[-] Ooops@feddit.org 2 points 50 minutes ago* (last edited 50 minutes ago)

Quite the contrary. That mass surveilance was pushed through by the EU commision against the parliament that already rejected it (twice).

[-] Ooops@feddit.org 2 points 58 minutes ago

"Waldumbau" tut so als ginge es um echte Wälder, statt der typisch deutschen als Monokultur angelegte Holzplanatage...

[-] Ooops@feddit.org 3 points 1 hour ago

No. Their "here's also this unofficial repository of builds completely maintained by random community users... USE AT YOUR OWN RISK - You have been warned!" ArchUserRepository got the least used (often long abandoned) packages hijacked by some bad actors.

But "Less than 1% of the least used packages in the unofficial repository you were explicitly warned about got hijacked by people trying to infect oyur PC" would not have been an interesting headline gathering attention.

[-] Ooops@feddit.org -1 points 1 hour ago

SystemD started as a pure init system then added a lot of features over time.

Which is either good, if you actually just want something that works, or very bad because you are violating the purity of the Unix way.

Oh, and the best part, a lot of those people loudly against SystemD then praise what Apple did and the whole discussion quickly devolves into an insane "do this! no not like that! because rEaSoNs!!" shitshow.

[-] Ooops@feddit.org 4 points 1 hour ago* (last edited 1 hour ago)

":(){ :|:& };:"@iloverabbits.fun

[-] Ooops@feddit.org 4 points 18 hours ago* (last edited 18 hours ago)

Governments all over the world are destroying welfare. Just never for the imaginary reasons they talk about but because those corrupt fucks want to destroy welfare for their rich buddies benefiting of more dependent workers and lower wages and the populations are finally brain-damaged enough that they can away with their lies.

[-] Ooops@feddit.org 4 points 21 hours ago

"Kritiker fordern von Merz..."

...dann müssen sie ihn eben dafür angemessen entlohnen, wie auch alle anderen, für die Merz und sein ganze Haufen arbeiten...

[-] Ooops@feddit.org 22 points 21 hours ago

Wird er dann in ca. einer Woche auch vor Ort verscharrt oder müssen wir dann dafür zahlen, ihn zurückzubekommen?

[-] Ooops@feddit.org 17 points 21 hours ago

Nichts was sich durch weniger Transparenz und weniger öffentliche Berichte der Überprüfungsstellen nicht lösen lässt...

[-] Ooops@feddit.org 5 points 21 hours ago

"In der Alternativrealität des Märchenwunderlands Deutschland sind Lösungen, die überall sonst funktionieren leider nicht anwendbar und auch überhaupt unbezahlbar, also müssen wir zur Überwindung von Jahrzehnten technischen Rückstands erstmal noch ein paar Jahre lang eine Sonderlösung entwickeln, die dann nicht funktioniert", Episode 2314231894032980

[-] Ooops@feddit.org 4 points 1 day ago

Es gibt kryptographische Methoden, mit denen man sicherstellen kann, dass nur Einsicht erhält, wem man Einsicht gibt

Das ergibt aber nur Sinn, wenn es bei der elektronischen Akte darum ginge, die Informationen besser, sinnvoller und digital zu sammeln. Da das Ziel aber im Schwerpunkt das Verscherbeln der Daten an Unternehmen ist, darf sinnvoller Schutz der Daten nicht mitgedacht werden.

[-] Ooops@feddit.org 10 points 1 day ago

Diese Regierung kriegt “digital” und “vertraulich” einfach nicht hin.

Und währenddessen hallunieren Deutschen immer noch Inkompetenz und Dummheit ihrer Regierung, statt endlich zu akzeptieren, dass die wissen, was sie tun und eben einfach nicht für uns arbeiten.

Keine Konsequenzen und sogar immer brav selbstständig Ausreden für sie erfinden, ist eben auch ein massiver Fehlanreiz.

35
submitted 1 month ago by Ooops@feddit.org to c/unixporn@lemmy.world

25
submitted 2 months ago* (last edited 2 months ago) by Ooops@feddit.org to c/selfhosted@lemmy.world

As this will -thanks to me being quite clueless- be a very open question I will start with the setup:

One nginx server on an old Raspi getting ports 80 and 443 routed from the access point and serving several pages as well as some reverse proxies for other sevices.

So a (very simplified) nginx server-block that looks like this:

# serve stuff internally (without a hostname) via http
server {
	listen 80 default_server;
	http2 on;
	server_name _; 
	location / {
		proxy_pass http://localhost:5555/;
                \# that's where all actual stuff is located
	}
}
# reroute http traffic with hostname to https
server {
	listen 80;
	http2 on;
	server_name server_a.bla;
	location / {
		return 301 https://$host$request_uri;
	}
}
server {
	listen 443 ssl default_server;
	http2 on;
	server_name server_a.bla;
   	ssl_certificate     A_fullchain.pem;
    	ssl_certificate_key A_privkey.pem;
	location / {
		proxy_pass http://localhost:5555/;
	}
}
#actual content here...
server {
	listen 5555;
	http2 on;
    	root /srv/http;
	location / {
        	index index.html;
   	} 
    	location = /page1 {
		return 301 page1.html;
	}
    	location = /page2 {
		return 301 page2.html;
	}
        #reverse proxy for an example webdav server 
	location /dav/ {
		proxy_pass        http://localhost:6666/;
	}
}

Which works well.

And intuitively it looked like putting Anubis into the chain should be simple. Just point the proxy_pass (and the required headers) in the "port 443"-section to Anubis and set it to pass along to localhost:5555 again.

Which really worked just as expected... but only for server_a.bla, server_a.bla/page1 or server_a.bla/page2.

server_a.bla/dav just hangs and hangs, to then time out, seemingly trying to open server_a.bla:6666/dav.

So long story short...

How does proxy_pass actually work that the first setup works, yet the second breaks? How does a call for localhost:6666 (already behind earlier proxy passes in both cases) somehow end up querying the hostname instead?

And what do I need to configure -or what information/header do I need to pass on- to keep the internal communication intact?

view more: next ›

Ooops

0 post score
0 comment score
joined 2 years ago