Hi 👋I change my setup today and add HAProxy and standalone configuration. Actually it is behind nginx for both, keys.dryusdan.net and gpg.4n0ny.me.
I check and found no problem (and logs don't report me any problem).In the futur I will drop nginx (but I need to learn and make an ansible playbook to setting HAProxy).
Nginx in place is not totally vanilla, I tweak it configuration ;) (details available in my playbook https://git.dryusdan.fr/Ansible/nginx )
Dryusdan Le 04/04/2024 à 11:54, Andrew Gallagher a écrit :
On 31 Mar 2024, at 21:25, William Hay <w...@dumain.com> wrote:Do you have protections against flooding attacks in place on your keyservers(appropriately configured rate limiting proxy)?Hi, guys. According to the spider at https://spider.pgpkeys.eu/sks-peers, keys.dryusdan.net and gpg.4n0ny.me appear to be using a vanilla nginx reverse proxy. Can we please confirm whether haproxy is installed as a shim? If not, we should refrain from peering until this is in place and tested. Thanks, A
OpenPGP_0xEC1438DDE24E27D7.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
