dominic
/
oe7drt-website
1
1
Fork 0
Code Issues Pull Requests Releases Activity

update draft post

Browse Source
main
Dominic Reich 10 months ago
parent 6b7df50ec9
commit 2587a61d06
Signed by: dominic
GPG Key ID: BC9D6AE1A3BE169A
2 changed files with 50 additions and 4 deletions
Show Stats Download Patch File Download Diff File

54
content/posts/2024/mmdvm-hotspot-on-archlinux/index.md → content/posts/2024/62-mmdvm-hotspot-on-archlinux/index.md
Unescape View File

@ -2,7 +2,7 @@
title: MMDVM hotspot on Archlinux title: MMDVM hotspot on Archlinux
summary: I wrote down the installation of a forked DStarGateway with a slim summary: I wrote down the installation of a forked DStarGateway with a slim
dashboard based on Javascript on a Raspberry Pi 2. dashboard based on Javascript on a Raspberry Pi 2.
date: 2024-01-28T23:12:00+0100 date: 2024-01-29T09:41:00+0100
#lastmod: #lastmod:
categories: categories:
- amateur-radio - amateur-radio
@ -298,6 +298,35 @@ to have the possibility to only serve the pages via plain old HTTP
(without SSL/TLS) because I run most of my pages through a reverse-proxy (without SSL/TLS) because I run most of my pages through a reverse-proxy
that takes care of all the certification. that takes care of all the certification.
If you don't need to use HTTPS you may find this patch interesting:
~~~patch
diff --git a/index.js b/index.js
index 0c71092..502933e 100644
--- a/index.js
+++ b/index.js
@@ -1,4 +1,4 @@
-const https = require("https");
+const http = require("http");
const fs = require("fs");
const ini = require("ini");
const lineReader = require('line-reader');
@@ -32,12 +32,8 @@ updatelinks();
let serverPort = inifile.config.port;
-const server = https
+const server = http
.createServer(
- {
- key: fs.readFileSync("key.pem"),
- cert: fs.readFileSync("cert.pem"),
- },
app
)
.listen(serverPort, ()=>{
~~~
Next we will modify the `dashboard.ini` file because we will change the Next we will modify the `dashboard.ini` file because we will change the
port from 443 to 8443. Why? Because[^1]! port from 443 to 8443. Why? Because[^1]!
@ -313,11 +342,28 @@ This might be confusing now, the host above does not listen to port 8443 because
there is a reverse-proxy in-between (and actually a firewall/router too). there is a reverse-proxy in-between (and actually a firewall/router too).
{{< /alert >}} {{< /alert >}}
This configuration is now as slim as I could make, removing encryption on the dashboard
made it even better in terms of performance and maintainability as we don't have to
worry about our certificates on this host and no direct port-forwarding to this host
has been made -- but our dashboard can still be accesses from the internet in encrypted
form.
The actual path of this host and how it will be routed: The actual path of this host and how it will be routed:
~~~plain {{< mermaid >}}
User (internet) ⇒ router:443 (hotspot.oe7drt.net) ⇒ reverse-proxy:443 (internal-server.lan) ⇒ hotspot:8443 (internal-raspi.lan) %%{init: {"flowchart": {"htmlLabels": false}} }%%
~~~ graph LR;
A([Internet user]):::usr -- "`**HTTPS**`" -->B["`router/firewall
_hotspot.oe7drt.net_`"]:::fw;
B-- "`**HTTPS**`" -->C["`reverse-proxy
_proxy.lan_`"]:::rev;
C-- "`**HTTP**`" -->D["`hotspot dashboard
_hotspot.lan_`"]:::dash;
classDef usr stroke:#faa
classDef fw stroke:#f55
classDef rev stroke:#9f9
classDef dash stroke:#0f0
{{< /mermaid >}}
We will disable the shell for the _dashboard_ user because we normally We will disable the shell for the _dashboard_ user because we normally
won't have to login as _dashboard_ user again. won't have to login as _dashboard_ user again.

0
content/posts/2024/mmdvm-hotspot-on-archlinux/setup_console.jpg → content/posts/2024/62-mmdvm-hotspot-on-archlinux/setup_console.jpg
Unescape View File

Write Preview
Loading…
Cancel
Save