reynir
1 follower · 7 following
Repositories
19
 Projects Packages Public activity Starred repositories
reynir commented on issue data.coop/ansible#117 2022-11-16 13:53:39 +00:00
Port 8080 shouldn't be exposed publicly

Ah, our nginx-proxy image is old. We probably don't have that change, then.

reynir commented on issue data.coop/ansible#117 2022-11-16 13:42:25 +00:00
Port 8080 shouldn't be exposed publicly

And besides, adding expose: 8080 made element.data.coop work again...

reynir commented on issue data.coop/ansible#117 2022-11-16 13:41:45 +00:00
Port 8080 shouldn't be exposed publicly

Maybe. That issue was not exactly about this, but it's there I learned about nginx-proxy and its expectations about EXPOSE.

reynir commented on issue data.coop/ansible#117 2022-11-16 13:37:34 +00:00
Port 8080 shouldn't be exposed publicly

The EXPOSE is necessary because it tells docker (and thus nginx-proxy) what ports the container is listening on. Nginx-proxy will otherwise treat the container as being down resulting in annoying…

reynir commented on issue data.coop/ansible#117 2022-11-16 13:35:50 +00:00
Port 8080 shouldn't be exposed publicly

It can also be confirmed on our host:

reynir@hevonen:~$ sudo netstat -tlnp
reynir closed issue data.coop/ansible#117 2022-11-16 13:35:04 +00:00
Port 8080 shouldn't be exposed publicly
reynir commented on issue data.coop/ansible#117 2022-11-16 13:35:03 +00:00
Port 8080 shouldn't be exposed publicly

expose doesn't expose the port publicly. It's like writing `EXPOSE…

reynir created pull request data.coop/ansible#116 2022-11-16 12:49:46 +00:00
Use become
reynir created branch become in data.coop/ansible 2022-11-16 12:49:37 +00:00
reynir pushed to become at data.coop/ansible 2022-11-16 12:49:37 +00:00
ead89f95fd Use become
reynir pushed to main at data.coop/ansible 2022-11-16 12:46:57 +00:00
a03263b1f5 riot/element: expose port 8080
reynir opened issue data.coop/ansible#115 2022-11-16 12:20:15 +00:00
{riot,element}.data.coop vhost
reynir opened issue data.coop/website#50 2022-11-15 09:23:42 +00:00
Gitea står som 'åben for alle'
reynir commented on pull request data.coop/ansible#107 2022-11-14 09:24:07 +00:00
Firewall (UFW)

Well, UDP is connectionless and doesn't know about requests and responses. The reply is sent to the sender on the sending port. It may be that the rule generated by ufw tracks the state and allows…

reynir deleted branch new-website-unipi from data.coop/ansible 2022-11-13 20:10:43 +00:00
reynir commented on pull request data.coop/ansible#107 2022-11-13 20:05:09 +00:00
Firewall (UFW)

Yes, but you need to listen for the response :-)

reynir opened issue data.coop/membersystem#20 2022-11-13 16:57:56 +00:00
Ticketing system
reynir commented on pull request data.coop/ansible#107 2022-11-13 16:44:28 +00:00
Firewall (UFW)

What does "omits the firewall" mean?

It means that if UFW denies port 80, but a Docker container exposes 80:80, it won't be blocked. This is due to Docker interacting with iptables/nft…

reynir commented on pull request data.coop/ansible#107 2022-11-13 16:00:30 +00:00
Firewall (UFW)

What does "omits the firewall" mean?

If we can undo the change and won't lock ourselves out I think we should try it.

reynir commented on pull request data.coop/ansible#107 2022-11-13 15:59:29 +00:00
Firewall (UFW)

Yes, I think it's only used internally. Whether we have configured things correctly to use internal networks is another question. I don't know all that much about LDAP, and especially regarding…