Skip to content
Branch: master
Go to file
Code

Latest commit

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
bin
 
 
bld
 
 
cfg
 
 
 
 
 
 
 
 
src
 
 
svc
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.rst

hgweb

This is my homepage, rewritten from the ground up in lwan so it is entirely in C. Right now, it is nothing flashy (very similar to the Haskell version); project pages (and perhaps a few other treats) are planned for the near future.

The Stack

  • lwan - used as a library to build the webserver and page logic
  • hitch - TLS-terminating proxy server
  • acme-client (portable) - an ACME-protocol client for TLS Cert renewal

All running on Arch Linux using nftables for traffic redirection and forwarding

Traffic Redirection and Forwarding

lwan does not officially support running on an externally-visible port, and it remains the author's express suggestion to not do so. To bypass this limitation, we leverage hitch to redirect traffic from 443 to 8443 (where the contentful instance of lwan is running) and back.

Furthermore, to forcibly redirect HTTP to HTTPS, we use nftables to redirect traffic from 80 to 8080. Then, a very small instance of lwan is running on port 8080 that does nothing but respond to ACME challenge requests and redirect all other traffic to https://halosgho.st.

Design Characteristics

You can’t perform that action at this time.