Nostr View - i may need to make a separate repo for my reverse

Nostr View

mleku @mleku - 7h

i may need to make a separate repo for my reverse proxy now i'm about to add into it the capability to listen on a non-internet address... so yeah i might make it refuse to use anything but 192.168 and 10. actually, why not, so it should be making the reverse proxy able to not only bounce traffic around to arbitrary network addresses connected to the server is cool, it lets me do nip-05 and #golang vanity import redirects, but now also to act as a full blown VPN, is kinda cool, i mean, it's not really a VPN, you have to configure your wireguard tunnel independently, and then set it to listen the socks5 port on it, this makes it something more than just a side project i'm doing, and i should pop it out and make it more prominent what will make it different is that it already has LetsEncrypt and custom SSL certificates (i added this because letsencrypt started jerking me around with making subdomains and wildcards) is that it will use that SSL/TLS capability to present an SSL capable address, as though it was something like, for example: https://realy.realy.lol which would be on port 443 and needs to have an SSL certificate with either that literal address baked into it or a *.realy.lol (which i have) and then decrypt those messages and send them over http to the relay, which only sees http without encryption, over localhost, in this case, as it only listens on localhost or wireguard VPN addresses HAHAHAHA ok shit i just figured out that i already had the relay listening on http on the public IP address on some given port... i hadn't seen any traffic that way, because web clients dun like http and i didn't advertise it, but ok, now it's closed up, reverse proxy is now only forwarding to a localhost to the relay... nice catch! as they say nah it was really no big deal because the relay requires auth and stupid to be them trying to use it without security over the internet these days, relay doesn't send out any traffic that isn't already going out over to public relays anyway but it's fixed, anyway anyway, so, now, i'm going to migrate this repo to its own, probably https://proxy.realy.lol with a go vanity redirect and add to it the ability to act as a socks5 proxy and thus let me add address rewriters to it that forward fake imaginary IP addresses to configured paths using the neat mapping syntax that it already has, just gotta think of a way to signify that it's a socks redirect this is fun... anyway, the end result of this is going to be that it will let me mod nostrudel to use a non-localhost , but private IP address as a fake address that will forward to my actual relays (either my test, which runs on my pc here, or to my production relay, which runs on the VPS alongside the reverse proxy) what it will do is enable me to make a "fake" DNS name for my relay, and set that as the address in a fork of #nostrudel and this will make my personal relay on my VPS into a full blown cache relay for nostrudel it's a small step, but with the proxy it actually enables someone to do this back to their own home PC with a relay running on it, that appears to be a HTTPS capable relay but because of the fake DNS nobody else has to be able to see it, because i can rewrite the address ... damn, i don't have this straight in my mind yet exactly

0

0

3

Showing page 1 of 1 pages