photog.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A place for your photos and banter. Photog first is our motto Please refer to the site rules before posting.

Administered by:

Server stats:

268
active users

#nginx

2 posts2 participants1 post today

Sometimes I'm happy to tinker with #HomeLab stuff, and other times I just want it to work when I thought it'd be a quick job.

Related: If anyone knows why I'm getting a 500 error running git-http-backend in a #FreeBSD jail with #nginx that'd be great.

I've set up directory browsing as well, and that all works fine. Nginx logs show no errors. But cloning always results in a 500 response.

Just released: #swad 0.5

swad is the "Simple Web Authentication Daemon", meant to add authentication using a #cookie and a #login form to your reverse proxy. It's designed for #nginx' "auth_request" module. It's written in pure #C with very few external dependencies (zlib, and depending on build options OpenSSL/LibreSSL and #PAM).

And with this release, it also allows guest logins using the crypto puzzle you may already know from #Anubis!

Read more in the release notes, grab the .tar.xz and build/install it 😎

github.com/Zirias/swad/release

New features:

New credentials checker "pow", providing a guest login which requires
the browser to solve a cryptographic puzzle, see README.pow.md.
Overridable templates (also per realm) and globa...
GitHubRelease swad 0.5 · Zirias/swadNew features: New credentials checker "pow", providing a guest login which requires the browser to solve a cryptographic puzzle, see README.pow.md. Overridable templates (also per realm) and globa...

Just released: #swad v0.3!

github.com/Zirias/swad/release

swad is the "Simple Web Authentication Daemon", your tiny, efficient and (almost) dependency-free solution to add #cookie + login #form #authentication to whatever your #reverse #proxy offers. It's written in pure #C, portable across #POSIX platforms. It's designed with #nginx' 'auth_request' in mind, example configurations are included.

This release brings a file-based credential checker in addition to the already existing one using #PAM. Also lots of improvements, see details in the release notes.

I finally added complete build instructions to the README.md:

github.com/Zirias/swad

And there's more documentation available: manpages as well as a fully commented example configuration file.

New features:

New credential checker "file", using a password file with bcrypt
hashes
New tool "swadpw", for editing password files

Improvements:

[Performance] Support epoll, kqueue and poll in ...
GitHubRelease swad 0.3 · Zirias/swadNew features: New credential checker "file", using a password file with bcrypt hashes New tool "swadpw", for editing password files Improvements: [Performance] Support epoll, kqueue and poll in ...
Finally have my Prosody server all compliant!

I had an epiphany last night about something in the nginx config and after sorting that, all the optional XEP listed also pass!

Now to convince wife and kids to use it for our group chat... they really don't want to install any more apps, because I'm "being difficult" because they already use whatsapp 😑

The main reason I'm impressed with it over matrix, is reliable notifications. It just works. So far, anyway.

Thank you to the people that replied to my post last week suggesting I try xmpp after the matrix server we used shut down. I had written it off as an old platform for nerds, but it's... actually really good ❤️

#prosody #xmpp #chat #nginx #matrix

GRRRR!!!

I just spent the last hour of my life chasing round in circles just because #nginx wouldnt serve up my css file for some reason. I forced the mime types in the nginx config and everything...

Weirdly, Chrome was fine but firefox wasnt when loading this?

Anyway, turns out the reason why is because nginx has this *14 year old* bug that means it falls apart whenever there's a dash in a file name. Wtf?! How has no one looked at that yet 😫

Ive built a setup for hosting websites which consists of:
* Host running #microos with #podman
* #Treafik and #sshpiper at the edge
* #Nginx, php-fpm, #mariadb + phpmyadmin + nginx or #postgres + dbadmin, openssh for each site

It actually works quite well, openssh keybased access is to transfer files into the containers, traefik does the reverse proxying.

I'm just wondering if its a sustainable and maintainable setup. Sometimes just going with a "standard" solution seems so much easier.

Replied in thread

DId lots of smaller improvements to #swad ... but first, I had to hunt down a crash 🤯. Finally found it was caused by my #poser lib (to be fixed later): A connection there can resolve the hostname of a remote end and does so in a thread job to avoid blocking. If the connection dies meanwhile, the job is canceled. Seems my canceling mechanism relying on a signal to the thread is, well, not reliable (the signal can arrive delayed). Ok, for now just disabled name resolution to sidestep that.

Now, integration with #nginx is much better. I intrdoduced (optional) custom headers to transport the authentication realm and the redirect URI, plus state management in the session, so these can be passed to the "auth" endpoint. This requires to make sure nginx always passes the session #cookie, Unfortunately, I still need a "hacky" redirect configuration for login in nginx. If auth_request could just pass the response body, this would be unnecessary .... 🙄

The nginx configuration shows #swad running on "files" and another nginx running on "wwwint" serving #poudriere output there. This nginx instance helpfully adds cache hints, which I have to override, so a redirect works as expected when for example the swad session times out.

I've set up my new #inkscape website AI bot trap. It works by giving everyone a chance to not fall into it.

An anchor link that says "I am a bot" and links to /P3W-451/{datetime}/ it's got a fixed position at top -100px so should never be seen

The robots.txt says "Disallow: /P3W-451/" so if you were reading the robots, you'd know.

Then #nginx logs the requests to a log of their ip-addresses and browser strings and sends them a 301 redirect to google.com

#ai #Scraping

1/2