💾 Archived View for rawtext.club › ~sloum › geminilist › 006585.gmi captured on 2023-11-14 at 09:15:22. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2021-11-30)

-=-=-=-=-=-=-

<-- back to the mailing list

[tech] Gemini reverse proxy

Omar Polo op at omarpolo.com

Thu May 27 10:29:57 BST 2021

- - - - - - - - - - - - - - - - - - - 

Michael Lazar <lazar.michael22 at gmail.com> writes:

Greetings,
Has anyone gotten a reverse proxy server working with gemini?
Specifically, I'm looking for something that can listen on port 1965
and route encrypted traffic to other ports based on the TLS SNI. I
don't want to do TLS termination at the proxy-layer because I need to
support client certificates on the destination servers.
From my research, it looks like Nginx and HAProxy both claim to
support TLS routing like this, but I can't for the life of me figure
out how to configure either of them :/
Best,
Michael

Not exactly what you're asking for, but have you considered usingFastCGI? It would allow your gemini server to do TLS and forwardrequests to various backends. Info about the client certificates can besent as parameters.

I think it could be a viable option for Gemini, and I started toexperiment with it in gmid[0], but further work in needed in thisregard.

HTH,

Omar Polo

[0]: https://github.com/omar-polo/gmid/commit/8ff40039e885f6ba64c887f390daf7e7f3bc2ff8