BasedFlare - New Cloudflare-like service

Comments

• atharva Member

  October 2023

  Registration is currently disabled, please try again later.

  What's wrong?
• fatchan Member

  October 2023

  @atharva said: Registration is currently disabled, please try again later.

  What's wrong?

  It was never public. I am only dealing privately for now. But i think i need a host rep tag if I want to say more on that, so for now I will 🤐. People are talking about it because they want to deploy their own instance (it is open source) and make it free and public.
• stefeman Member

  October 2023 edited October 2023

  @ezeth said:
  Ok

  git clone https://gitgud.io/fatchan/haproxy-panel-next.git
  cd haproxy-panel-next/
  cp .env.example .env
  

  Then install nodejs 16

  snap install node --classic --channel=16

  Then install mongodb

  curl -fsSL https://pgp.mongodb.com/server-7.0.asc |    sudo gpg -o /usr/share/keyrings/mongodb-server-7.0.gpg    --dearmor
  
  echo "deb [ arch=amd64,arm64 signed-by=/usr/share/keyrings/mongodb-server-7.0.gpg ] https://repo.mongodb.org/apt/ubuntu jammy/mongodb-org/7.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-7.0.list
  apt update
  apt install -y mongodb-org
  

  Then install redis.

  apt install -y redis

  Then start both redis and mongodb

  systemctl start mongod
  systemctl start redis-server
  

  Inside the .env file replace NAMESERVERS="YOURIPHERE"

  Then generate certificates

  mkdir -p /root/haproxy-panel-next/ca
  cd /root/haproxy-panel-next/ca
  
  # Generate a new private key
  openssl genpkey -algorithm RSA -out ca-private-key.pem
  
  # Generate a root CA certificate
  openssl req -key ca-private-key.pem -new -x509 -days 365 -out ca-certificate.pem
  

  After that you're almost done.

  cd /root/haproxy-panel-next
  npm run build
  npm run start
  

  Done!

  It starts with no errors. But there is a ton of stuff to configure inside .env.

  I think I caught everything in the history command output. Please say if it does not work!

  root@ubuntu2204:~/haproxy-panel-next# npm run build

  [email protected] build
  next build

  sh: 1: next: not found

  root@ubuntu2204:~/haproxy-panel-next# npm install next

  npm WARN deprecated [email protected]: Please use another csrf package
  npm notice
  npm notice New major version of npm available! 8.19.4 -> 10.2.0
  npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.2.0
  npm notice Run npm install -g [email protected] to update!
  npm notice
  npm ERR! code 1
  npm ERR! path /root/haproxy-panel-next/node_modules/bcrypt
  npm ERR! command failed
  npm ERR! command sh -c -- node-pre-gyp install --fallback-to-build

  npm ERR! A complete log of this run can be found in:
  npm ERR! /root/.npm/_logs/2023-10-06T09_41_06_381Z-debug-0.log
• stefeman Member

  October 2023 edited October 2023

  full log:

  > 1992 timing build:link:node_modules/which Completed in 7ms
  > 1993 timing build:link:node_modules/typescript Completed in 7ms
  > 1994 timing build:link:node_modules/uuid Completed in 7ms
  > 1995 timing build:link Completed in 10ms
  > 1996 info run [email protected] install node_modules/bcrypt node-pre-gyp install --fallback-to-build
  > 1997 info run [email protected] install node_modules/msgpackr-extract node-gyp-build-optional-packages
  > 1998 info run [email protected] install { code: 1, signal: null }
  > 1999 info run [email protected] install { code: 0, signal: null }
  > 2000 timing build:run:install:node_modules/msgpackr-extract Completed in 344ms
  > 2001 timing reify:rollback:createSparse Completed in 1011ms
  > 2002 timing reify:rollback:retireShallow Completed in 0ms
  > 2003 timing command:install Completed in 16014ms
  > 2004 notice
  > 2004 notice New ^[[31mmajor^[[39m version of npm available! ^[[31m8.19.4^[[39m -> ^[[32m10.2.0^[[39m
  > 2004 notice Changelog: ^[[36mhttps://github.com/npm/cli/releases/tag/v10.2.0^[[39m
  > 2004 notice Run ^[[32mnpm install -g [email protected]^[[39m to update!
  > 2004 notice
  > 2005 verbose stack Error: command failed
  > 2005 verbose stack     at ChildProcess.<anonymous> (/snap/node/7581/lib/node_modules/npm/node_modules/@npmcli/promise-spawn/lib/index.js:63:27)
  > 2005 verbose stack     at ChildProcess.emit (node:events:513:28)
  > 2005 verbose stack     at maybeClose (node:internal/child_process:1100:16)
  > 2005 verbose stack     at Process.ChildProcess._handle.onexit (node:internal/child_process:304:5)
  > 2006 verbose pkgid [email protected]
  > 2007 verbose cwd /root/haproxy-panel-next
  > 2008 verbose Linux 5.15.0-79-generic
  > 2009 verbose node v16.20.1
  > 2010 verbose npm  v8.19.4
  > 2011 error code 1
  > 2012 error path /root/haproxy-panel-next/node_modules/bcrypt
  > 2013 error command failed
  > 2014 error command sh -c -- node-pre-gyp install --fallback-to-build
  > 2015 verbose exit 1
  > 2016 timing npm Completed in 16159ms
  > 2017 verbose unfinished npm timer reify 1696585266525
  > 2018 verbose unfinished npm timer reify:build 1696585281143
  > 2019 verbose unfinished npm timer build 1696585281144
  > 2020 verbose unfinished npm timer build:deps 1696585281145
  > 2021 verbose unfinished npm timer build:run:install 1696585281171
  > 2022 verbose unfinished npm timer build:run:install:node_modules/bcrypt 1696585281171
  > 2023 verbose code 1
  > 2024 error A complete log of this run can be found in:
  > 2024 error     /root/.npm/_logs/2023-10-06T09_41_06_381Z-debug-0.log
  > 
  
• stefeman Member

  October 2023 edited October 2023

  edit: It probly does not like the root user lol.

  Yeah, that was the issue:

  sudo npm cache clean -f
  sudo npm install -g n
  sudo n stable
  sudo npm install --unsafe-perm=true --allow-root

  Then it worked.

  I will setup demo stuff up now, and once its working I migrate to production.

  Thanked by 1sillycat
• kait Member

  October 2023

  Great work @stefeman and thanks for all the great work on creating something actually useful @fatchan

  Thanked by 1sillycat
• stefeman Member

  October 2023 edited October 2023

  So, I got it up and running, but what's the default admin user/password for the panel?

  @fatchan

  And thanks for the continued help
• fatchan Member

  October 2023

  @stefeman said: So, I got it up and running, but what's the default admin user/password for the panel?

  node reset.js

  Thanked by 1stefeman
• stefeman Member

  October 2023 edited October 2023

  @fatchan said:

  @stefeman said: So, I got it up and running, but what's the default admin user/password for the panel?

  node reset.js

  jUWS7Ylx/NZpdsLU8Plsw2PhJ04=

  I logged in with:

  admin
  jUWS7Ylx/NZpdsLU8Plsw2PhJ04=

  and it briefly shows menu and goes back to login page in 1 second. Is this due to missing haproxy-protect as I only have the panel cloned and up?

  Thanked by 1angstrom
• fatchan Member

  October 2023

  You are running in production mode without https, so the Secure session cookie isnt set. Use https or dont run in production mode

  Thanked by 1stefeman
• stefeman Member

  October 2023 edited October 2023

  @fatchan said:
  You are running in production mode without https, so the Secure session cookie isnt set. Use https or dont run in production mode

  Thanks for the fast reply.

  How would I change the mode?

  And how would I change to https? it just gives ERR_SSL_PROTOCOL_ERROR since the site does not listen for 443
• ezeth Member, Host Rep

  October 2023

  @fatchan
  Soooooooooo. What's the state of this basedflare
• kait Member

  October 2023

  @ezeth said: Soooooooooo. What's the state of this basedflare

  Works great, its clean, dashboard is amazing and you can customize the shit out of it. Protection works great as well.
• typicalGtaTG Member, Host Rep

  October 2023

  @Hotmarer said: where are workers?

  In my basement

  Thanked by 1Hotmarer
• ezeth Member, Host Rep

  October 2023

  @kait said:

  @ezeth said: Soooooooooo. What's the state of this basedflare

  Works great, its clean, dashboard is amazing and you can customize the shit out of it. Protection works great as well.

  I have never tested it. Did you sign up for $ 9.99/mo?
• dosai Member

  October 2023

  @kait said:

  @ezeth said: Soooooooooo. What's the state of this basedflare

  Works great, its clean, dashboard is amazing and you can customize the shit out of it. Protection works great as well.

  Were you able to self host and test it's features?
• kait Member

  October 2023

  @ezeth said: I have never tested it. Did you sign up for $ 9.99/mo?

  @dosai said: Were you able to self host and test it's features?

  Currently a beta tester.
• sillycat Member

  October 2023

  @dosai said: Were you able to self host and test it's features?

  Certainly, it's fully open source; although, as has become evident in this thread, the documentation for the panel isn't the best.

  https://gitgud.io/fatchan/haproxy-panel-next
  https://gitgud.io/fatchan/haproxy-protection
• dosai Member

  October 2023

  @sillycat said:

  @dosai said: Were you able to self host and test it's features?

  Certainly, it's fully open source; although, as has become evident in this thread, the documentation for the panel isn't the best.

  https://gitgud.io/fatchan/haproxy-panel-next
  https://gitgud.io/fatchan/haproxy-protection

  Yes, I've mentioned the same in my previous comment from this same thread.

  https://lowendtalk.com/discussion/comment/3672728/#Comment_3672728
• fatchan Member

  October 2023 edited October 2023

  @ezeth said: @fatchan
  Soooooooooo. What's the state of this basedflare

  I have a few people using it, and I am taking their suggestions and slowly improving on pain points of running multi tenant setup. It works well enough for the level of attacks atm, and most importantly its fun.
  You can email me or dm me if you want to know more.
• Neoon Community Contributor, Veteran

  October 2023 edited October 2023

  The Panel makes DNS queries to a DNS server IP you can configure in .env
  I don't understand why though.

  Without any response to these queries the Panel is unable to load/function at all.
  @fatchan can you explain why and what purpose they have?

  I thought you make changes, these are written to either redis or mongodb and getting sync to the dns servers.
  But apparently the Panel on its own makes DNS queries to its own nameservers?
• Neoon Community Contributor, Veteran

  October 2023

  Nevermind, actually got it working now.
  Will play a bit around and report back.
• kait Member

  October 2023

  @Neoon said: Nevermind, actually got it working now.

  Will play a bit around and report back.

  W, always nice to get things working, gives you the good feelings.

  Thanked by 1sillycat
• stefeman Member

  October 2023

  @Neoon said:
  Nevermind, actually got it working now.
  Will play a bit around and report back.

  Live Deploy soon
• dosai Member

  October 2023

  Maybe you guys can do a pull request with additional information you have gathered so far.
• Neoon Community Contributor, Veteran

  October 2023

  It does work though http://test.serv.app
  https does not work though, because it uses ACME and that needs the dns server part working.
• fatchan Member

  October 2023

  @Neoon said:

  You might be able to change the challenge order to http-01 first (grep the code), if you setup each haproxy to forward .well-known/acme-challenge to the control panel. The code for writing the files in tmp is still there, I jist stopped using because dns is easier, faster, and allows wildcards.
• stefeman Member

  October 2023 edited October 2023

  @fatchan said:

  @Neoon said:

  You might be able to change the challenge order to http-01 first (grep the code), if you setup each haproxy to forward .well-known/acme-challenge to the control panel. The code for writing the files in tmp is still there, I jist stopped using because dns is easier, faster, and allows wildcards.

  Can you just share your plugin version as "no lisence" separately? Should not be an issue as long as you dont bundle it. Otherwise this entire thing is pretty much unusable as intended.

  If nobody can deploy it as it's supposed to work most optimally, its useless to share the source to begin with. =/
• Neoon Community Contributor, Veteran

  October 2023 edited October 2023

  I made a dns integration for basedflare with gdnsd.
  https://github.com/Ne00n/basedflare-gdnsd

  It works, it gets a certificate but its unable to upload the certificate to haproxy.

  An error occurred 1696931148740 TypeError [ERR_INVALID_PROTOCOL]: Protocol "http:" not supported. Expected "https:"
      at new NodeError (node:internal/errors:406:5)
      at new ClientRequest (node:_http_client:183:11)
      at request (node:http:101:10)
      at file:///var/www/haproxy-panel-next/node_modules/node-fetch/src/index.js:94:20
      at new Promise (<anonymous>)
      at fetch (file:///var/www/haproxy-panel-next/node_modules/node-fetch/src/index.js:49:9)
      at file:///var/www/haproxy-panel-next/router.js:188:14
      at Array.map (<anonymous>)
      at res.locals.postFileAll (file:///var/www/haproxy-panel-next/router.js:185:18)
      at addCert (file:///var/www/haproxy-panel-next/controllers/certs.js:119:86) {
    code: 'ERR_INVALID_PROTOCOL'
  }
  
• fatchan Member

  October 2023

  @stefeman said:

  Can you just share your plugin version as "no lisence" separately? Should not be an issue as long as you dont bundle it. Otherwise this entire thing is pretty much unusable as intended.

  I rather not do that publicly, it is technically copyright infringement and there are too many contributors on the repo to get all their permission. Eventually, I can release a freshly rewritten version. For now, it sounds like people were able to implement another DNS server anyway, see below. It just needs to read from redis after all, nothing special.

  @Neoon said: It works, it gets a certificate but its unable to upload the certificate to haproxy.

  Probably this is because the fetch call is passed agent which is a https agent, but your dataplaneapi url is http. You can try to remove it, or configure dataplaneapi to use https and add a certificate. You can set ALLOW_SELF_SIGNED_SSL=1 in env and use a self signed cert in dataplaneapi, or install a trusted certificate.