[Libre-soc-bugs] [Bug 190] Setup Gitlab CI Runner for Kazan on a computer

bugzilla-daemon at libre-soc.org bugzilla-daemon at libre-soc.org
Fri May 27 05:28:01 BST 2022


https://bugs.libre-soc.org/show_bug.cgi?id=190

Jacob Lifshay <programmerjake at gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|CONFIRMED                   |IN_PROGRESS

--- Comment #64 from Jacob Lifshay <programmerjake at gmail.com> ---
I have another idea for setting up the proxy for the build server:
have the proxy be on https://libre-soc.org:8443/

this successfully achieves having a different origin (which is why I wanted
build.libre-soc.org).

that way it can just use the existing tls certificate for libre-soc.org.

since letsencrypt uses port 80 rather than 8443, that won't be an issue.

nginx config I used for testing (I used port 10443 because my server already
was using 8443 for something else):
server {
        listen 10443 ssl;
        listen [::]:10443 ssl;

        ssl_certificate /etc/letsencrypt/live/programmerjake.tk/fullchain.pem;
        ssl_certificate_key
/etc/letsencrypt/live/programmerjake.tk/privkey.pem;

        location / {
                proxy_pass http://jacob-build-server.programmerjake.tk/;
                proxy_set_header Host $host;
        }
}

modifying it for libre-soc.org:
/etc/nginx/sites-available/build
server {
        listen 8443 ssl;
        listen [::]:8443 ssl;

        ssl_certificate /path/to/libre-soc.org.crt;
        ssl_certificate_key /path/to/libre-soc.org.key;

        location / {
                proxy_pass http://10.6.0.7/;
                proxy_set_header Host $host;
        }
}

-- 
You are receiving this mail because:
You are on the CC list for the bug.


More information about the libre-soc-bugs mailing list