From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Nils Gillmann Newsgroups: gmane.lisp.guile.user Subject: Re: About the IRC Logs Date: Fri, 9 Nov 2018 15:59:14 +0000 Message-ID: <20181109155914.kitchrjaxvbk6yij@abyayala> References: <20181109155651.du5jis5pz6vunzsw@abyayala> NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="s4ipvj3kg2er54io" X-Trace: blaine.gmane.org 1541778993 32694 195.159.176.226 (9 Nov 2018 15:56:33 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Fri, 9 Nov 2018 15:56:33 +0000 (UTC) To: guile-user@gnu.org Original-X-From: guile-user-bounces+guile-user=m.gmane.org@gnu.org Fri Nov 09 16:56:29 2018 Return-path: Envelope-to: guile-user@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gL993-0008OQ-Bp for guile-user@m.gmane.org; Fri, 09 Nov 2018 16:56:29 +0100 Original-Received: from localhost ([::1]:34851 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gL9B9-0005ws-LZ for guile-user@m.gmane.org; Fri, 09 Nov 2018 10:58:39 -0500 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:54699) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gL9Ak-0005wY-Ey for guile-user@gnu.org; Fri, 09 Nov 2018 10:58:15 -0500 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gL9Ah-0003mg-6R for guile-user@gnu.org; Fri, 09 Nov 2018 10:58:14 -0500 Original-Received: from static.195.114.201.195.clients.your-server.de ([195.201.114.195]:35444 helo=conspiracy.of.n0.is) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1gL9Ag-0003lt-Pv for guile-user@gnu.org; Fri, 09 Nov 2018 10:58:11 -0500 Original-Received: by conspiracy.of.n0.is (OpenSMTPD) with ESMTPSA id d3b0891d (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO) for ; Fri, 9 Nov 2018 15:58:07 +0000 (UTC) Mail-Followup-To: guile-user@gnu.org Content-Disposition: inline In-Reply-To: <20181109155651.du5jis5pz6vunzsw@abyayala> X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 195.201.114.195 X-BeenThere: guile-user@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: General Guile related discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guile-user-bounces+guile-user=m.gmane.org@gnu.org Original-Sender: "guile-user" Xref: news.gmane.org gmane.lisp.guile.user:14978 Archived-At: --s4ipvj3kg2er54io Content-Type: text/plain; charset=utf-8 Content-Disposition: inline And here the apache2 config I forgot to append. Nils Gillmann transcribed 1.4K bytes: > Hi, > > first off: sorry that the logs are down for such a long time. > > Since someone in your community offered to fix the Apache config, > and I got the okay to share it, you can find the config for the > https://irclogs.gnunet.org appended to this email. > > The application running is taking limnoria textfile logs and > publishes them. The sourcecode is https://git.kyriasis.com/kyrias/znc-log-viewer > with some minor modifications (only a local config change). > > The author told me: > > Because that looks a lot like a TLS handshake, which you most certainly should not be sending to flask. > > uwsgi://127.0.0.1:7000/ > > It's not running under uwsgi, so don't try to proxypass it using the uwsgi protocol. > > So either change it to an actual http proxying, or run it under uwsgi. > > We are currently busy fighting other fires, but we understand the logs are > important for the hosted communities. If you want to have the current outcome > of a longer discussion displayed, you can help and fix the apache2 config. > The past logs are dumped, they still need to be converted (or the znc-log-viewer > needs some code for SQL). > > PS: Please don't use this email to throw discussions about wether your > favorite language or viewer might be the better replacement in my > inbox, there have been discussions and they happened offlist and I'm > not happy with the outcome but it gets the job done. > > Thanks, and happy hacking! > --s4ipvj3kg2er54io Content-Type: text/plain; charset=utf-8 Content-Disposition: attachment; filename=irclogs-ssl ServerTokens Prod ServerAdmin webmaster@gnunet.org ServerName "irclogs.gnunet.org" ServerSignature Off KeepAlive On KeepAliveTimeout 30 MaxKeepAliveRequests 1000 ExpiresActive On ExpiresDefault "access plus 5 minutes" ExpiresByType image/gif "access plus 1 year" ExpiresByType image/jpeg "access plus 1 year" ExpiresByType image/png "access plus 1 year" ExpiresByType application/javascript "access plus 1 week" ExpiresByType text/css "access plus 1 week" ExpiresByType image/x-icon "access plus 1 year" ExpiresByType text/html "access plus 1 minute" Header unset Cache-Control Header unset ETag FileETag None ErrorLog /var/log/apache2/gnunet-irclogs-ssl_error.log LogLevel debug CustomLog /var/log/apache2/gnunet-irclogs-ssl_access.log combined ProxyPass / uwsgi://127.0.0.1:7000/ # Enable/Disable SSL for this virtual host. SSLEngine on SSLCompression off SSLProtocol -ALL +TLSv1.2 +TLSv1.1 +TLSv1 SSLHonorCipherOrder On Header add Strict-Transport-Security "max-age=15768000 ; includeSubDomains; preload" Header add X-XSS-Protection "1; mode=block" Header add X-Frame-Options "SAMEORIGIN" Header add X-Content-Type-Options "nosniff" Header add Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://irclogs.gnunet.org; frame-ancestors 'self'" SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:AES128-GCM-SHA256:!RC4:HIGH:!MD5:!aNULL SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:!DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA #:!EDH SSLOpenSSLConfCmd DHParameters "/etc/ssl/private/dhparams.pem" # SSLCertificateKeyFile /etc/ssl/private/gnunet.org.key SSLCertificateKeyFile /etc/letsencrypt/live/v10.gnunet.org/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/v10.gnunet.org/fullchain.pem SSLCertificateFile /etc/letsencrypt/live/v10.gnunet.org/cert.pem # SSLCertificateFile /etc/ssl/certs/gnunet.org.cert # SSLCertificateChainFile /etc/ssl/private/cachain.csr SSLOptions +StrictRequire BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 --s4ipvj3kg2er54io--