? Editing: Post:21.body Save Delete Cancel
Content changed Sign & Publish new content

BinChan's ZeroNotes

Messy Notes about using ZeroNet and other things
All code published here are under CC-BY-SA licence, if not compatible, then MIT license X)

Follow in NewsfeedFollowing

TOC by date
TOC by tag
View in light theme

Latest comments:

Add new post

Title

21 hours ago · 2 min read ·
3 comments

tag:
Body
Read more

Not found

My ZeroNet Clearnet Proxy Setup

on May 28, 2018 · 2 min read
tag: nginx zeronet

I set up a personal clearnet proxy last year, but I didn't post my personal tweak at that time. Now I post it here:

I don't use the multi-user plugin, instead I add password protection in the nginx site config:

server {
    server_name zeronet.mydomain.tld;

    location / {
        auth_basic "Restricted Content";
        auth_basic_user_file /etc/nginx/.htpasswd;
        ...

And here is the tutorial I used: How To Set Up Password Authentication with Nginx on Ubuntu 14.04

So only I can access ZeroHello of my clearnet proxy. But I also want to share some specific zites to normal visitors, and here is my tweak:


server {
        ...
    location /uimedia {
        proxy_pass http://127.0.0.1:43110/uimedia;
        proxy_set_header Host $host; #get rid of media referrer error
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    location /favicon.ico {
        proxy_pass http://127.0.0.1:43110/favicon.ico;
        proxy_set_header Host $host; #get rid of media referrer error
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    location /0gallery.bit {
        proxy_pass http://127.0.0.1:43110/0gallery.bit;
        proxy_set_header Host $host; #get rid of media referrer error
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    location /1EiMAqhd6sMjPG2tznkkGXxhdwFBDdeqT9 {
        proxy_pass http://127.0.0.1:43110/1EiMAqhd6sMjPG2tznkkGXxhdwFBDdeqT9;
        proxy_set_header Host $host; #get rid of media referrer error
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
    location /myblog {
        proxy_pass http://127.0.0.1:43110/1EiMAqhd6sMjPG2tznkkGXxhdwFBDdeqT9;
        proxy_set_header Host $host; #get rid of media referrer error
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
        ...

uimedia and favicon.ico are necessary for all zites, and with the settings above, a visitor can visit 0-Gallery by https://zeronet.mydomain.tld/0gallery.bit, and this blog by https://zeronet.mydomain.tld/myblog.

I don't know if my setting is secure enough, but there is a big issue.. a visitor can access the config panel ><

For a zite created on my proxy, if I share it in this way, any visitor can edit it, also change zite info and sign the zite in the config panel.. but can't delete the zite. For a zite just shared on my proxy, any visitor can't sign the zite, but can change parameters like storage limit, optional file storage limit, and.. delete the zite and all its content X( But another visitor can add it back (except optional files) XD

0 Comment:

user_name1 day ago
Reply
Body
Select user
  • Welcome to ZeroMessage!
This page is a snapshot of ZeroNet. Start your own ZeroNet for complete experience. Learn More