💾 Archived View for bbs.geminispace.org › u › alexlehm_mobile › 6087 captured on 2024-05-26 at 16:19:54. Gemini links have been rewritten to link to archived content
⬅️ Previous capture (2024-05-10)
-=-=-=-=-=-=-
a proxy protocol which supports path rules would be cool maybe
2023-10-10 · 8 months ago
🍭 jmjl [OP] · 2023-10-10 at 14:19:
@mediocregopher Domani still doesn't support transparent proxying I think, it isn't using the CAP_NET_RAW capability to do transparent proxing, an example can be found with sslh, linked below. (How to configure, not the code that does the transparent proxying)
— SSLH Transparent proxy config guide.
👻 mediocregopher [...] · 2023-10-10 at 16:25:
@jmjl perhaps I'm misusing the term transparent proxying. I don't really care about the original IP of the connection, especially with gemini I don't see what utility it would have. But yeah if you do care about that I suppose iptables will need to get involved.
🍭 jmjl [OP] · 2023-10-10 at 17:35:
At the end some users in IRC pointed me out to sslh, you need to do some prior configurations, but it seems to work fine, (for what I've tested, I've currently got a borked gemini server (tilde.green) but yeah)
Proxy Protocol Idea — As you might have noticed, gemini has TLS, but it also has proxy support. Which means you can't really reverse proxy services like Bubble or Astrobotany, because they require a TLS Client Certificate. So I thought about making some kind of additional protocol that would be usefull for gemini proxy servers. This would be usefull on tildes where they would for example want to run their own bubble or astrobotany and also have their normal website, but all being hosted by the...