-- Leo's gemini proxy

-- Connecting to thrig.me:1965...

-- Connected

-- Sending request

-- Meta line: 20 text/gemini

Host Only Relayd


OpenBSD's relayd is probably intended to be used with at least three systems: a backend, the relay host, and a client interacting with a backend by way of the relay host. This is at least two systems too many. However, running relayd and a backend and client code all on a single system can be a bit tricky to setup.


httpd.conf


Nothing exciting here.


    server "default" {
        listen on * port 8080
        directory auto index
    }

I usually put a single line of plain text into /var/www/htdocs/index.html because who wants their terminal spammed with too much HTML?


    $ cat /var/www/htdocs/index.html
    this, is a test website

relayd.conf


Also nothing much interesting, though there is a listen on an IP address specific to some interface, real or otherwise, here that of a wireguard tunnel connected with the OpenBSD virt somewhere in the cloud.


    table <webhosts> { 127.0.0.1 }
    redirect www {
            listen on 192.168.10.2 port 80
            forward to <webhosts> port 8080 check http "/" code 200
    }

On a somewhat related note, the output of ifconfig(8) is verbose to pick addresses out of but it just so happens that someone wrote a little localaddr tool.


    $ localaddr -4
    lo0 127.0.0.1
    iwx0 192.168.0.18
    wg0 192.168.10.2

I am informed by reputable sources that on Linux `ip ... | jq ...` is another way to do this. I guess you could do that. localaddr, meanwhile, is about 100 lines of C.


test test 1 2 3


Nope, does not work. Expectation is that relayd gets to the :8080 web thing.


    $ ftp -o - http://192.168.10.2:8080 2>/dev/null
    this, is a test website
    $ ftp -o - http://192.168.10.2:80 2>/dev/null
    $

pf.conf


Here are the tricky bits; we need "lo" not skipped and some anchor stuff for relayd. This is perhaps not kosher or very good at all, but hey it works for me ship it.


    #set skip on lo
    ...
    pass in on wg0 proto tcp to any port { 80, 8080 }
    pass on lo
    anchor "relayd/*"

Mostly I was trying to make some needlessly complicated web thing to practice my debugging skills.


    $ ftp -o - http://192.168.10.2:80 2>/dev/null
    this, is a test website
    $ ftp -o - http://192.168.10.2/cipher/caesar 2>/dev/null
    pnrfne
    $ echo caesar | /usr/games/rot13
    pnrfne

The second request goes to relayd, which forwards to httpd, which calls a fastcgi process, which passes a portion of PATH_INFO over to caesar(6), and then the response from that gets passed back the long chain of crazy.


I hear that any modern web thing is very much more complicated than this.


tags #openbsd #legacyweb #debug

-- Response ended

-- Page fetched on Tue May 21 21:39:10 2024