i hate firewall configuration, iptables is nasty... ufw is nice but it doesn't extend to NAT forwarding *facepalm* but HTTP reverse proxy is a piece of cake, my reverse proxy `lerproxy` even adds a HTTP header that is a standard field when using a reverse proxy so the origin is passed forward to the server instead of it only seeing the proxy's IP
i find TLS super annoying, especially if i need to share the service to someone else who i would otherwise need to give a CA to import to use a custom certificate but with a proper wildcard cert and a domain name i can do all that in one
though for some reason there's a lot of clients that seem to currently not actually accept the CA (sectigo) and i already established this is something to do with openssh... i literally just saw it update just now on my WSL2 arch environment so i presume that those slackarses at openssh forgot to fucking update the cert that was expired a few days back
more facepalm... and this is why i hate TLS
mleku / ⚡️mleku@getalby.com
npub1fj…mleku
2024-09-15 09:55:34
in reply to nevent1q…25wq
Author Public Key
npub1fjqqy4a93z5zsjwsfxqhc2764kvykfdyttvldkkkdera8dr78vhsmmlekuPublished at
2024-09-15 09:55:34Event JSON
{
"id": "08b712469773d3440f16f3036a09dcb140ca5f78d8618f346ee0cc5444b975ce",
"pubkey": "4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f",
"created_at": 1726394134,
"kind": 1,
"tags": [
[
"e",
"782a728a9566dbdb15bd8a9a3ac2f08bac86b2aa5c41b2cbc125e4622cd2c067",
"wss://nostr.land/",
"root",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
],
[
"e",
"59cadf65e1955014b138ae9faf108f3ecd282c8c6ea76782fd1d54aa823e93e7",
"wss://nostr.land/",
"mention",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
],
[
"e",
"3562b0ef88cfa64761aff6361f046dec5918572e76c18ceaa99123c21c1d0431",
"wss://nostr.land/",
"reply",
"4c800257a588a82849d049817c2bdaad984b25a45ad9f6dad66e47d3b47e3b2f"
]
],
"content": "i hate firewall configuration, iptables is nasty... ufw is nice but it doesn't extend to NAT forwarding *facepalm* but HTTP reverse proxy is a piece of cake, my reverse proxy `lerproxy` even adds a HTTP header that is a standard field when using a reverse proxy so the origin is passed forward to the server instead of it only seeing the proxy's IP\n\ni find TLS super annoying, especially if i need to share the service to someone else who i would otherwise need to give a CA to import to use a custom certificate but with a proper wildcard cert and a domain name i can do all that in one\n\nthough for some reason there's a lot of clients that seem to currently not actually accept the CA (sectigo) and i already established this is something to do with openssh... i literally just saw it update just now on my WSL2 arch environment so i presume that those slackarses at openssh forgot to fucking update the cert that was expired a few days back\n\nmore facepalm... and this is why i hate TLS",
"sig": "1c3c7af5beb3d10d57242f360efe21f6d201fac597c12b3f6ad1d77ac10d0bec433bef49073085a49d1f8e483d2aa019c9655789d3041bb6245bbb772251eaf2"
}