-- Leo's gemini proxy
-- Connecting to bbs.geminispace.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini; charset=utf-8
Since we're on the subject of reverse-proxies today, here's something I wrote in C# which parses a binary (v2) PROXY-protocol header from the beginning of a Stream.
Note that NGINX doesn't support the v2 protocol, only the plaintext version (v1). I can confirm that this implementation works well behind HAProxy (which it should, since it's their protocol anyway).
A word of warning about using PROXY in a Gemini context: if your reverse proxy is *not* terminating TLS for you, then it will wrap the incoming TLS packets in PROXY headers.
You don't want this. This will blow up .NET's SslStream implementation (and probably anyone else's too) and there's nothing you can do about it short of reimplementing a PROXY-aware version yourself.
This means that, if you want to send PROXY headers upstream, you need to let the reverse-proxy terminate TLS for you *and* you need a Gemini server which runs on plaintext TCP streams (which I leave as an exercise for the reader).
2023-07-21 ยท 10 months ago ยท ๐ mozz, Ruby_Witch
-- Response ended
-- Page fetched on Sun May 19 17:00:21 2024