On Sun, May 30, 2010 at 12:21:50AM +0100, Owen Shepherd wrote: > We are currently experimenting with setting up a Fossil server, but > have encountered a bit of an issue: Fossil doesn't seem to support > being operated behind a proxy. As we wish to run Fossil on port 80, and > to do so it must sit behind our primary web server, this is a bit of an > issue. > > The ideal solution for us would be to run Fossil as an SCGI or FastCGI > service (I would lean towards SCGI as it is a much simpler protocol) > and have our web server dispatch requests to that, but this is at > present not possible. We cannot run Fossil as a CGI because we use > Nginx, which does not support it (With the valid reason that very > little uses CGI these days and that it is highly inefficient) > > In the meantime, therefore, we are setting up Fossil behind a proxy. > This works mostly, but does raise an issue: Fossil issues all cookies > to 127.0.0.1. This works, but is rather insecure. It would be best if > Fossil could be instructed to listen to the X-Forwarded-For header when > started via "fossil server" (It would be inadvisable to listen to it if > started as a CGI because the web server should be doing the > transformation then). > > The ideal solution would be to move to the aforementioned SCGI, but I > am not quite sure at present the way I would go about implementing this > in the Fossil source.
_______________________________________________________________________ I wound up running lighttpd for the sole purpose of serving fossil via cgi scripts. lighttpd is pretty lightweight on resources. ~Michael _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
