MastodonTech.de

OliverWhat I wanted to do: Move this mastodon instance from its current datacenter location to my homelab. What I did: Update all my <a href="https://lfnt.site/tags/proxmox" class="mention hashtag" rel="nofollow noopener" target="_blank">#proxmox</a> nodes to the latest release, remove <a href="https://lfnt.site/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> and <a href="https://lfnt.site/tags/acme" class="mention hashtag" rel="nofollow noopener" target="_blank">#acme</a> packages from <a href="https://lfnt.site/tags/pfsense" class="mention hashtag" rel="nofollow noopener" target="_blank">#pfsense</a> in favour of a dedicated machine handling it. That machine, however, still needs an ansible role and playbook to be written, in order to set it up 🙈 Let's gooooo! 😂 <a href="https://lfnt.site/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a> <a href="https://lfnt.site/tags/automation" class="mention hashtag" rel="nofollow noopener" target="_blank">#automation</a> <a href="https://lfnt.site/tags/selfhosting" class="mention hashtag" rel="nofollow noopener" target="_blank">#selfhosting</a>

Nils Goroll 🕊️:varnishcache:<a href="https://toot.community/@jorijn" class="u-url mention" rel="nofollow noopener" target="_blank">@jorijn</a> yes, as of today, the recommended way is to use <a href="https://fosstodon.org/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> as a combined tls onloader/offloader with the PROXY2 protocol such that haproxy has "zero" configuration: see <a href="http://varnish-cache.org/docs/trunk/users-guide/vcl-backends.html#connecting-through-a-proxy" rel="nofollow noopener" translate="no" target="_blank">http://varnish-cache.org/docs/trunk/users-guide/vcl-backends.html#connecting-through-a-proxy</a> and .via in <a href="http://varnish-cache.org/docs/trunk/reference/vcl-backend.html#vcl-backend-7" rel="nofollow noopener" translate="no" target="_blank">http://varnish-cache.org/docs/trunk/reference/vcl-backend.html#vcl-backend-7</a> this also works with dns: <a href="https://github.com/nigoroll/libvmod-dynamic/blob/master/src/vmod_dynamic.vcc" rel="nofollow noopener" translate="no" target="_blank">https://github.com/nigoroll/libvmod-dynamic/blob/master/src/vmod_dynamic.vcc</a>that said, we will do something about this eventually <a href="https://fosstodon.org/tags/varnishcache" class="mention hashtag" rel="nofollow noopener" target="_blank">#varnishcache</a>

Mike TobiasDid a quick writeup of how I use <a href="https://infosec.exchange/tags/anubis" class="mention hashtag" rel="nofollow noopener" target="_blank">#anubis</a> behind <a href="https://infosec.exchange/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> in my <a href="https://infosec.exchange/tags/homelab" class="mention hashtag" rel="nofollow noopener" target="_blank">#homelab</a>.<a href="https://mktbs.net/blog/2025/05/19/running-anubis-behind-haproxy/" rel="nofollow noopener" translate="no" target="_blank">https://mktbs.net/blog/2025/05/19/running-anubis-behind-haproxy/</a>Thanks to <a href="https://pony.social/@cadey" class="u-url mention" rel="nofollow noopener" target="_blank">@cadey</a> for the project. Support them!

Matt "msw" Wilson“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”<a href="https://mstdn.social/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSSL</a> <a href="https://mstdn.social/tags/BoringSSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#BoringSSL</a> <a href="https://mstdn.social/tags/WolfSSL" class="mention hashtag" rel="nofollow noopener" target="_blank">#WolfSSL</a> <a href="https://mstdn.social/tags/AWSLC" class="mention hashtag" rel="nofollow noopener" target="_blank">#AWSLC</a> <a href="https://mstdn.social/tags/HAProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#HAProxy</a> <a href="https://mstdn.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a> <a href="https://mstdn.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeSoftware</a> <a href="https://mstdn.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a> <a href="https://mstdn.social/tags/OSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#OSS</a> <a href="https://mstdn.social/tags/TLS" class="mention hashtag" rel="nofollow noopener" target="_blank">#TLS</a> <a href="https://mstdn.social/tags/QUIC" class="mention hashtag" rel="nofollow noopener" target="_blank">#QUIC</a> <a href="https://www.haproxy.com/blog/state-of-ssl-stacks" rel="nofollow noopener" translate="no" target="_blank">https://www.haproxy.com/blog/state-of-ssl-stacks</a>

Kevin Karhan :verified:<a href="https://chaos.social/@f4grx" class="u-url mention" rel="nofollow noopener" target="_blank">@f4grx</a> <a href="https://mastodon.social/@nixCraft" class="u-url mention" rel="nofollow noopener" target="_blank">@nixCraft</a> <a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener" target="_blank">@torproject</a> not really.<ol><li><a href="https://infosec.space/tags/aws" class="mention hashtag" rel="nofollow noopener" target="_blank">#aws</a> has pretty chunky blocks like /14.</li><li>They don't use <a href="https://infosec.space/tags/IPv6" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv6</a>, only <a href="https://infosec.space/tags/IPv4" class="mention hashtag" rel="nofollow noopener" target="_blank">#IPv4</a>.</li><li>Blocking entrie <a href="https://infosec.space/tags/ASN" class="mention hashtag" rel="nofollow noopener" target="_blank">#ASN</a>|s is easy.</li></ol>I do this with <a href="https://infosec.space/tags/pfSense" class="mention hashtag" rel="nofollow noopener" target="_blank">#pfSense</a> & <a href="https://infosec.space/tags/pfBlockerNG" class="mention hashtag" rel="nofollow noopener" target="_blank">#pfBlockerNG</a> for quite a while…And the same <a href="https://infosec.space/tags/blocklist" class="mention hashtag" rel="nofollow noopener" target="_blank">#blocklist</a> also works for other applications like <a href="https://infosec.space/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#nginx</a>, <a href="https://infosec.space/tags/HAproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#HAproxy</a>, <a href="https://infosec.space/tags/httpd" class="mention hashtag" rel="nofollow noopener" target="_blank">#httpd</a>, etc.

IndiealexhI spent probably a weeks worth of hours learning more <a href="https://tny.social/tags/kubernetes" class="mention hashtag" rel="nofollow noopener" target="_blank">#kubernetes</a> so I could save $60 a month.I have a nice 3 node kube cluster with a 2 node <a href="https://tny.social/tags/keepalived" class="mention hashtag" rel="nofollow noopener" target="_blank">#keepalived</a> <a href="https://tny.social/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> TCP load balancer. All on <a href="https://tny.social/tags/ARM" class="mention hashtag" rel="nofollow noopener" target="_blank">#ARM</a> VPS.Haproxy ingress <a href="https://tny.social/tags/ExternalDNS" class="mention hashtag" rel="nofollow noopener" target="_blank">#ExternalDNS</a> operator <a href="https://tny.social/tags/CertManager" class="mention hashtag" rel="nofollow noopener" target="_blank">#CertManager</a> <a href="https://tny.social/tags/RookCeph" class="mention hashtag" rel="nofollow noopener" target="_blank">#RookCeph</a> <a href="https://tny.social/tags/ArgoCD" class="mention hashtag" rel="nofollow noopener" target="_blank">#ArgoCD</a> <a href="https://tny.social/tags/KeyCloak" class="mention hashtag" rel="nofollow noopener" target="_blank">#KeyCloak</a> <a href="https://tny.social/tags/ValKey" class="mention hashtag" rel="nofollow noopener" target="_blank">#ValKey</a> <a href="https://tny.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mastodon</a> <a href="https://tny.social/tags/CloudNativePG" class="mention hashtag" rel="nofollow noopener" target="_blank">#CloudNativePG</a> <a href="https://tny.social/tags/Postgresql" class="mention hashtag" rel="nofollow noopener" target="_blank">#Postgresql</a>

Mikael HanssonBecause I'm stupid, my next little project is simplifying not only <a href="https://hachyderm.io/tags/distrohopping" class="mention hashtag" rel="nofollow noopener" target="_blank">#distrohopping</a> but OS-hopping (in a very limited and specific way): I'm attempting to build an <a href="https://hachyderm.io/tags/Ansible" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ansible</a> play to deploy <a href="https://hachyderm.io/tags/HAProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#HAProxy</a> with <a href="https://hachyderm.io/tags/acme" class="mention hashtag" rel="nofollow noopener" target="_blank">#acme</a> (via acme.sh) identically across <a href="https://hachyderm.io/tags/Fedora" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fedora</a> <a href="https://hachyderm.io/tags/Debian" class="mention hashtag" rel="nofollow noopener" target="_blank">#Debian</a> <a href="https://hachyderm.io/tags/Ubuntu" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ubuntu</a> and <a href="https://hachyderm.io/tags/FreeBSD" class="mention hashtag" rel="nofollow noopener" target="_blank">#FreeBSD</a> servers. Why? Why not?

raspbeguyLe numéro mai-juin de Linux Pratique (disponible en kiosque dans une semaine) contient mon nouvel article traitant de la gestion de <a href="https://social.gugod.fr/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> à l'aide de <a href="https://social.gugod.fr/tags/terraform" class="mention hashtag" rel="nofollow noopener" target="_blank">#terraform</a>. Si vous le lisez, n'hésitez pas à me partager vos retours 👍<a href="https://social.gugod.fr/tags/publication" class="mention hashtag" rel="nofollow noopener" target="_blank">#publication</a> <a href="https://social.gugod.fr/tags/magazine" class="mention hashtag" rel="nofollow noopener" target="_blank">#magazine</a> <a href="https://social.gugod.fr/tags/papier" class="mention hashtag" rel="nofollow noopener" target="_blank">#papier</a> <a href="https://social.gugod.fr/tags/linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#linux</a> <a href="https://social.gugod.fr/tags/devops" class="mention hashtag" rel="nofollow noopener" target="_blank">#devops</a>

Carsten Rieger IT-Services 🔒<a href="https://digitalcourage.social/tags/HAProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#HAProxy</a> v.3 InstallationsanleitungMit Hilfe unserer Installationsanleitung für den HAProxy Version 3 stable (LTS) können Sie beispielsweise zwei verschiedene Cloud-Anwendungen parallel betreiben und diese mit LetsEncrypt Zertifikaten versorgen. Wir nutzen dafür einen Mixed Mode, also Layer 6 (http) und Layer 4 (tcp für https) in der HAProxy-Konfiguration. Der HAProxy agiert dabei als klassischer ReverseProxy und kann auf Wunsch auch zum Loadbalancer erweitert werden. Nachfolgend stellen wir dafür unsere HAProxy-Konfiguration aus dem Labor bereit. Diese nutzen wir bspw. für unsere Cloud-Testinstanzen (bspw. <a href="https://digitalcourage.social/tags/Nextcloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#Nextcloud</a> und <a href="https://digitalcourage.social/tags/opencloud" class="mention hashtag" rel="nofollow noopener" target="_blank">#opencloud</a> auf einem dedizierten Server. Die SSL-Terminierung übernimmt dabei das jeweilige Backend, also Nextcloud und OpenCloud und nicht der HAProxy selbst. Der HAProxy reicht die https-Anfragen an die Anwendung durch und agiert im tcp-Mode (Layer 4) quasi transparent. 👇 <a href="https://www.c-rieger.de/haproxy-installationsanleitung/" rel="nofollow noopener" translate="no" target="_blank">https://www.c-rieger.de/haproxy-installationsanleitung/</a>

✰ 𝔽𝕣𝕖𝕕 ✰<a href="https://mamot.fr/users/ploum" class="u-url mention" rel="nofollow noopener" target="_blank">@ploum@mamot.fr</a> i am also using it <a href="https://social.freebsd.amsterdam?t=snac" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac</a> <a href="https://social.freebsd.amsterdam?t=haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a>

✰ 𝔽𝕣𝕖𝕕 ✰do you have anything in between <a href="https://social.freebsd.amsterdam?t=snac" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac</a> and <a href="https://social.freebsd.amsterdam?t=haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a>? I am currently unable to find a way to get rid of the <pre># webfinger location /.well-known/webfinger { proxy_pass http://localhost:8001; proxy_set_header Host $http_host; proxy_set_header X-Forwarded-For $remote_addr; } </pre>and the like in <a href="https://social.freebsd.amsterdam?t=nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#nginx</a>

✰ 𝔽𝕣𝕖𝕕 ✰great work! Looking forward to a (speedy) blog posting Is there no other service between <a href="https://social.freebsd.amsterdam?t=snac" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac</a> and <a href="https://social.freebsd.amsterdam?t=haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> ?

Stefano MarinelliI've performed some tests, and it's great. <a href="https://mastodon.bsd.cafe/tags/snac" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac</a> and <a href="https://mastodon.bsd.cafe/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> are working great together - now with caching of media and json responses, to scale up, and up, and up...and up! <a href="https://mastodon.bsd.cafe/tags/Varnish" class="mention hashtag" rel="nofollow noopener" target="_blank">#Varnish</a> is the best tool for caching, but the setup I've tested doesn't require it and it's still good enough. I think this will be a blog post, as soon as I'll have enough time.<a href="https://mastodon.bsd.cafe/tags/snac2" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac2</a> <a href="https://mastodon.bsd.cafe/tags/Fediverse" class="mention hashtag" rel="nofollow noopener" target="_blank">#Fediverse</a> <a href="https://mastodon.bsd.cafe/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#IT</a> <a href="https://mastodon.bsd.cafe/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#SysAdmin</a>

Stefano MarinelliGoing on with <a href="https://fedihome.stefanomarinelli.it?t=haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> in front of <a href="https://fedihome.stefanomarinelli.it?t=snac2" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac2</a> - I've just tested an interesting caching for json response. This will surely help instances like FediMeteo. It's not struggling, but I love optimizing stuff!

Koen de Jonge - SynQI just unfollowed <a href="https://procolix.social/tags/HAProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#HAProxy</a> from Twitter, but it seems they are not here on the Fediverse.A pity, I will miss them.<a href="https://procolix.social/tags/eXit" class="mention hashtag" rel="nofollow noopener" target="_blank">#eXit</a>

✰ 𝔽𝕣𝕖𝕕 ✰Seems my snac2 instance is running behind <a href="https://social.freebsd.amsterdam?t=haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a>. \o/ CC: <a href="https://snac.it-notes.dragas.net/itnotes" class="u-url mention" rel="nofollow noopener" target="_blank">@itnotes@snac.it-notes.dragas.net</a>

@𝕗𝕕𝟘@𝕓𝕤𝕕.𝕟𝕖𝕥𝕨𝕠𝕣𝕜<a href="https://mastodon.bsd.cafe/@stefano" class="u-url mention" rel="nofollow noopener" target="_blank">@stefano</a> <a href="https://snac.it-notes.dragas.net/itnotes" class="u-url mention" rel="nofollow noopener" target="_blank">@itnotes</a> connection to <a href="https://exquisite.social/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> works fine, including TLS offloading. connection from <a href="https://exquisite.social/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> to <a href="https://exquisite.social/tags/snac" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac</a> also works fine. I guess I still need to convert the <a href="https://exquisite.social/tags/apache" class="mention hashtag" rel="nofollow noopener" target="_blank">#apache</a> or <a href="https://exquisite.social/tags/nginx" class="mention hashtag" rel="nofollow noopener" target="_blank">#nginx</a> proxying to work properly….

@𝕗𝕕𝟘@𝕓𝕤𝕕.𝕟𝕖𝕥𝕨𝕠𝕣𝕜trying to setup <a href="https://exquisite.social/tags/snac" class="mention hashtag" rel="nofollow noopener" target="_blank">#snac</a> behind <a href="https://exquisite.social/tags/haproxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#haproxy</a> if all works well, will connect to another instance <a href="https://snac.it-notes.dragas.net/itnotes" class="u-url mention" rel="nofollow noopener" target="_blank">@itnotes</a>

ScriptFanix💍⏚ ⸫The aboce applies if the client reports "NS_PARTIAL_TRANSFER" and the stream state at disconnection reported by <a href="https://maly.io/tags/HAProxy" class="mention hashtag" rel="nofollow noopener" target="_blank">#HAProxy</a> is "cD"Stream state at disconnection: <a href="http://docs.haproxy.org/3.0/configuration.html#8.5" rel="nofollow noopener" translate="no" target="_blank">http://docs.haproxy.org/3.0/configuration.html#8.5</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#haproxy