443> ServerName chat.heavy.rocks ServerAlias groups.chat.heavy.rocks ServerAlias share.chat.heavy.rocks SSLEngine On SSLProxyEngine On ProxyPreserveHost On ProxyPass / https://127.0.0.1:5443/ upgrade=websocket timeout=900 ProxyPassReverse / https://127.0.0.1:5443/ </VirtualHost>
Public
Lanie Molinar Carmelo

Hi everyone,

I'm encountering an issue with my self-hosted setup using Caddy 2.9.1 and Authelia 4.38.19. All domains except auth.laniecarmelo.tech return a 401 Unauthorized error. Journald logs suggest issues with insecure schemes ('') instead of https or wss.

Details:

  • Setup: Caddy as reverse proxy, Authelia for authentication
  • Domains: AdGuard Home, Forgejo, LinkAce, MiniFlux, TheLounge, Homepage, Beszel, Glances, Uptime Kuma, Tandoor Recipes, BookStack, Watchtower, Portainer
  • Logs:
    Authelia:
    Feb 24 21:01:47 stormux authelia[2932]: level=error msg="Target URL '/' has an insecure scheme '', only 'https' and 'wss' are supported"Caddy:
    Feb 24 21:19:41 stormux caddy[48845]: {"msg":"handled request","method":"GET","host":"adguard.laniecarmelo.tech","status":200}

Configurations:

Curl Output:

HTTP Request:

$ curl home.laniecarmelo.tech -v
< HTTP/1.1 308 Permanent Redirect
< Location: https://home.laniecarmelo.tech/

HTTPS Request:

$ curl https://home.laniecarmelo.tech -v
< HTTP/2 401 
< content-type: text/plain; charset=utf-8
< server: Caddy
401 Unauthorized

Does anyone know what might be causing this? I suspect it could be related to forward_auth or trusted proxies.

Thanks in advance! 🙏

#SelfHosting #CaddyServer #Authelia #ReverseProxy #TechHelp #Linux #HomeLab
@selfhost @selfhosting @selfhosted

GistAuthelia and Caddy ConfigsAuthelia and Caddy Configs. GitHub Gist: instantly share code, notes, and snippets.
Public
Lanie Molinar Carmelo

Need help with #Caddy configuration. Getting error:
"Error: adapting config using caddyfile: /etc/caddy/Caddyfile:20: parsed 'header' as a site address, but it is a known directive; directives must appear in a site block"

Running #LinkAce behind Caddy. Config has global options block, site blocks for subdomains, and snippets for common configs. Error persists despite:

  • Proper indentation
  • Blank lines between blocks
  • Snippets after global block
  • Valid header directives

Full config: [Pastebin link]

#SelfHosted #Docker #ReverseProxy #WebDev #Linux #HomeLab
@selfhost @selfhosted @selfhosting

Public
Lanie Molinar Carmelo

#MiniFlux users, can anyone help?

Hi all. I'm having some issues with MiniFlux, a #SelfHosted #RSSReader, and hoping someone can help. MiniFlux was working fine until I tried to deploy ReactFlux on the same domain as it, rss.laniecarmelo.tech, on a subpath, /reactflux. This didn't work so I removed ReactFlux. I also migrated MiniFlux from #Docker to #Pacman package, thinking it would be easier on my system. This problem, or a similar one, was occurring before I did that though.

Now, rss.laniecarmelo.tech loads the MiniFlux login page, but when I login, it redirects to a blank page at rss.laniecarmelo.tech/login. I've added trusted proxies and cookie configuration to my miniflux.conf and headers to my Caddyfile, but I still have the issue.

I'm using #Caddy for #ReverseProxy and #Cloudflare for #SSO. Has anyone seen anything like this before? This is on a #RaspberryPi500 running #ArchLinuxARM.

I've checked MiniFlux logs, and it's getting the login requests and creating sessions. I'm not sure what's happening after that. Cloudflared and Caddy seem to be working normally.

#SelFhosting #Linux #RSS #RaspberryPi #RPi #tech #technology
@selfhost @selfhosted @selfhosting

Public
selfhosting.couchsurfing

to sum up what I figured out last night:

Wireguard point-to-point links are as easy to set up as the reverse-proxy apps ('frp' and 'rathole') I've used in the past, and likely more reliable, performant, and secure.

I used this guide to set up such a link: docs.vultr.com/how-to-install-

I'm going to replace my existing setups with this, and I'm pleased that upon finally taking the time to look into it, #Wireguard proved very simple to use.

as for my claims of its likely superiority:

* more reliable due to more highly proficient eyes on the codebase and a bigger userbase smoking out bugs

* more performant due to less copying bytes to/from userspace

* more secure because one point of Wireguard is to have as small a codebase as possible, and again (being in the kernel in part) it has more smart sets of eyes on it; further, it makes use of existing IP networking security practices.

this is a major step forward for Surfhosting. I had a big mental block on deploying Wireguard for quite a while, and now I'm past it. :blobfoxcomfycomputer:

docs.vultr.comHow to Install Wireguard VPN on Debian 12 | Vultr Docs
#ReverseProxy#Homelab
Public
Lanie Carmelo

I'm new to self-hosting and struggling to get my services accessible externally. I'm using Traefik as a reverse proxy on a Raspberry Pi 500 running Stormux (Arch Linux ARM-based). My public IP resolves correctly via Dynu DNS, and ports 80 and 8444 are forwarded in my router. I've configured Traefik to use port 8444 for HTTPS, but external connections time out. I’ve tried:
• Forwarding ports 80 and 8444 in my router
• Allowing ports in iptables and FirewallD
• Setting my router's firewall to low security
• Verifying Traefik is listening on port 8444 locally (works with curl)
• Using Authelia for authentication (middleware configured in Traefik)
Internal access works fine, but external access fails. Could this be an ISP block or something I’m missing? Any advice is appreciated! 🙏
#SelfHosting #Traefik #RaspberryPi #DynuDNS #ReverseProxy #Networking #Help #Tech #Technology #Linux
@selfhost @selfhosting @selfhosted @linux

ExploreLive feeds
About