| Age | Commit message (Collapse) | Author |
|---|
|
- relayd: route www.snonux.foo to localhost for redirect, keep bare/standby on f3s_static_proxy
- httpd: www.snonux.foo returns 302 redirect to snonux.foo
- gogios: monitor pi0/pi1 via wg0.wan.buetow.org instead of lan.buetow.org
- AGENTS.md: document Pi lighttpd Host-based virtual hosting pattern
Amp-Thread-ID: https://ampcode.com/threads/T-019d7766-909d-741c-bcb9-1e1e931f1e1b
Co-authored-by: Amp <amp@ampcode.com>
|
|
- Add explicit httpd server blocks for f3s.buetow.org and *.f3s.buetow.org on port 8080
- These blocks serve /htdocs/f3s_fallback with request rewrite to /index.html
- Prevents httpd from falling back to blowfish.buetow.org's directory autoindex
- Now correctly shows fallback page for all f3s hosts when k3s cluster is unreachable
Amp-Thread-ID: https://ampcode.com/threads/T-019c00f6-c61d-772a-8fe2-dc0aee0a4ce2
Co-authored-by: Amp <amp@ampcode.com>
|
|
- Add all 18 f3s hosts to @acme_hosts for certificate issuance
- Skip standby certificate variants for f3s hosts (not needed for k3s cluster)
- Add port 80 ACME challenge blocks to httpd for all f3s hosts
- Add port 8080 fallback page blocks to httpd for f3s hosts (when cluster is down)
- Update relayd.conf.tpl to skip standby keypairs for f3s hosts
- Update acme-client.conf.tpl to skip standby certificates for f3s hosts
Fixes missing certificates on flux.f3s.buetow.org, anki.f3s.buetow.org, and other f3s services
|
|
|
|
- Add solarcat DNS records, httpd server block, and ACME host
- Re-enable Prometheus and WG0 ping notifications in gogios
- Remove paul.cyou from DNS zones
- Cleanup duplicate definitions in Rexfile
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
|
|
|
|
Added blowfish.buetow.org and fishfinger.buetow.org to @acme_hosts array
to ensure proper routing through relayd to localhost instead of falling
through to f3s cluster backends.
Changes:
- Rexfile: Add blowfish.buetow.org and fishfinger.buetow.org to @acme_hosts
- httpd.conf.tpl: Skip current server hostname in @acme_hosts loop to avoid
duplicate server blocks (already handled by dedicated "Current server's FQDN" block)
- relayd.conf.tpl: Skip both server hostnames in TLS keypair loop since each
server only has its own certificate (not the other server's cert)
This ensures relayd routes these hostnames to localhost:8080 where httpd
serves content from /htdocs/buetow.org/self including index.txt health checks.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
Configure OpenBSD relayd and httpd to serve a friendly fallback page
when the f3s Kubernetes cluster is unreachable.
Changes to relayd.conf.tpl:
- Reorder relay forward statements: f3s first, localhost as backup
- Remove protocol-level forward rules for f3s hosts to enable relay-level failover
- Add explicit localhost routing for non-f3s hosts
- Health checks on f3s table trigger automatic failover to localhost
Changes to httpd.conf.tpl:
- Add request rewrite directive to serve fallback page for ALL paths
- Prevents 404 errors for deep links like /login?redirect=/files/
- Ensures consistent fallback experience regardless of requested URL
When all f3s nodes fail health checks, traffic automatically routes to
localhost:8080 serving static fallback content from /var/www/htdocs/f3s_fallback.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for httpd
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
