home.social

#project_kettle — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #project_kettle, aggregated by home.social.

fetched live
  1. dumb trick learned today: nginx uses error code 497 to mean "this looks like you accidentally sent an http request on the https port."

    you can configure the server to say "sure whatever" and serve the page anyway.

    # serve http and https over same port
    listen 8000 ssl;
    error_page 497 =200 $request_uri;

    https://serverfault.com/a/664936

    #project_kettle #programming #nginx #webserver

  2. dumb trick learned today: nginx uses error code 497 to mean "this looks like you accidentally sent an http request on the https port."

    you can configure the server to say "sure whatever" and serve the page anyway.

    # serve http and https over same port
    listen 8000 ssl;
    error_page 497 =200 $request_uri;

    https://serverfault.com/a/664936

    #project_kettle #programming #nginx #webserver

  3. @[email protected] im working on one right now! my draft from a few years ago is here: https://nycki.net/cookbook, and you can see my progress on the next version under the tag #project_kettle . its so hard to find beginner guides on this stuff!

  4. @[email protected] im working on one right now! my draft from a few years ago is here: https://nycki.net/cookbook, and you can see my progress on the next version under the tag #project_kettle . its so hard to find beginner guides on this stuff!

  5. okay so, problem, it appears there's no way to make sub-domains of a .local address??? like the spec literally says "don't do that" and avahi-daemon doesn't support it???

    so I guess if I want multiple sites available on the LAN then they each need to be running on a different port
    anyway and that means I do, in fact, need to do port number management.

    does anyone know of a way to pre-reserve a range of ports, like, say, everything between 1024 and 4096 or something, so that root can use them but normal users can't?

    #project_kettle #programming #question

  6. okay so, problem, it appears there's no way to make sub-domains of a .local address??? like the spec literally says "don't do that" and avahi-daemon doesn't support it???

    so I guess if I want multiple sites available on the LAN then they each need to be running on a different port
    anyway and that means I do, in fact, need to do port number management.

    does anyone know of a way to pre-reserve a range of ports, like, say, everything between 1024 and 4096 or something, so that root can use them but normal users can't?

    #project_kettle #programming #question

  7. one of the things im anticipating about using containers on a shared machine is that ill need to reserve enough ports for each user to publish stuff. unless its possible to run a container that publishes a website without binding any ports at all...? yep, this is possible using sockets! check it out:

    https://nycki.net/blog/31/

    #project_kettle #programming

  8. one of the things im anticipating about using containers on a shared machine is that ill need to reserve enough ports for each user to publish stuff. unless its possible to run a container that publishes a website without binding any ports at all...? yep, this is possible using sockets! check it out:

    https://nycki.net/blog/31/

    #project_kettle #programming

  9. i think im gonna call my self hosting project "kettle" after the name i use for my test server, "teapot".

    the goal of project kettle is to find a "sweet spot" for shared website hosting, with these priorities:

    1. Easy. Both to set up, and to maintain. I want the full install guide to fit in a zine, targeted at novice users.

    2. Ownership. I'd like to do as much as possible on a local machine, ideally a cheap one like a pi/potato.

    3. Communal. I want multiple users to be able to share the server, with real ssh access. "tilde" style websites are ideal but i can set up subdomains i guesssss.

    4. Privacy. Users should be allowed to hide files from each other and from the web.

    5. Freedom. I want to give users as much access as possible within the above constraints. In particular I'd like to let users run custom scripts behind their website, php or python or something.

    I originally figured "I'll just run LAMP, its tried and true" but I keep finding out that apparently security sucks and the solution is to bubble wrap everything?! "dont give users real filesystem access, put them in a fake root inside a virtual machine on an isolated network." all that bubbling violates goal 5 but more importantly it violates goal 1 because you'd need to configure so much junk.

    Has anyone here set up shared hosting before? How much security do I actually
    need, and is any of it easy to install?

    #website #infosec #project_kettle

  10. i think im gonna call my self hosting project "kettle" after the name i use for my test server, "teapot".

    the goal of project kettle is to find a "sweet spot" for shared website hosting, with these priorities:

    1. Easy. Both to set up, and to maintain. I want the full install guide to fit in a zine, targeted at novice users.

    2. Ownership. I'd like to do as much as possible on a local machine, ideally a cheap one like a pi/potato.

    3. Communal. I want multiple users to be able to share the server, with real ssh access. "tilde" style websites are ideal but i can set up subdomains i guesssss.

    4. Privacy. Users should be allowed to hide files from each other and from the web.

    5. Freedom. I want to give users as much access as possible within the above constraints. In particular I'd like to let users run custom scripts behind their website, php or python or something.

    I originally figured "I'll just run LAMP, its tried and true" but I keep finding out that apparently security sucks and the solution is to bubble wrap everything?! "dont give users real filesystem access, put them in a fake root inside a virtual machine on an isolated network." all that bubbling violates goal 5 but more importantly it violates goal 1 because you'd need to configure so much junk.

    Has anyone here set up shared hosting before? How much security do I actually
    need, and is any of it easy to install?

    #website #infosec #project_kettle