From b2503df8d43ae70a87584f824d819f9461eb3ee7 Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Tue, 6 Jan 2026 23:22:37 +0200 Subject: Fix 404 errors for blowfish/fishfinger index.txt URLs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added blowfish.buetow.org and fishfinger.buetow.org to @acme_hosts array to ensure proper routing through relayd to localhost instead of falling through to f3s cluster backends. Changes: - Rexfile: Add blowfish.buetow.org and fishfinger.buetow.org to @acme_hosts - httpd.conf.tpl: Skip current server hostname in @acme_hosts loop to avoid duplicate server blocks (already handled by dedicated "Current server's FQDN" block) - relayd.conf.tpl: Skip both server hostnames in TLS keypair loop since each server only has its own certificate (not the other server's cert) This ensures relayd routes these hostnames to localhost:8080 where httpd serves content from /htdocs/buetow.org/self including index.txt health checks. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Sonnet 4.5 --- frontends/Rexfile | 2 +- frontends/etc/httpd.conf.tpl | 9 ++++++--- frontends/etc/relayd.conf.tpl | 4 +++- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/frontends/Rexfile b/frontends/Rexfile index bfc6a72..8ad248d 100644 --- a/frontends/Rexfile +++ b/frontends/Rexfile @@ -83,7 +83,7 @@ our @f3s_hosts = # push @f3s_hosts, 'registry.f3s.buetow.org'; our @acme_hosts = - qw/foo.zone dtail.dev buetow.org git.buetow.org paul.buetow.org joern.buetow.org dory.buetow.org ecat.buetow.org blog.buetow.org znc.buetow.org stats.foo.zone irregular.ninja alt.irregular.ninja snonux.foo gogios.buetow.org/; + qw/foo.zone dtail.dev buetow.org git.buetow.org paul.buetow.org joern.buetow.org dory.buetow.org ecat.buetow.org blog.buetow.org znc.buetow.org stats.foo.zone irregular.ninja alt.irregular.ninja snonux.foo gogios.buetow.org blowfish.buetow.org fishfinger.buetow.org/; push @acme_hosts, @f3s_hosts; # UTILITY TASKS diff --git a/frontends/etc/httpd.conf.tpl b/frontends/etc/httpd.conf.tpl index f450efd..6f0c51a 100644 --- a/frontends/etc/httpd.conf.tpl +++ b/frontends/etc/httpd.conf.tpl @@ -1,9 +1,12 @@ <% our @prefixes = ('', 'www.', 'standby.'); -%> # Plain HTTP for ACME and HTTPS redirect -<% for my $host (@$acme_hosts) { for my $prefix (@prefixes) { -%> +<% for my $host (@$acme_hosts) { + # Skip current server's hostname - handled by dedicated block below + next if $host eq "$hostname.$domain"; + for my $prefix (@prefixes) { -%> server "<%= $prefix.$host %>" { listen on * port 80 - log style forwarded + log style forwarded location "/.well-known/acme-challenge/*" { root "/acme" request strip 2 @@ -165,7 +168,7 @@ server "<%= $prefix %>ecat.buetow.org" { <% for my $prefix (@prefixes) { -%> server "<%= $prefix %>gogios.buetow.org" { listen on * port 8080 - log style forwarded + log style forwarded location * { root "/htdocs/buetow.org/self/gogios" directory auto index diff --git a/frontends/etc/relayd.conf.tpl b/frontends/etc/relayd.conf.tpl index 2a2901b..b04ecd3 100644 --- a/frontends/etc/relayd.conf.tpl +++ b/frontends/etc/relayd.conf.tpl @@ -22,7 +22,9 @@ table { } http protocol "https" { - <% for my $host (@$acme_hosts) { -%> + <% for my $host (@$acme_hosts) { + # Skip server hostnames - each server only has its own cert, handled by dedicated keypair below + next if $host eq 'blowfish.buetow.org' or $host eq 'fishfinger.buetow.org'; -%> tls keypair <%= $host %> tls keypair standby.<%= $host %> <% } -%> -- cgit v1.2.3