Server/cider: Unterschied zwischen den Versionen
< Server
Vater (Diskussion | Beiträge) KKeine Bearbeitungszusammenfassung |
Vater (Diskussion | Beiträge) KKeine Bearbeitungszusammenfassung |
||
Zeile 9: | Zeile 9: | ||
==== config nginx ==== | ==== config nginx ==== | ||
<source lang="bash">vi /etc/nginx/sites-available/default</source> | |||
<source lang="bash">cat /etc/nginx/sites-available/default</source> | |||
<pre> | <pre> | ||
server { | server { | ||
listen 80 default_server; | listen 80 default_server; | ||
Zeile 30: | Zeile 29: | ||
} | } | ||
} | } | ||
</pre> | |||
<source lang="bash">vi /etc/nginx/htpasswd</source> | |||
<source lang="bash">cat /et/nginx/htpasswd</source> | |||
<pre> | <pre> | ||
user:yoursavepassword | |||
</pre> | </pre> | ||
instead of plaintext password | |||
In addition we used <source lang="bash">openssl passwd -crypt yoursupersafepassword</source> instead of plaintext password. | |||
==== sharing2 conf ==== | ==== sharing2 conf ==== | ||
<source lang="bash">vi /path/to/sharing2/main.hs</source> | |||
<source lang="bash">cat /path/to/sharing2/main.hs</source> | |||
<pre> | <pre> | ||
main :: IO () | main :: IO () | ||
main = app >>= | main = app >>= | ||
Zeile 60: | Zeile 55: | ||
==== modify iptables ==== | ==== modify iptables ==== | ||
< | <source lang="bash">iptables -t filter -A INPUT ! -s 127.0.0.1 -p tcp --dport 8000 -j DROP</source> | ||
<source lang="bash">$ ip6tables -t filter -A INPUT ! -s ::1 -p tcp --dport 8000 -j DROP</source> | |||
$ ip6tables -t filter -A INPUT ! -s ::1 -p tcp --dport 8000 -j DROP | |||
</ | |||
== Na toll, aber wie ist der Zugang zu Cider nun? == | == Na toll, aber wie ist der Zugang zu Cider nun? == |
Version vom 4. Oktober 2013, 00:43 Uhr
SaferSharing
To avoid legal steps because you are hosting to everyone:
- get nginx with auth_base
- proxy around
- modify your fw a bit
config nginx
vi /etc/nginx/sites-available/default
cat /etc/nginx/sites-available/default
server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; root /usr/share/nginx/html; index index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; location / { auth_basic "Sharing is Caring"; auth_basic_user_file /etc/nginx/htpasswd; proxy_pass http://localhost:8000; proxy_buffering off; } }
vi /etc/nginx/htpasswd
cat /et/nginx/htpasswd
user:yoursavepassword
In addition we used
openssl passwd -crypt yoursupersafepassword
instead of plaintext password.
sharing2 conf
vi /path/to/sharing2/main.hs
cat /path/to/sharing2/main.hs
main :: IO () main = app >>= runSettings (defaultSettings { settingsHost = HostIPv6 , settingsPort = 8000 , ... })
modify iptables
iptables -t filter -A INPUT ! -s 127.0.0.1 -p tcp --dport 8000 -j DROP
$ ip6tables -t filter -A INPUT ! -s ::1 -p tcp --dport 8000 -j DROP
Na toll, aber wie ist der Zugang zu Cider nun?
wie auf allen anderen Maschinen auch