tldr, I used nginx! So since I have my VPS on anycasted IPs and I use ansible to deploy, I wanted to make 3 all servers nearly the same, minus their specific ‘mgmt’ public IPs, so moving squid to a new IP I wanted to use the standard https port but could NOT figure out a way to get squid Continue reading Squid bind specific IP Address (workaround)
Hey All, It’s been a while and I finally got around to updating my postfix cluster to send email over my OpenVPN tunnel with standard ports to my local zimbra server instead of using a non-standard port over the wan. While I was at it, I figured I’d trying pushing IPv6 and here’s how that went. A little backstory, my Zimbra Continue reading IPv6 OpenVPN Tunneling with Asus MerlinWRT and Postfix Smarthost over v6 Tunnels
The internet is the second source of opinions (first being Politicians). But what does that have to do with Technical Blogs? Recently I embarked on a security focused project of adding 2 Factor authentication to the some network authentication systems at work. A few google searches later and you’ll find a bunch of results for ‘How to configure Radius with Google Continue reading Not all technical blog posts are created equal.
HAProxy is offering some Free Aloha Pockets for Students & Interns for their Labs! I confess I did email them and hope they opt to send me a pair. In either case, over the next few weeks I’m going to test using haproxy instead of nginx as the frontend for my apache2 site. This must do HTTP/2, SSL and some headers Continue reading Next Steps, HAProxy!
So followup post, I was having some issues with http2 browser support since I was missing ALPN, so after a lot of trial and error, here’s what I ended up with. Partially followed https://fak3r.com/2015/09/29/howto-build-nginx-with-http-2-support/ with a few differences. I installed openssl1.0.2h from this ppa: https://launchpad.net/~ondrej/+archive/ubuntu/php And then used nginx 1.11.1 from http://nginx.org/download/ and also grabbed the headers-more-nginx-module-0.30 and ngx_pagespeed-master off Continue reading HTTP2 without ALPN is not quite HTTP2
So after a long debate I’ve decided to drop cloud-flare in lieu of HTTP/2 support. A few months ago I added Lets-encrypt my (3) MX Servers, https://jersey.jacobdevans.com for example, which means I also added Mutual-TLS Email support (yay security and encryption). Since that was going so well I decided to go with nginx as an SSL proxy and keep apache Continue reading SSL Everything