@flaxking said in Traefik Reverse Proxy:
Are you currently using it in production?
Not at work. I'm using it for projects outside of that though. My docker compose stack at home uses it.
stacksofplates
@stacksofplates
I pretend to do stuff with Linux.
3572
Reputation
6558
Posts
3836
Profile views
11
Followers
7
Following
Posts made by stacksofplates
-
RE: Traefik Reverse Proxyposted in IT Discussion
-
Traefik Reverse Proxyposted in IT Discussion
Traefik is a reverse proxy that integrates well with things like Docker, K8s, Consul, etcd, etc. However it has a nice file mode also. It's written in Go so it's a single static binary and doesn't need restarted with config changes. If your application has health checks, you can leverage those as well. You can get the binary from the releases page.
By default it looks for the config
traefik.tomlin/etc/traefik/,$HOME/.traefik, or the directory the executable is in. It's simple to set up. Here's the full file for a single backend:traefik.toml
defaultEntryPoints = ["http"] [entryPoints] [entryPoints.http] address = ":80" [file] [backends] [backends.backend1] [backends.backend1.servers.server1] url = "http://10.1.30.134" [frontends] [frontends.frontend1] backend = "backend1" passHostHeader = true [frontends.frontend1.routes.example] rule = "Host:staticpage.test.com"If you want to enable the dashboard, it would look like this:
defaultEntryPoints = ["http"] [entryPoints] [entryPoints.http] address = ":80" [api] entryPoint = "traefik" dashboard = true address = ":8080" [file] [backends] [backends.backend1] [backends.backend1.servers.server1] url = "http://10.1.30.134" [frontends] [frontends.frontend1] backend = "backend1" passHostHeader = true [frontends.frontend1.routes.example] rule = "Host:staticpage.test.com"Then visiting port 8080 gives you the dashboard:
-
RE: What Are You Doing Right Nowposted in Water Closet
I wrote another thing. The Alexa skill uses a Go application I wrote in AWS Lambda to get the data from the most recent topics of the site. It would have read the whole first page of topics, so I stopped early.
-
RE: WebAuthn now a standardposted in News
@Dashrender said in WebAuthn now a standard:
@stacksofplates said in WebAuthn now a standard:
@Dashrender said in WebAuthn now a standard:
@stacksofplates said in WebAuthn now a standard:
@scottalanmiller said in WebAuthn now a standard:
@Dashrender said in WebAuthn now a standard:
but how do you use a YubiKey on your phone?
That's exactly how I do it. You can also use the Yubiauth app on both the phone and Windows to hold OTP codes for stuff that doesn't support u2f.
So there's a way to export the private key out of the YubiKey? or the sites allows for multiple public keys?
Huh? You scan the QR code like you normally would but it stores it on the Yubikey instead. Then when you need the code you either tap it to your phone and it shows you all of the one time codes or you do it on your computer. Just like how Google authenticator works. For the u2f stuff, it works the same on Android as on your pc. The browser needs to support u2f and it does the challenge response.
I've never used a YubiKey - I assumed the private code inside the YubiKey was there and no where else.
It depends on the type of authentication.
-
RE: WebAuthn now a standardposted in News
@stacksofplates said in WebAuthn now a standard:
@Dashrender said in WebAuthn now a standard:
@stacksofplates said in WebAuthn now a standard:
@scottalanmiller said in WebAuthn now a standard:
@Dashrender said in WebAuthn now a standard:
but how do you use a YubiKey on your phone?
That's exactly how I do it. You can also use the Yubiauth app on both the phone and Windows to hold OTP codes for stuff that doesn't support u2f.
So there's a way to export the private key out of the YubiKey? or the sites allows for multiple public keys?
Huh? You scan the QR code like you normally would but it stores it on the Yubikey instead. Then when you need the code you either tap it to your phone and it shows you all of the one time codes or you do it on your computer. Just like how Google authenticator works. For the u2f stuff, it works the same on Android as on your pc. The browser needs to support u2f and it does the challenge response.
But you can use the Yubikeys for a ton of auth types. You can do static passwords, TOTP, HOTP, GPG, u2f, local challenge reponse (like with PAM), and still more I believe.
-
RE: WebAuthn now a standardposted in News
@Dashrender said in WebAuthn now a standard:
@stacksofplates said in WebAuthn now a standard:
@scottalanmiller said in WebAuthn now a standard:
@Dashrender said in WebAuthn now a standard:
but how do you use a YubiKey on your phone?
That's exactly how I do it. You can also use the Yubiauth app on both the phone and Windows to hold OTP codes for stuff that doesn't support u2f.
So there's a way to export the private key out of the YubiKey? or the sites allows for multiple public keys?
Huh? You scan the QR code like you normally would but it stores it on the Yubikey instead. Then when you need the code you either tap it to your phone and it shows you all of the one time codes or you do it on your computer. Just like how Google authenticator works. For the u2f stuff, it works the same on Android as on your pc. The browser needs to support u2f and it does the challenge response.
-
RE: WebAuthn now a standardposted in News
@scottalanmiller said in WebAuthn now a standard:
@Dashrender said in WebAuthn now a standard:
but how do you use a YubiKey on your phone?
That's exactly how I do it. You can also use the Yubiauth app on both the phone and Windows to hold OTP codes for stuff that doesn't support u2f.
-
RE: Virt-Manager on multiple pc'sposted in IT Discussion
@JaredBusch said in Virt-Manager on multiple pc's:
@FATeknollogee said in Virt-Manager on multiple pc's:
@scottalanmiller said in Virt-Manager on multiple pc's:
@FATeknollogee said in Virt-Manager on multiple pc's:
@Emad-R said in Virt-Manager on multiple pc's:
Hmm interesting work with 50 VMs on it, good job. Whats the specs of the hypervisor ?
Not 50 vm's, 50 hosts.
@FATeknollogee said in Virt-Manager on multiple pc's:
@Emad-R said in Virt-Manager on multiple pc's:
Hmm interesting work with 50 VMs on it, good job. Whats the specs of the hypervisor ?
Not 50 vm's, 50 hosts.
You have 50 virtualization platforms?
No, it was just an example to illustrate what a PITA it would be to enter xx number of connections everytime you have a new instance ot virt-manager.
I’m not seeing the issue here. Where would you be that would have that kind of infrastructure and no automation for SSH key authentication?
I think he's saying that if he had to replace his laptop he'd have to manually add those 50 connections back into Virt-Manager.
-
RE: Scale HyperCore 8.1 Releasedposted in Scale Legion
Can you reassign disks between VMs yet?
The hot add disks was a huge pain before. I couldn't believe I wasn't able to do that.
-
RE: Kvm network troubleshootingposted in IT Discussion
So looking at the interfaces it looks like enp4s0 was set up with an address. All of the VMs are macvtap interfaces on top of that nic for network access. Then libvirt created a virtual bridge for the default NAT network. If that's correct then you don't need to create a bridge or anything. Just tell the VM to use enp4s0 for networking and macvtap will auto set up the tun/tap device for access. You have no address on enp4s0 which is why I'm guessing you cant access the host.
If you can get into the VMs, you should be able to SSH to the virtual bridge (which is the host) if they have an interface on the NAT network.