colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

servo: http/https: expose to doof

Browse Source
This commit is contained in:
Colin 2024-06-17 07:55:53 +00:00
parent 3fc96a3e32
commit b3890b82dc
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/by-name/servo/services/nginx.nix
View File

@ -19,12 +19,14 @@ in
visibleTo.lan = true; visibleTo.lan = true;
visibleTo.wan = true; visibleTo.wan = true;
visibleTo.ovpns = true; # so that letsencrypt can procure a cert for the mx record visibleTo.ovpns = true; # so that letsencrypt can procure a cert for the mx record
visibleTo.doof = true;
description = "colin-http-uninsane.org"; description = "colin-http-uninsane.org";
}; };
sane.ports.ports."443" = { sane.ports.ports."443" = {
protocol = [ "tcp" ]; protocol = [ "tcp" ];
visibleTo.lan = true; visibleTo.lan = true;
visibleTo.wan = true; visibleTo.wan = true;
visibleTo.doof = true;
description = "colin-https-uninsane.org"; description = "colin-https-uninsane.org";
}; };

12
scripts/check-uninsane
View File

@ -5,6 +5,9 @@ echo "this script will check that uninsane.org is baseline operational"
echo "it doesn't check all services, just the most critical ones" echo "it doesn't check all services, just the most critical ones"
echo "" echo ""
OVPNS_IPV4=185.157.162.178
DOOF_IPV4=205.201.63.12
last_error=0 last_error=0
check() { check() {
local label=$1 local label=$1
@ -37,9 +40,14 @@ check "https://uninsane.org online" curl --silent --fail-with-body https://unins
check "https://matrix.uninsane.org online" curl --silent --fail-with-body https://matrix.uninsane.org check "https://matrix.uninsane.org online" curl --silent --fail-with-body https://matrix.uninsane.org
check "https://fed.uninsane.org online" curl --silent --fail-with-body https://fed.uninsane.org check "https://fed.uninsane.org online" curl --silent --fail-with-body https://fed.uninsane.org
# port 80 is accessible also from OVPN: # port 80 is accessible also from my VPNs
check "http://uninsane.org online" curl --silent --fail-with-body http://uninsane.org check "http://uninsane.org online" curl --silent --fail-with-body http://uninsane.org
check "http://uninsane.org online" curl "--connect-to" "uninsane.org:443:185.157.162.178:443" --silent --fail-with-body http://uninsane.org check "http://uninsane.org online" curl "--connect-to" "uninsane.org:80:$OVPNS_IPV4:80" --silent --fail-with-body http://uninsane.org
check "http://uninsane.org online" curl "--connect-to" "uninsane.org:80:$DOOF_IPV4:80" --silent --fail-with-body http://uninsane.org
# port 443 is accessible over doofnet
check "https://uninsane.org online" curl "--connect-to" "uninsane.org:443:$DOOF_IPV4:443" --silent --fail-with-body https://uninsane.org
check "https://matrix.uninsane.org online" curl "--connect-to" "matrix.uninsane.org:443:$DOOF_IPV4:443" --silent --fail-with-body https://matrix.uninsane.org
check "uninsane.org DMARC record" nslookup -querytype=TXT _dmarc.uninsane.org. check "uninsane.org DMARC record" nslookup -querytype=TXT _dmarc.uninsane.org.