New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Thanks![:) :)](https://lowendtalk.com/resources/emoji/smile.png)
bgpview.io is a gem for sure. Really easy to use
based project, updooted.
why is it LET seething like this thing won't take off? jelly much to see someone actually do something instead of $7 posting?
I'm trying to make a free version of this right now with no paid plans, ever.
It's pretty hard to get this up and running as tutorials are not as clear as I'd wish xD
I have roped in @Neoon today to solve it xD
Expect LES/LET free service thread later after I have set up plenty of infra and tested it prior with high traffic live sites.
Been on this project since june, but only now have enough funds secured to actually make it happen on permanent basis and for free always.
I love you.
Will it have an option to donate BW?
I mean setup a node by a third party, a consensus of sorts, etc?
Why are we still talking about this, all of their claims are absolute bullshit.
They CANNOT do any kind of WAF (beyond TLS fingerprinting) or caching if they don't MITM.
What claims are bs? They never claim to not do MiTM
Literally the very first words of the very first post - "Cloudflare alternative promising no MiTM"
Is treesmokah basedflare? Basedflare never claimed no MiTM
I mean, if you self-host it, there is no man in the middle. You are the man in the middle.
@fatchan
https://gitgud.io/fatchan/haproxy-protection is fine, but the panel seems to be broken.
@Neoon attempted setting up https://gitgud.io/fatchan/haproxy-panel-next/-/blob/master/docker-compose.yml?ref_type=heads but apparently the docker file is incomplete and there is no persistent storage. From the looks of it, you are not updating or using it.
This looks like amazing project, and I would love to deploy this for community, but we have no idea how to setup it without docker as you had nothing written about that.
Could you help and give a few pointers for this project?![:) :)](https://lowendtalk.com/resources/emoji/smile.png)
Basically the issue is:
docker file error: Error response from daemon: invalid mount config for type "bind": bind source path does not exist: /tmp/acme-tests/.well-known/acme-challenge
The path mentioned in the error is inside the docker container, so the compose won't even finish.
and instructions are missing for non-docker install.
On top of that, which one would you suggest running on production? docker or non-docker version?
Thank you in advance.
Doesn't that mean that you don't have the
/tmp/acme-tests/.well-known/acme-challenge/
folder on the host machine?Nah, its probly referencing inside the docker container so the compose won't even finish.
edit: it might actually be target of the host machine. Thanks for the info, will attempt to verify.
Having no free plan puts it miles away from Cloudflare
@fatchan We solved the /tmp/acme-tests/.well-known/acme-challenge/ and few other issues, but its a mess without a proper install guide.
It worked just before and we copied repo again and made a fresh copy and now its just crashing.
I would love to run this as a free service, but this would require some guidance from you.
@JoshuaMoon can help I guess
No, he has nothing to do with basedflare.
Apparently he managed to deploy it.
The protection yes, he doesn't use the dashboard
I don't see the issue? I managed to setup front end in 20min. Want me to give you copy paste?
~/haproxy-panel-next# npm run start
I tried only the Docker version, which should make stuff easier, but sadly it didn't work.
Natively no clue, never touched mongoDB until now, npm barely.
Hence the request for a install guide.
Since you got it working, wanna post a full guide?
Ok
Then install nodejs 16
snap install node --classic --channel=16
Then install mongodb
Then install redis.
apt install -y redis
Then start both redis and mongodb
Inside the .env file replace NAMESERVERS="YOURIPHERE"
Then generate certificates
After that you're almost done.
Done!
It starts with no errors. But there is a ton of stuff to configure inside .env.![:) :)](https://lowendtalk.com/resources/emoji/smile.png)
I think I caught everything in the history command output. Please say if it does not work!
That's something my brain does understand. Thanks.
Its a good starting point, yea you have to configure a bunch of stuff, to be honest, I was a bit drunk and watched One Piece on Netflix in the meanwhile.
Its a fucking good series, waiting for the second season, dope af.
But can remove the CA part, it does support a private CA but you don't need to generate one.
Env values:
NOTE:
The dns part wont work because its not open source, so some stuff wont work like dns health checking and using it as a dns control panel.
Each account needs the same clusters list in the "clusters" prop of their account in the db. In theory they can have multiple but there are other processes (dns healthcheck, auto renewing certs, etc that only support 1 cluster atm). You can edit it in app on the /clusters url
You can see the other processes in ecosystem.config.js and run them with pm2 if you want.
certs are saved in the db and can be redeployed, but maps (any page with url starting in /map) is read and written directly to haproxy and persisted to disk on all proxies. If you lose the maps folder on all proxies in a cluster you can't get them back. Also you can face syncing issues if a proxy goes offline and misses commands. I personally use ansible to resync them if this happens but a builtin automated method and more robust dataplaneapi interaction is coming
There is a lot of stuff that is hardcoded to basedflare branding or otherwise very customised to my use case as i am "productising' it, but you can remove those for your own deplpyment ofc.
If this is too much headache, and depending on your websites bandwidth usage im happy to proxy it for you, for a small fee :^)
That is a pity, so you would have to add your own DNS integration to make the Panel full work so users are able to add their domains.
I never said this, but its not impossible.
You can deploy your own haproxy+dataplaneapi. In theory with a stripped out client-native (the golang api client for haproxy), and give me credentials. This would let you run your own proxy, and hold the keys with no way for me to extract it. But you could grant access to stats, anonymized logs, and control over maps that let me enable protection modes.
Basically, I have forked a plugin for coreDNS and it works great. But the plugin that is "official" and recommended by coredns has no LICENSE so its a bit ambiguous. And their plugin is a fork of an abandoned project which had no LICENSE. I emailed the company who used to maintain it, but they are iranian(?) and weren't able to understand my question about licensing. Hers is the original repo: https://github.com/arvancloud/redis
If you get them to give a green light, i can release my improved fork that is compatible with the control panel.
This is not a WAF or even DDoS protection, at that point, you might as well just have a script that turns on when your website's CPU usage goes up too high...
Just spitballing ideas, its not something i do or ever said i do. Anyway, it could be more detailed than that, CPU is not the only stat or log you know 🙂
Just dont get caught up on something being bullshit/impossible when i never made that claim.