Nils Goroll 🕊️:varnishcache:<p><span class="h-card" translate="no"><a href="https://toot.community/@jorijn" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jorijn</span></a></span> <span class="h-card" translate="no"><a href="https://floss.social/@monospace" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>monospace</span></a></span> i did also use nginx and have no hard arguments against it besides "project governance" maybe. but a relevant benefit of using <a href="https://fosstodon.org/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> in tcp mode is to avoid any double processing of http, which otherwise is prone to desync bugs. tcp mode simply adds/removes the tls pipe, nothing more, nothing less. all the http processing remains in <a href="https://fosstodon.org/tags/varnishcache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>varnishcache</span></a> only.</p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
244active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#haproxy
0 posts · 0 participants · 0 posts today
Nils Goroll 🕊️:varnishcache:<p><span class="h-card" translate="no"><a href="https://toot.community/@jorijn" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jorijn</span></a></span> yes, as of today, the recommended way is to use <a href="https://fosstodon.org/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> as a combined tls onloader/offloader with the PROXY2 protocol such that haproxy has "zero" configuration: see <a href="http://varnish-cache.org/docs/trunk/users-guide/vcl-backends.html#connecting-through-a-proxy" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">varnish-cache.org/docs/trunk/u</span><span class="invisible">sers-guide/vcl-backends.html#connecting-through-a-proxy</span></a> and .via in <a href="http://varnish-cache.org/docs/trunk/reference/vcl-backend.html#vcl-backend-7" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">varnish-cache.org/docs/trunk/r</span><span class="invisible">eference/vcl-backend.html#vcl-backend-7</span></a><br>this also works with dns: <a href="https://github.com/nigoroll/libvmod-dynamic/blob/master/src/vmod_dynamic.vcc" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/nigoroll/libvmod-dy</span><span class="invisible">namic/blob/master/src/vmod_dynamic.vcc</span></a></p><p>that said, we will do something about this eventually <a href="https://fosstodon.org/tags/varnishcache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>varnishcache</span></a></p>
Mike Tobias<p>Did a quick writeup of how I use <a href="https://infosec.exchange/tags/anubis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>anubis</span></a> behind <a href="https://infosec.exchange/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> in my <a href="https://infosec.exchange/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>homelab</span></a>.</p><p><a href="https://mktbs.net/blog/2025/05/19/running-anubis-behind-haproxy/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mktbs.net/blog/2025/05/19/runn</span><span class="invisible">ing-anubis-behind-haproxy/</span></a></p><p>Thanks to <span class="h-card" translate="no"><a href="https://pony.social/@cadey" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>cadey</span></a></span> for the project. Support them!</p>
Matt "msw" Wilson<p>“AWS-LC looks like a very active project with a strong community. […] Even the recently reported performance issue was quickly fixed and released with the next version. […] This is definitely a library that anyone interested in the topic should monitor.”</p><p><a href="https://mstdn.social/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSL</span></a> <a href="https://mstdn.social/tags/BoringSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BoringSSL</span></a> <a href="https://mstdn.social/tags/WolfSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WolfSSL</span></a> <a href="https://mstdn.social/tags/AWSLC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AWSLC</span></a> <a href="https://mstdn.social/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> <a href="https://mstdn.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> <a href="https://mstdn.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FreeSoftware</span></a> <a href="https://mstdn.social/tags/FOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FOSS</span></a> <a href="https://mstdn.social/tags/OSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OSS</span></a> <a href="https://mstdn.social/tags/TLS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLS</span></a> <a href="https://mstdn.social/tags/QUIC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>QUIC</span></a><br><a href="https://www.haproxy.com/blog/state-of-ssl-stacks" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">haproxy.com/blog/state-of-ssl-</span><span class="invisible">stacks</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://chaos.social/@f4grx" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>f4grx</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@nixCraft" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>nixCraft</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@torproject" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>torproject</span></a></span> not really.</p><ol><li><a href="https://infosec.space/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>aws</span></a> has pretty chunky blocks like /14.</li><li>They don't use <a href="https://infosec.space/tags/IPv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IPv6</span></a>, only <a href="https://infosec.space/tags/IPv4" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IPv4</span></a>.</li><li>Blocking entrie <a href="https://infosec.space/tags/ASN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ASN</span></a>|s is easy.</li></ol><p>I do this with <a href="https://infosec.space/tags/pfSense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pfSense</span></a> & <a href="https://infosec.space/tags/pfBlockerNG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pfBlockerNG</span></a> for quite a while…</p><p>And the same <a href="https://infosec.space/tags/blocklist" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blocklist</span></a> also works for other applications like <a href="https://infosec.space/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a>, <a href="https://infosec.space/tags/HAproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAproxy</span></a>, <a href="https://infosec.space/tags/httpd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>httpd</span></a>, etc.</p>
Stefano MarinelliGoing on with <a href="https://fedihome.stefanomarinelli.it?t=haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#haproxy</a> in front of <a href="https://fedihome.stefanomarinelli.it?t=snac2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#snac2</a> - I've just tested an interesting caching for json response. This will surely help instances like FediMeteo. It's not struggling, but I love optimizing stuff!<br>
Stefano Marinelli<p>Question: Nginx or HAProxy as a reverse proxy? I’ve tested both. In some cases, I still need nginx, while in others, after a closer look, it’s not necessary. <br>Performance, etc. <br>Opinions from those who use/have used both?</p><p><a href="https://mastodon.bsd.cafe/tags/nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>nginx</span></a> <a href="https://mastodon.bsd.cafe/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> <a href="https://mastodon.bsd.cafe/tags/reverseproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>reverseproxy</span></a> <a href="https://mastodon.bsd.cafe/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>IT</span></a> <a href="https://mastodon.bsd.cafe/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SysAdmin</span></a></p>
ScriptFanix ❤️ ⏚ ⸫<p>The above applies if the client reports "NS_PARTIAL_TRANSFER" and the stream state at disconnection reported by <a href="https://maly.io/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> is "cD"</p><p>Stream state at disconnection: <a href="http://docs.haproxy.org/3.0/configuration.html#8.5" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">http://</span><span class="ellipsis">docs.haproxy.org/3.0/configura</span><span class="invisible">tion.html#8.5</span></a></p>
ScriptFanix ❤️ ⏚ ⸫<p>random <a href="https://maly.io/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> tip:</p><p>"My app has an endpoint that streams data for a long time, and my clients keep getting disconnected". They're probably disconnected because, when data is streaming, HAProxy doesn't hear back from the client. You need to increase "timeout client", but you probably don't want to do that site-wide. Set a timeout specific to that endpoint:<br>http-request set-timeout client 2h if { path -m beg /index.php/apps/music/api/ }</p>
Kushal Das :python: :tor:<p>Who are the <a href="https://toots.dgplug.org/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> experts in my timeline?</p>
Kushal Das :python: :tor:<p>Not reading the <a href="https://toots.dgplug.org/tags/limitations" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>limitations</span></a> of <a href="https://toots.dgplug.org/tags/cache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cache</span></a> in <a href="https://toots.dgplug.org/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> was a mistake <a href="https://www.haproxy.com/documentation/haproxy-configuration-manual/latest/#6.1" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">haproxy.com/documentation/hapr</span><span class="invisible">oxy-configuration-manual/latest/#6.1</span></a> Should have read the documentation first.</p>
daniel:// stenberg://<p><a href="https://mastodon.social/tags/openssl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssl</span></a> 3 does not seem to perform very well against the competition, as Willy of <a href="https://mastodon.social/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> fame details here: <a href="https://github.com/haproxy/haproxy/issues/2454#issuecomment-2353243899" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/haproxy/haproxy/iss</span><span class="invisible">ues/2454#issuecomment-2353243899</span></a></p>
ij<p>When I want to use <a href="https://nerdculture.de/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> on <a href="https://nerdculture.de/tags/pfsense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pfsense</span></a> to access one of my Mastodon instances, I get this error: </p><p>400 Bad Request<br>The plain HTTP request was sent to HTTPS port<br>nginx/1.22.1</p><p><a href="https://nerdculture.de/tags/Nginx" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Nginx</span></a> is configured to listen on https, haproxy is configured to forward to https with ssl enabled and accessing the website is done in browser by using https. </p><p>I have no idea why nginx thinks that the access is done by plan http... </p><p>Any ideas, dear <a href="https://nerdculture.de/tags/followerpower" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>followerpower</span></a>?</p>
ScriptFanix ❤️ ⏚ ⸫<p><a href="https://maly.io/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>introduction</span></a><br>Moi c'est ScriptFanix, je suis passionné par l'informatique, et par un grand coup de chance j'ai pu en faire mon métier. J'ai passé plus de 10 ans en tant qu'<a href="https://maly.io/tags/adminsys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>adminsys</span></a>, mais maintenant je suis ingénieur support chez <a href="https://maly.io/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> Technologies. Du coup maintenant j'aide les adminsys ! </p><p>Je fais aussi de la musique (<a href="https://maly.io/tags/Techno" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Techno</span></a>, <a href="https://maly.io/tags/Dubstep" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dubstep</span></a>): <a href="https://djblackred.bandcamp.com" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">djblackred.bandcamp.com</span><span class="invisible"></span></a> et <a href="https://music.scriptfanix.fr/channels/psylodrumean/episodes" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">music.scriptfanix.fr/channels/</span><span class="invisible">psylodrumean/episodes</span></a></p><p>Ha et aussi, je suis <a href="https://maly.io/tags/ActuallyAutistic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActuallyAutistic</span></a>, diagnostiqué début 2023.</p>
Jeff<p><span class="h-card"><a href="https://toot.thedoodleproject.net/@derek" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>derek</span></a></span> Ah, yes, same here on the <a href="https://fenetre.dev/tags/NGINX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGINX</span></a> front. That or <a href="https://fenetre.dev/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a> or <a href="https://fenetre.dev/tags/Apache" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Apache</span></a>.. I have yet to find the right place to use <a href="https://fenetre.dev/tags/Traefik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Traefik</span></a> in lieu of the others. Same for service mesh in general.</p>
Jeff<p><span class="h-card"><a href="https://mastodon.tech/users/y3mz" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>y3mz</span></a></span> <span class="h-card"><a href="https://bsd.network/@lattera" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lattera</span></a></span> </p><p>I really like <a href="https://fenetre.dev/tags/pfSense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>pfSense</span></a> over the <a href="https://fenetre.dev/tags/UDMPRO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UDMPRO</span></a> but I admit I'm not a firewall expert and still have more to learn. I do have <a href="https://fenetre.dev/tags/tailscale" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tailscale</span></a> setup on my pfSense VM and use it as VPN to get back into my network while I'm remote. It's pretty nice. </p><p>I hadn't considered a vps with a proxy that forwards to my home network via Tailscale. That's a good idea. I use <a href="https://fenetre.dev/tags/NGINX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NGINX</span></a> , <a href="https://fenetre.dev/tags/HAProxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HAProxy</span></a>, and <a href="https://fenetre.dev/tags/varnish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>varnish</span></a> a lot.</p><p>No, I haven't met <span class="h-card"><a href="https://bsd.network/@lattera" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>lattera</span></a></span> - nice to meet you. I like <a href="https://fenetre.dev/tags/BSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BSD</span></a> but prefer <a href="https://fenetre.dev/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a>.</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload