Nostr Web Client

Yeah. 😕 Been fighting that for days. Driving us all nuts.

this shit was why i finally bought a TLS certificate and modded my reverse proxy to let me fan out connections from it to wherever (mostly within the VPS, but also in my VPN)

https://github.com/mleku/realy/tree/dev/cmd/lerproxy

with that you can do it using lerproxy if you have a wildcard enabled to let you do subdomains, but i found that letsencrypt were really stingy with me adding new ones to the point where i was getting certificate errors like this that broke my stuff, so i paid some 90 or so to get a full year TLS wildcard certificate for mleku.dev and never see this problem anymore... i had to modify the reverse proxy to enable the use of custom domains though, it's not difficult to configure, just an environment variable with a comma separated list that specifies names to search for certificates

Reply to this note

Please Login to reply.

Discussion

Silberengel 1y ago

nostr:nprofile1qqsqxefne258ydmfgm2wfl02fsdqgs0d5wx29kweg9amxcqxew4t7kqpzamhxue69uhhyetvv9ujuurjd9kkzmpwdejhgtcppemhxue69uhkummn9ekx7mp0qy2hwumn8ghj7mn0wd68ytn00p68ytnyv4mz7tjlpwg maybe we should just do this.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

just should point out that if you can fan out things into paths you get around this problem, letsencrypt is not that bad if you are just using a fixed domain name

Silberengel 1y ago

That's true. Maybe we should just restructure.

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

i have no idea what servers you have running but i think subpaths is something my proxy doesn't do, i could be wrong... that would be a useful feature

ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

yeah, i'm gonna add this feature tho, damn

i wanted to make a rewriter at one point but this should be a lot easier

ChipTuner 1y ago

Yeah we can purchase a cert from our provider if we want to. Or we can move away from the wildcard cert.