And here we are. 25 slides and I think I wrote all I know about #relayd. Glad I still have a few days to re-re-re-read and correct before the D-day.

Is it okay to have your #relayd slides proofread by an #OpenBSD developper/committer before #EuroBSDCon starts?

Not working on #relayd for #EuroBSDCon this week. I’m too busy doing Bretons’ things.

Actually, having to write about #relayd enforces the need to read the man page carefully again and test of few alternative configurations.

You don’t want to show off false information 😰

PS: I love #remark https://remarkjs.com/

This toot went through #relayd without the help of nginx. Thank you ˋRAILS_SERVE_STATIC_FILES=true`.

step 1 done: #Mastodon instance is now passing through #relayd. Let’s monitor a bit… If you 🫵 see something weird, don’t hesitate to whine at me 👻

#openbsd

I _think_ I just figured out some #relayd config that I've been faking for a while. [0]

This is for having relayd handle all tls http stuff for multiple hosts and arbitrary backends.

You can add more specific (but optional) "match/forward to <table>" stanzas to the protocol section.

But you also have to have a matching "forward to <table>" in the relay section.
The more specific ones go after the default one.

[0] faking: meaning I was getting it to work by randomly trying stuff.

Trying to wrap my head around mapping #nginx configurations to #OpenBSD #relayd #httpd.

I know it can be done, it just doesn't seem terribly straight-forward (to me). Specifically, trying to tie in #LetsEncrypt via acme-client in a reverse proxy. Obviously needs to happen at the proxy level if you want to handle your certs in a single central location (the ideal), but it's escaping me at the moment on how to accomplish this with relayd/httpd.

curious if #openbsd #httpd (and #relayd) have made progress on #http2

holidays (part 2)
revamp my knowledge about #OpeBSD #httpd and #relayd

Hey #openbsd community. Any time frame regarding #relayd support for ECDSA certs? My #letsencrypt certs got updated and my #vger #gemini capsule is not working due to relayd start failure: ssl_load_key: failed to extract RSA.

Maybe @solene ?

What is people's opinion on my suggestion of removing nginx in favor of #relayd for #peertube on #OpenBSD ?

J'ai reussi une fois de plus l'exploit de faire tourner #peertube sur #openbsd , cette fois-ci sans Nginx mais seulement les demons http en Base, en particulier #relayd

Lancez-moi des fleurs, je le mérite.

https://www.22decembre.eu/fr/2021/04/11/peertube-openbsd-native/

https://www.22decembre.eu/en/2021/04/11/peertube-openbsd-native/

I managed to run #peertube on #OpenBSD without Nginx but only native Base software, eg #relayd and http.

I feel pretty awesome.

It's kind of exhausting writing documentation on how and why I'm using #FreeBSD and #HardenedBSD for the company Zabbix deployment, especially since I know it's going to be handed over to the same team that decided to replace #OpenBSD with #pf and #relayd in favor of CentOS with HAProxy and half as many interfaces.
The good news is they shouldn't ever have to touch it, at least not for several years, and if they do, well, good luck getting similar performance and reliability on CentOS