Server/cider

Aus C3D2
Zur Navigation springen Zur Suche springen


SaferSharing

To avoid legal steps because you are hosting to everyone

  • get nginx with auth_base
  • proxy around
  • modify your fw a bit



config nginx

$ vi /etc/nginx/sites-available/default
$ cat /etc/nginx/sites-available/default

server {
   listen 80 default_server;
   listen [::]:80 default_server ipv6only=on;

   root /usr/share/nginx/html;
   index index.html index.htm;

   # Make site accessible from http://localhost/
   server_name localhost;

   location / {
       auth_basic               "Sharing is Caring";
       auth_basic_user_file     /etc/nginx/htpasswd;
       proxy_pass               http://localhost:8000;
       proxy_buffering          off;
   }
}

$ vi /etc/nginx/htpasswd
$ cat /et/nginx/htpasswd

user:yoursavepassword

in addtion we used:

$ openssl passwd -crypt yoursupersafepassword

instead of plaintext password

sharing2 conf

$ vi /path/to/sharing2/main.hs
$ cat /path/to/sharing2/main.hs


main :: IO ()
main = app >>=
       runSettings (defaultSettings
                   { settingsHost = HostIPv6
                   , settingsPort = 8000
                   , ...
                   })

modify iptables

$ iptables -t filter -A INPUT ! -s 127.0.0.1 -p tcp --dport 8000 -j REJECT
$ ip6tables -t filter -A INPUT ! -s ::1 -p tcp --dport 8000 -j REJECT

Na toll, aber wie ist der Zugang zu Cider nun?

wie auf allen anderen Maschinen auch