2025-04-01
This commit is contained in:
parent
6d8d0d8c2d
commit
5ca407f1d8
@ -1050,6 +1050,50 @@ pre { /* DRY who? */
|
||||
}
|
||||
|
||||
|
||||
/blah/2025-04-01.html
|
||||
|
||||
: openbsd server
|
||||
|
||||
i'm using caddy instead of relayd,httpd,acme because i like an easy config for
|
||||
web shit and i loathe tls stuff
|
||||
|
||||
/etc/caddy/Caddyfile
|
||||
|
|
||||
| # lightly modified default
|
||||
| {
|
||||
| http_port 8080
|
||||
| https_port 8443
|
||||
| admin unix//var/caddy/admin.sock|0220
|
||||
| }
|
||||
|
|
||||
| trinity.moe {
|
||||
| root * /srv/trinity.moe
|
||||
| file_server
|
||||
| }
|
||||
|
|
||||
| www.trinity.moe {
|
||||
| redir https://trinity.moe{uri}
|
||||
| }
|
||||
|
||||
cool and all, right? except caddy can't bind to low ports on openbsd, because
|
||||
caddy isn't running as root (which is a security issue) and openbsd can't let
|
||||
non-root processes bind to low ports like linux can. so we've bound to high
|
||||
ports. let's fix this in pf(4)
|
||||
|
||||
/etc/pf.conf
|
||||
| # [ defaults included, but i'm not copying them over here ]
|
||||
| pass in on any proto tcp from any to any port 80 rdr-to 127.0.0.1 port 8080
|
||||
| pass in on any proto tcp from any to any port 443 rdr-to 127.0.0.1 port 8443
|
||||
|
||||
okay cool
|
||||
|
||||
for a while trinity.moe was hosted on the same machine as feeling.murderu.us,
|
||||
as of today that is no longer the case (i still own murderu.us and everything,
|
||||
i just wanted a personal vps for other things too)
|
||||
|
||||
maybe there will be more blah posts but probably not
|
||||
|
||||
|
||||
/blah/2024-12-01.html
|
||||
|
||||
: vaporware i looked forward to
|
||||
|
||||
Loading…
Reference in New Issue
Block a user