I never got the email either so I’m curious too. I’ll save this post.
I never got the email either so I’m curious too. I’ll save this post.
Thanks. I might check it out again. It’s been over a decade since I’ve used it.
Does that include raster editing? I liked KritasUI but I’m not an artist.
Typically the ones advertised as “tested” or “working” have only had the player tested. Not the record functionality.
My MD players still play but no longer record. I can’t find anyone in my country to repair / replace the record head.
Thank you again for the response. The summary is very helpful too.
It looks like I don’t need the reverse proxy, since the sensitive services* support authentication and HTTPS.
I would need the lighttpd service to be available over unsecured HTTP too, but if that’s not possible I could always use a different subdomain.
That is such a clear explanation and makes a lot of sense, thank you again.
Since the services I’m interested in serving are authenticated then it sounds like HTTPS is what I need (which is what originally made the most sense to me). That’s a relief. I just need to figure out how to have separate HTTP and HTTPS services hosted from the one ARM service.
Thanks! Is the point of reverse-proxying your public-facing services to make them private?
I have a general idea. I appreciate the info :). I’ve made a point of having nothing sensitive in the contents or the requests (I don’t have any forms, for example. It’s all static pages).
Thank you for the very informative reply.
The HTTP and Gemini services are for vintage clients, but I would like the reverse proxy to keep my media collection private (and maybe SSH and SMB too). So I’m serving to modern clients in the case of reverse proxy. I was told that port forwarding is no longer considered secure enough and that if my media gets publicly exposed I could be liable for damages to license holders.
Linux running HTTP and Gemini servers. This is fine from home using port forwarding and afraid.org’s dynamic DNS.
They’re lightweight sites that exist to be accessed by vintage computers which aren’t powerful enough to run SSL.
That’s reassuring. Thanks, I was struggling with the concept and where to start but I should be fine now since I’m handy enough with a terminal.
Wonderful. Thank you!
Thanks, that’s a great explanation. I’m looking forward to being able to SSH in without port forwarding.
So those ports that I don’t put in the config remain publicly accessible? That would be perfect.
Thanks. You’re right about Navidrome supporting authentication. I’m using HTTP instead of HTTPS, though. I was advised to use a reverse proxy to avoid potential legal issues.
The standard is that everything gets captured by the proxy? I want to leave the HTTP and Gemini servers public. I also want those and SMB to remain accessible on the LAN.
Thank you so much. That clears up all my doubts. I’m running an ARM server ok the lan with port forwarding for HTTP (80) Gemini (1965) and SMB (not forwarded).
I made a typo in my original question: I was afraid of taking the services offline, not online.
I’m planning on porting my Wordpress site to this. I haven’t used it yet but based on what I’ve read it will be easier than Hugo.