HAProxy and Apache reverse proxy with TLS passthrough

2020-09-02 Thread Tom Browder 
I'm trying to cobble together the following https data flow:

<== public internet ==>

A. a single IPv4  Apache server with multiple virtual hosts
 identified by SNI

1. for each virtual host with its unique domain:

a.  use Apache's managed domain capability to get
 and keep current a Letsencrypt TLS cert
b.  have a reverse proxy to a backend TLS server (with
 passthrough TLS) identified by a unique port number
 on the local host

<== reverse proxy ==>

2. for each unique backend server

a.  respond to public domain https requests
b.  serve both static and dynamic content  back
to the public client

Notes:

1. Each virtual host is defined in a single Apache macro.
2. I have Apache running apparently successfully up to the
ProxyPass and ProxyReverse point but cannot get a
valid connection.
3. I can get the scenario to work in a non-TLS environment.
4. The solutions I've seen with Nginx and Caddy require
 wildcard certs or unique IPs, neither of which will
 work for me in my current understanding of Apache.

Questions:

1. Is this TLS scenario theoretically possible?
2. If so, can HAProxy help make it happen?
3. What are my options for the backend server?
 I have seen very little discussion of that
 except in vague terms of a "dynamic
 server" (for which I plan to use a Raku
 language server called Cro).

Thanks for any help.

Best regards,

-Tom

Bid Writing Workshops Via Zoom

2020-09-02 Thread NFP Workshops 


NFP WORKSHOPS
18 Blake Street, York YO1 8QG   01133 280988
Affordable Training Courses for Charities, Schools & Public Sector 
Organisations 




This email has been sent to haproxy@formilux.org
CLICK TO UNSUBSCRIBE FROM LIST
Alternatively send a blank e-mail to unsubscr...@nfpmail2001.co.uk quoting 
haproxy@formilux.org in the subject line.
Unsubscribe requests will take effect within seven days. 




Bid Writing: The Basics
Online via ZOOM 

COST £95.00

TOPICS COVERED

Do you know the most common reasons for rejection? Are you gathering the right 
evidence? Are you making the right arguments? Are you using the right 
terminology? Are your numbers right? Are you learning from rejections? Are you 
assembling the right documents? Do you know how to create a clear and concise 
standard funding bid?

Are you communicating with people or just excluding them? Do you know your own 
organisation well enough? Are you thinking through your projects carefully 
enough? Do you know enough about your competitors? Are you answering the 
questions funders will ask themselves about your application? Are you 
submitting applications correctly?

PARTICIPANTS  

Staff members, volunteers, trustees or board members of charities, schools, not 
for profits or public sector organisations who intend to submit grant funding 
applications to charitable grant making trusts and foundations. People who 
provide advice to these organisations are also welcome.

BOOKING DETAILS   

Participants receive full notes and sample bids by e-mail after the workshop. 
The workshop consists of talk, questions and answers. There are no power points 
or audio visuals used. All places must be booked through the online booking 
system using a debit card, credit card or paypal. We do not issue invoices or 
accept bank or cheque payments. If you do not have a payment card from your 
organisation please use a personal one and claim reimbursement using the 
booking confirmation e-mail as proof of purchase.

BOOKING TERMS

Workshop bookings are non-cancellable and non-refundable. If you are unable to 
participate on the booked date you may allow someone else to log on in your 
place. There is no need to contact us to let us know that there will be a 
different participant. Bookings are non-transferable between dates unless an 
event is postponed. If an event is postponed then bookings will be valid on any 
future scheduled date for that workshop.
   
QUESTIONS

If you have a question please e-mail questi...@nfpmail2001.co.uk You will 
usually receive a response within 24 hours. Due to our training commitments we 
are unable to accept questions by phone. 
Bid Writing: Advanced
Online via ZOOM 

COST £95.00

TOPICS COVERED

Are you applying to the right trusts? Are you applying to enough trusts? Are 
you asking for the right amount of money? Are you applying in the right ways? 
Are your projects the most fundable projects? 

Are you carrying out trust fundraising in a professional way? Are you 
delegating enough work? Are you highly productive or just very busy? Are you 
looking for trusts in all the right places? 

How do you compare with your competitors for funding? Is the rest of your 
fundraising hampering your bids to trusts? Do you understand what trusts are 
ideally looking for?

PARTICIPANTS  

Staff members, volunteers, trustees or board members of charities, schools, not 
for profits or public sector organisations who intend to submit grant funding 
applications to charitable grant making trusts and foundations. People who 
provide advice to these organisations are also welcome.

BOOKING DETAILS   

Participants receive full notes and sample bids by e-mail after the workshop. 
The workshop consists of talk, questions and answers. There are no power points 
or audio visuals used. All places must be booked through the online booking 
system using a debit card, credit card or paypal. We do not issue invoices or 
accept bank or cheque payments. If you do not have a payment card from your 
organisation please use a personal one and claim reimbursement using the 
booking confirmation e-mail as proof of purchase.

BOOKING TERMS

Workshop bookings are non-cancellable and non-refundable. If you are unable to 
participate on the booked date you may allow someone else to log on in your 
place. There is no need to contact us to let us know that there will be a 
different participant. Bookings are non-transferable between dates unless an 
event is postponed. If an event is postponed then bookings will be valid on any 
future scheduled date for that workshop.
   
QUESTIONS

If you have a question please e-mail questi...@nfpmail2001.co.uk You will 
usually receive a response within 24 hours. Due to our training commitments we 
are unable to accept questions by phone. 
Dates & Booking Links
BID WRITING: THE BASICS
Mon 14 Sep 2020
10.00 to 12.30Booking Link
Mon 28 Sep 2020
10.00 to 12.30Booking Link
Mon 12 Oct 2020
10.00 to 12.30Booking Link
Mon 26 Oct 2020

Re: [PATCH 1/6] MINOR: spoa: allow MAX_FRAME_SIZE override

2020-09-02 Thread Gilchrist DADAGLO 
Thanks Christopher,
Appreciate the fast merge.
Gilchrist

On Tue, Sep 1, 2020, 18:36 Christopher Faulet  wrote:

> Le 24/08/2020 à 21:21, gilchr...@dadaglo.com a écrit :
> > From: Bertrand Jacquin 
> >
> > MAX_FRAME_SIZE is forced to the default value of tune.bufsize, however
> > they don't necessarily have to be tight together.
> > ---
> >   contrib/spoa_server/spoa.h | 3 +++
> >   1 file changed, 3 insertions(+)
> >
> > diff --git a/contrib/spoa_server/spoa.h b/contrib/spoa_server/spoa.h
> > index 8f912e4..8d6d4be 100644
> > --- a/contrib/spoa_server/spoa.h
> > +++ b/contrib/spoa_server/spoa.h
> > @@ -17,7 +17,10 @@
> >   #include 
> >   #include 
> >
> > +#ifndef MAX_FRAME_SIZE
> >   #define MAX_FRAME_SIZE16384
> > +#endif
> > +
> >   #define SPOP_VERSION  "2.0"
> >   #define SPOA_CAPABILITIES ""
> >
> >
>
> All the series applied ! I've relabeled patches as part of
> "contrib/spoa-server"
> and I've mentioned that all fixes must be backported as far as 2.0.
>
> Thanks,
> --
> Christopher Faulet
>