Hi Roman.
Am 02.12.2013 10:15, schrieb Roman Pavlik:
> Simon,
> I did the same configuration just two day ago and it works like a
> charm. But the proxy module of lighttd was used. You can do it by this
> way:
>
> * in *modules.conf* uncomment line, where proxy-modul configuration
> is loaded:
>
> include "conf.d/proxy.conf"
>
> * open conf.d/proxy.conf and write your configuration:
>
> # for IPv4
> $SERVER["socket"] == "87.106.189.5:11371" {
> proxy.server = ( "" => ( ( "host" => "127.0.0.1", "port" => 11371 )))
> setenv.add-response-header = ( "Via" => "1.1 keys.s-l-c.biz:11371
> (lighttpd)" )
> accesslog.filename = "/var/log/lighttpd" # logging disabled; you
> can specify the log file here if you like
> }
>
> * comment out your redirect configuration, describe in your mail
> * restart lighttpd
>
>
> Hope, this help.
Thanks but it WONT help. Seems you didnt read my mail, because you just
suggested EXACTLY the configuration i am using! And as i also wrote: No,
it does NOT work anymore for gpg which is a major fail, since thats why
we run the servers.
> Regards,
> --
> Roman Pavlik
best regards
Simon
>
>
>
>
>
>
>
> Simon Lange pís(e v Po 02. 12. 2013 v 09:08 +0100:
>> Hi all,
>>
>> sks running fine.
>>
>> but
>>
>> if u put it behind a lighttpd reverse proxy for ports 11370 and 11371 it
>> wont work anymore.
>> 11370 (recon) isnt operational anymore. communication is broken.
>> connection establishes but the communication itself does not work. sks
>> and company do not understand eachother anymore if a lighttpd reverse
>> proxy is between them.
>> 11371 almost same. gpg client does not work anymore. a keysearch with
>> gpg wont find ANYTHING anymore as long the lighttpd reverse proxy is
>> between. only via browser (firefox, chrome, IE, ...) it works. same for
>> 443 reverseproxy to 11371.
>> sks without any reverse proxy for ports 11370 and 11371 works perfectly.
>> gpg finds everything again and recon runs as it always did.
>>
>> for me it seems just proxying the connection through lighttpd seems not
>> be enough for gpg or sks(recon). so what is it that gpg/sks got a
>> problem with?
>> the lighttpd reverse proxy is correctly configured. every connection to
>> that ports is proxied to the daemon running on 127.0.0.1
>>
>> any ideas?
>>
>> some information:
>> sks 1.1.4
>> lighttpd 1.4.30
>> http://keys.s-l-c.biz:11371/pks/lookup?op=stats
>> you can see the recon gap on dec 1st 2013. this happened when the recon
>> port was behind reverse proxy.
>> 11371 is currently behind reverseproxy. its reachable also via :80 and
>> :443 with hostname keys.s-l-c.biz
>>
>> configuration snippet (lighttpd):
>> server.reject-expect-100-with-417 = "disable"
>> $SERVER["socket"] == "87.106.189.5:11371" {
>> server.name = "keys.s-l-c.biz"
>> accesslog.filename =
>> "/var/log/lighttpd/keys.s-l-c.biz-access-11371.log"
>> proxy.server = ( "" => (( "host" => "127.0.0.1", "port" => 11371
>> ) ) )
>> setenv.add-response-header = ( "Via" => "1.1
>> keys.s-l-c.biz:11371 (lighttpd)" )
>> }
>>
>> #same configuration i tried for 11370 (ofcourse with changed ports).
>>
>> any help is welcome
>>
>> regards
>>
>> Simon
>>
>
>
>
> _______________________________________________
> Sks-devel mailing list
> Sks-devel@nongnu.org
> https://lists.nongnu.org/mailman/listinfo/sks-devel
--
________________________________________________________
Simon Lange Consulting - Gaudystr. 6 - DE-10437 Berlin
Telefon: +49(0)30/89757206 Mobil: +49(0)151/22640160
----------------------------------------http://s-l-c.biz
_______________________________________________
Sks-devel mailing list
Sks-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/sks-devel
