overview for Ooops

Radicale: Can someone please offer any guidance on usage and security. Om abit lost by Ooops in c/selfhosted@lemmy.world

[-] Ooops@feddit.org 2 points 9 hours ago* (last edited 9 hours ago)

While you are right in general, you are just creating a file with a : line without any identifying context. So have fun searching the world for where I might have actually used it. Sounds like a really bad use of ressources to create list of passwords.

PS: Yes, as an Arch user I am still pissed that this tool is not available in the repos beside installing the complete Apache server...

Freigegebener Teil der deutschen Ölreserve fast aufgebraucht by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 1 points 9 hours ago

Ich dachte eher an Olivenöl...

Freigegebener Teil der deutschen Ölreserve fast aufgebraucht by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 22 points 18 hours ago* (last edited 18 hours ago)

Oh, nein... in 3 Monaten wurden fast 0,5% der Reserve (so winzig ist nämlich der Teil, der freigegeben wurde) aufgebraucht? Was machen wir bloß, wenn die 50 Jahren dann ganz weg sind? Ich fang schonmal an panisch im Kreis zu rennen.

Radicale: Can someone please offer any guidance on usage and security. Om abit lost by Ooops in c/selfhosted@lemmy.world

[-] Ooops@feddit.org 2 points 18 hours ago* (last edited 18 hours ago)

The options to password protect it are in the (usually /etc/radicale/)config file under [auth].

For proper security you could use

type = htpasswd

htpasswd_filename = /etc/radicale/users

htpasswd_encryption = bcrypt

then create a users file with apache tools (htpasswd -c -B users User1) or one of the million online htpasswd file creators.

Einschalten gegen das Abschalten. by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 5 points 1 day ago

Ach, das ist schon okay. Als fairen Ausgleich für die dortige Vernachlässigung werden Migranten einfach weiterhin in der Tagesschau und allen Polittalks besonders bedacht...

OpenAI says fake accounts from China tried to turn Americans against data centers by Ooops in c/news@lemmy.world

[-] Ooops@feddit.org 2 points 1 day ago

Maybe NVIDIA is renting chinese troll farms now. After all they are the absolutely only one making money with this stupid AI bubble.

Deutscher Ethikrat sagt „Nein“ zu Social-Media-Verbot by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 19 points 1 day ago

nicht auf Nutzer:innenseite einschränken, sondern auf der Unternehmensseite

Dafür bräuchte es aber einen Gesetzgeber, der für die Nutzer, nicht für die Unternehmen arbeitet.

Deutsche Haushalte geben mehr Geld für digitale Abos aus by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 19 points 1 day ago

"Die Deutschen lassen sich digitale Abos immer mehr kosten."

Komische Formulierung von "Ohne grundsätzliche technische Expertise, um selbst Alternativen zu basteln, gibt es nur noch SaaS Scheiße, die kontinuierlich schlechter, fragmentierter und teurer wird"...

Plant Ex-Vizekanzler Robert Habeck ein Comeback? by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 45 points 1 day ago* (last edited 1 day ago)

"meldet sich öfter zu Wort" ist 'ne lustige Umschreibung für "wird von deutschen Medien regelmäßig befragt, weil hierzulande ja nur noch Irrsinn von den politischen Sprechpuppen kommt".

Antifaschistischer Kongress in Berlin: TU streicht Vorträge gegen die AfD by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 9 points 1 day ago

Der Übergang von Kapitalismus in der Endphase zu Faschismus, um die Bevölkerung abzulenken und es noch ein bißchen weiter zu treiben, ist fließend...

Automobilbranche wehrt sich gegen E-Zwang für Firmenwagen by Ooops in c/dach@feddit.org

[-] Ooops@feddit.org 18 points 3 days ago

Wenn sich Patienten ihre Behandlung aktiv verweigern, muss man sie halt sterben lassen...

Buzz off by Ooops in c/science_memes@mander.xyz

[-] Ooops@feddit.org 18 points 3 days ago

Thing is it's not actually wasps but just a few very specific kinds of wasps that are assholes ruining the reputation for all.

Something similiar happens for bees. When people talk about them being endangered nowadays they don't mean the domesticated honey bees many think about (those are cared enough for that populations are rather growing) but the many kinds of wild (and often solitary) bees.

30

the boring one running on my ancient toaster for many years [i3, transparent xfce-panel over conky as bottom bar] (thelemmy.club)

submitted 1 week ago by Ooops@feddit.org to c/unixporn@lemmy.world

1 comments fedilink

26

Need some ELI5 on proxy_pass in Nginx, in particular regarding having Anubis in the chain (feddit.org)

submitted 2 months ago* (last edited 2 months ago) by Ooops@feddit.org to c/selfhosted@lemmy.world

11 comments fedilink

As this will -thanks to me being quite clueless- be a very open question I will start with the setup:

One nginx server on an old Raspi getting ports 80 and 443 routed from the access point and serving several pages as well as some reverse proxies for other sevices.

So a (very simplified) nginx server-block that looks like this:

# serve stuff internally (without a hostname) via http
server {
	listen 80 default_server;
	http2 on;
	server_name _; 
	location / {
		proxy_pass http://localhost:5555/;
                \# that's where all actual stuff is located
	}
}
# reroute http traffic with hostname to https
server {
	listen 80;
	http2 on;
	server_name server_a.bla;
	location / {
		return 301 https://$host$request_uri;
	}
}
server {
	listen 443 ssl default_server;
	http2 on;
	server_name server_a.bla;
   	ssl_certificate     A_fullchain.pem;
    	ssl_certificate_key A_privkey.pem;
	location / {
		proxy_pass http://localhost:5555/;
	}
}
#actual content here...
server {
	listen 5555;
	http2 on;
    	root /srv/http;
	location / {
        	index index.html;
   	} 
    	location = /page1 {
		return 301 page1.html;
	}
    	location = /page2 {
		return 301 page2.html;
	}
        #reverse proxy for an example webdav server 
	location /dav/ {
		proxy_pass        http://localhost:6666/;
	}
}

Which works well.

And intuitively it looked like putting Anubis into the chain should be simple. Just point the proxy_pass (and the required headers) in the "port 443"-section to Anubis and set it to pass along to localhost:5555 again.

Which really worked just as expected... but only for server_a.bla, server_a.bla/page1 or server_a.bla/page2.

server_a.bla/dav just hangs and hangs, to then time out, seemingly trying to open server_a.bla:6666/dav.

So long story short...

How does proxy_pass actually work that the first setup works, yet the second breaks? How does a call for localhost:6666 (already behind earlier proxy passes in both cases) somehow end up querying the hostname instead?

And what do I need to configure -or what information/header do I need to pass on- to keep the internal communication intact?