๐พ Archived View for bbs.geminispace.org โบ u โบ clseibold โบ 20308 captured on 2024-12-17 at 15:29:25. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
Re: "There has been some discussion in the past about using..."
I believe for protocols with SSL that aren't https, you have to have an SSL cert at the reverse proxy side to decrypt, and then it will re-encrypt when it reverse proxies to your local server, afaik. I've never used this myself yet.
It's much easier to just use a gemini server with virtual hosting (and if required, the ability to specify different certs for different virtual hosts could be done with SNI). Gemini works well with virtual hosting.
Oct 03 ยท 2 months ago
๐ฆ zzo38 ยท Oct 03 at 22:35:
I would expect it would also be possible for a server to read the TLS client hello message and find the SNI, and use that to determine what to forward it to, without needing to decrypt or encrypt anything. (This would work with any protocol that uses TLS.)
๐ป mediocregopher [...] ยท Oct 04 at 07:56:
Traefik apparently supports exactly what @zzo38 described https://jean.ribes.ovh/gemini-reverse-proxy-using-traefik/
๐ jsreed5 [OP] ยท Oct 05 at 13:06:
Thank you for your comments, everyone! For context, ideally I want to have my Gemini links resolve from both the root domain jsreed5.org and the subdomain gemini.jsreed5.org, while any other services require a subdomain (gopher.jsreed5.org, www.jsreed5.org. etc.). It sounds like Traefik might be the best way to do that.
There has been some discussion in the past about using reverse proxies with Gemini. Do any reverse proxies work? I'm getting ready to run a few other services on my capsule EC2 instance and I'd like them to use their own subdomains.