Updating a Tiny Tiny RSS install behind a reverse proxy

Screenshot of my Tiny Tiny RSS install on May 7th 2024 after a long struggle with 502 errors. I had a hard time when trying to update my Tiny Tiny RSS instance running as Docker container behind Nginx as reverse proxy. I experienced a lot of nasty 502 errors because the container did not return proper data to Nginx. I fixed it in the following manner: First I deleted all the containers and images. I did it with docker rm -vf $(docker ps -aq) docker rmi -f $(docker images -aq) docker system prune -af Attention! This deletes all Docker images! Even those not related to Tiny Tiny RSS. No problem in my case. It only keeps the persistent volumes. If you want to keep other images you have to remove the Tiny Tiny RSS ones separately. The second issue is simple and not really one for me. The Tiny Tiny RSS docs still call Docker Compose with a hyphen: $ docker-compose version. This is not valid for up-to-date installs where the hyphen has to be omitted: $ docker compose version. The third and biggest issue is that the Git Tiny Tiny RSS repository for Docker Compose does not exist anymore. The files have to to be pulled from the master branch of the main repository https://git.tt-rss.org/fox/tt-rss.git/. The docker-compose.yml has to be changed afterwards since the one in the repository is for development purposes only. The PostgreSQL database is located in a persistent volume. It is not possible to install a newer PostgreSQL version over it. Therefore you have to edit the docker-compose.yml and change the database image image: postgres:15-alpine to image: postgres:12-alpine. And then the data in the PostgreSQL volume were owned by a user named 70. Change it to root. Now my Tiny Tiny RSS runs again as expected. Read the full article

看看網頁版全文 ⇨ 用Docker建置具備HTTPS的NGINX反向代理伺服器：docker-HTTPS-Reverse-Proxy / Build a NGINX Reverse Proxy with HTTPS in Docker: docker-HTTPS-Reverse-Proxy https://blog.pulipuli.info/2023/04/blog-post_10.html 直接設定NGINX實在是太複雜了，那我們用Docker把複雜的內容都包裝起來，只追求最簡單的設定即可。 ---- # docker-HTTPS-Reverse-Proxy。 https://github.com/pulipulichen/docker-HTTPS-Reverse-Proxy。 docker-HTTPS-Reverse-Proxy是我為了將NGINX建置成理想的反向代理伺服器所開發的專案。 其主要的特點有：。 - 反向代理伺服器 (reverse proxy)：在後端伺服器(backend)前面架設一層緩衝伺服器使用。 - 負載平衡 (loaidng balancing)：如果設定多個後端伺服器，則流量會自動分配給它們使用。 - 自動快取與壓縮：大部分靜態資源，例如JavaScript、CSS、圖片、聲音與影片，都會被自動快取和壓縮。 - 隱藏伺服器資訊：Server、X-Powered-By等標頭會被自動移除。錯誤訊息的網頁也被簡化，讓人完全看不出這是什麼伺服器。 - 流量限制：避免DDoS攻擊。 - SSL憑證：分析後端伺服器的設定，使用certbot申請憑證並且安裝，每30天進行更新，一切全自動。 - 虛擬主機：根據域名判斷後端伺服器。 # 環境 / Environment docker-HTTPS-Reverse-Proxy是以Docker為主。 下載檔案需要用到git。 部分腳本使用了只能在Linux運作的bash。 最難克服的應該只有Docker引擎的部分。 關於Docker的安裝，請看Install Docker Engine。 除了Docker引擎之外，還需要安裝docker-compose，詳細請看「Install the Compose standalone」。 # 使用方法 / Usage 首先我們要將docker-HTTPS-Reverse-Proxy用git複製到本地端：。 [Code...] 再來是複製./conf/backends.sample.yml為./conf/backends.yml，然後修改它。 [Code...] https://github.com/pulipulichen/docker-HTTPS-Reverse-Proxy/blob/main/conf/backends.sample.yml。 backends.yml是以YAML的格式撰寫。 ---- 繼續閱讀 ⇨ 用Docker建置具備HTTPS的NGINX反向代理伺服器：docker-HTTPS-Reverse-Proxy / Build a NGINX Reverse Proxy with HTTPS in Docker: docker-HTTPS-Reverse-Proxy https://blog.pulipuli.info/2023/04/blog-post_10.html

#純靠北工程師851

----------

一個網站背後有幾十幾百個小型模組是正常現象。 正常狀況是用ReverseProxy把各模組串接起來， 對外都是同一個網址，內部幾十個小模組彼此呼叫。 技術經理：ReverseProxy是甚麼，我們全部寫同一個APP就好啦~ 老兄，我們有幾百個頁面耶，說好的模組化嘞。 CICD很厲害，但是客戶是內網隔絕環境， 但到現在套件相關的問題是提都沒提過。 就不要到時候上線前後才在那邊求客戶開外網...

----------

💖 純靠北工程師 官方 Discord 歡迎在這找到你的同溫層！

👉 https://discord.gg/tPhnrs2

----------

💖 全平台留言、文章詳細內容

👉 https://init.engineer/cards/show/10549

Setup #nginx and remove the #server #headres with your own custom #headers. Checkout how. 

A proxy lets you go online under a different IP address identity. You don’t change your Internet provider; you simply go online and search for “free proxies” or “list of proxies” and you will get several websites that provide lists of free proxies. A reverse proxy is a server that sits in front of web servers and forwards client requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability. In order to better understand how a reverse proxy works and the benefits it can provide, let’s first define what a proxy server is.Read full post by @_s_ujan at blogue.tech #programming #coding #networking #security #proxy #reverseproxy #devlife https://www.instagram.com/p/CKrD2wygcSJ/?igshid=NGJjMDIxMWI=

If you’ve ever been part of a school, company, or other similar organization, you’ve likely used a web proxy server. But what does “proxy” even mean? In this article, we define proxy servers, explain how web proxies work, and, most important, show you exactly what you can and cannot expect from proxies in terms of online privacy and security.]

CORSflare - Free Reverse Proxy to bypass same-origin restrictions

CORSflare is a reverse proxy written in JavaScript that can be used to bypass most common Cross-Origin Resource Sharing restrictions, such as the errors that prevent to embed an external web page within a IFRAME element: Refused to display in a frame because it is set 'X-Frame-Options' to 'SAMEORIGIN' Or those preventing JavaScript  AJAX requests (XMLHttpRequest, Fetch API and so on) to send and/or retrieve data to external websites: XMLHttpRequest cannot load . Origin is not allowed by Access-Control-Allow-Origin ... And so on. The proxy has been designed to run within a Cloudflare Worker, which is freely available for up to 100.000 requests per day; this basically means that you can use this proxy to put any external web page within a element, and/or call a external API via AJAX, and/or to bypass any common CORS restriction without spending a penny,  assuming you don't have enterprise-grade service level requirements. Wait a minute... what is CORS? If you've stumbled upon this project there's a high chance you already know what CORS actually is and why you need to bypass such policies: if that's the case, just skip this section and go ahead. In the unlikely case you don't, just know that Cross-Origin Resource Sharing (CORS) is a mechanism that uses additional HTTP headers to tell browsers to give a web application running at one origin, access to selected resources from a different origin. Read the full article

All you need to know about IP address and reverse to get SEO benefits. https://www.getseofix.com/seo-course/ip-reverse-proxy

YaCy's Docker image behind Nginx as reverse proxy

YaCy is a peer-to-peer search engine. Every peer sets up his own client and is able to crawl and index websites. Searches are carried out by contacting all known peers and cumulating their returns. It is not necessary to have a web server for that. You may well install YaCy on your office computer but of course it only works as long as it is connected to the internet. A long time ago I maintained a YaCy peer on my web server. Later I lost interest because there were (and still are) too less peers online to be a reasonable alternative to Google. Usually only a few hundred concurrently. But to flatter my vanity I now decided to set up my own peer again mainly to introduce several websites I am part of the admin team. Main issue now was that my webserver employs Nginx as reverse proxy and I do not want to expose additional ports to the internet (YaCy's default ports are 8090 and 8443). Good luck, due to the Docker image the install procedure proved fairly easy! Both Nginx and YaCy need the default settings only! In order to use Nginx as reverse proxy its configuration needs to contain some special commands. My default proxy_params file is longer than its pendant in the Nginx GitHub repository: proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; client_max_body_size 100M; client_body_buffer_size 1m; proxy_intercept_errors on; proxy_buffering on; proxy_buffer_size 128k; proxy_buffers 256 16k; proxy_busy_buffers_size 256k; proxy_temp_file_write_size 256k; proxy_max_temp_file_size 0; proxy_read_timeout 300; This proved good enough. Installing YaCy from Docker requires only two comands (head over to this particular site to learn how to backup and update your instance): docker pull yacy/yacy_search_server:latest docker run -d --name yacy_search_server -p 8090:8090 -p 8443:8443 -v yacy_search_server_data:/opt/yacy_search_server/DATA --restart unless-stopped --log-opt max-size=200m --log-opt max-file=2 -e YACY_NETWORK_UNIT_AGENT=mypeername yacy/yacy_search_server:latest We do not need settings for TLS in YaCy since this is done bx Nginx (employing Let's Encrypt in this case). Since YaCy's internal links are all relative, we can proxy the localhost without caring for host name and protocol schemen. The following Nginx server is fully operational: server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name my.host.name; root /var/www/my.host.name; index index.html index.htm default.html default.htm; location / { proxy_pass http://127.0.0.1:8090; include /etc/nginx/proxy_params; } access_log /var/log/nginx/my.host.name_access.log; error_log /var/log/nginx/my.host.name_error.log; ssl_certificate /etc/letsencrypt/live/my.host.name/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/my.host.name/privkey.pem; # managed by Certbot } Head over to my search interface. But attention: there is an extended blacklist excluding pseudo science, extremist politics, conspiracy theories and so on (mainly German sites). Use another YaCy instance to get the same search without my exclusions.

Read the full article

看看網頁版全文 ⇨ NGINX作為反向代理伺服器的規劃 / Building a Reverse Proxy with NGINX https://blog.pulipuli.info/2023/04/blog-post_238.html 我希望NGNIX不僅是反向代理伺服器，也能夠成為保護其他伺服器的防火牆，還是提高網頁服務效率的加速器。 ---- # 建構規劃 / Planning (圖片來源：Wikipedia) 反向代理伺服器可說是NGINX最主要的功能之一。 但要建構一個好的反向代理伺服器，可不只單純的從後端拉資料的「proxy_pass」這麼簡單。 這邊我只打算簡單地整理一下到目前為止的構思，並附上相關的參考資源。 主要是拓展大家對於NGINX可以負責工作的想象。 大致上整體規劃包含了五個層面： 1. 反向代理 2. 負載平衡 3. 隱藏伺服器資訊 4. 流量限制 5. 提高效率 接下來就讓我們一個一個來看。 ---- # 反向代理 / Reverse proxy。 https://www.programonaut.com/setup-ssl-with-docker-nginx-and-lets-encrypt/。 第一個部分當然就是的反向代理伺服器的職責。 一開始我是參考了「Setup SSL with Docker, NGINX and Lets Encrypt」這篇的做法。 作者對NGINX的要求很簡單，真的只有反向代理伺服器的proxy_pass而已。 http://nginx.org/en/docs/http/request_processing.html。 接著我們要讓反向代理伺服器支援虛擬主機(VirtualHost)的功能。 根據使用者連入的主機名稱，NGINX判斷要連到那個後端伺服器。 這個設定主要是用「server_name」完成。 server_name的形式支援了精確域名、正規表達式、以及星號的通用匹配符號，詳情請看「Nginx的server_name和location配置」的介紹。 除了已經設定好的虛擬主機之外，如果其他人用IP連線，我會直接回傳404。 不過這方法沒辦法阻止用IP連到HTTPS，暫時想不到解決方案。 https://ithelp.ithome.com.tw/articles/10280840?sc=iThelpR。 如果加入了反向代理伺服器，那後端伺服器的所有流量，都會被視為是從反向代理伺服器NGINX連入的結果。 為了讓流量的真實狀況傳遞給後端的伺服器，我們需要加上以下四個設定：。 ---- 繼續閱讀 ⇨ NGINX作為反向代理伺服器的規劃 / Building a Reverse Proxy with NGINX https://blog.pulipuli.info/2023/04/blog-post_238.html

In this tutorial, we will learn how to setup Nginx Reverse Proxy. but first, let's discuss in brief what a Reverse Proxy is & why do we need it?

Reverse Proxy

A reverse proxy is a server that takes the requests (HTTP/HTTPS) & then transfers or distributes them to the backend server. The backend server can be an application server like Tomcat, wildfly or Jenkins, etc or it can even be another web server like Apache.

But why do we even need a reverse proxy in front of the app or web server at all, we need it because,

1- It hides point of origin, thus making our backend server more secure & less susceptible to attacks,

2- Since the reverse proxy is the first point of contact for all requests, it can help encrypt/decrypt the request. This takes the load off from the backend server,

3- It can also be used for caching of content, which again reduces the load from other servers,

4- it can also act as a load-balancer.

We have already discussed how we can configure Apache Web Server as reverse proxy, now let’s talk about how we configure an Nginx reverse proxy.

Getting Around the IPv4 Shortage