You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Deploy Tempesta FW as of ee2d801 master in a 2 CPU VM with config:
listen 80;
listen 443 proto=h2;
cache 2;
cache_fulfill * *;
cache_methods GET HEAD;
cache_purge;
# Allow purging from the containers (upstream), localhost (VM) and the host.
cache_purge_acl 192.168.100.1 10.245.18.154 127.0.0.1;
access_log on;
frang_limits {
request_rate 200;
http_method_override_allowed true;
http_methods post put get;
}
block_action attack reply;
block_action error reply;
# Make WordPress to work over TLS.
# See https://tempesta-tech.com/knowledge-base/WordPress-tips-and-tricks/
req_hdr_add X-Forwarded-Proto "https";
resp_hdr_set Strict-Transport-Security "max-age=31536000; includeSubDomains";
tls_certificate /etc/tempesta/tfw-root.crt;
tls_certificate_key /etc/tempesta/tfw-root.key;
srv_group production {
server 10.245.18.154 conns_n=2;
}
srv_group staging {
server 10.245.18.235 conns_n=2;
}
vhost tempesta-tech.com {
proxy_pass production;
}
vhost staging.tempesta-tech.com {
req_hdr_set host "tempesta-tech.com";
proxy_pass staging;
}
http_chain {
# Redirect old URLs from the old static website
uri == "/index" -> 301 = /;
uri == "/development-services" -> 301 = /network-security-performance-analysis;
# Proably outdated redirects
uri == "/index.html" -> 301 = /;
uri == "/services" -> 301 = /development-services;
uri == "/services.html" -> 301 = /development-services;
uri == "/c++-services" -> 301 = /development-services;
uri == "/company.html" -> 301 = /company;
uri == "/blog/fast-programming-languages-c-c++-rust-assembly" -> 301 = /blog/fast-programming-languages-c-cpp-rust-assembly;
host == staging.tempesta-tech.com -> staging.tempesta-tech.com;
host == "tempesta-tech.com" -> tempesta-tech.com;
}
and self-signed SAN (tempesta-tech.com and staging.tempesta-tech.com) nist256 EC certificate. Build Tempesta FW with DBG_HTTP=1 DBG_HTTP_PARSER=1 make clean all. Redirect local DNS for tempesta-tech.com and staging.tempesta-tech.com to the VM. Execute curl on the host system:
$ curl -Lvk --output /dev/null http://staging.tempesta-tech.com/
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 192.168.100.4:80...
* Connected to staging.tempesta-tech.com (192.168.100.4) port 80 (#0)
> GET / HTTP/1.1
> Host: staging.tempesta-tech.com
> User-Agent: curl/7.81.0
> Accept: */*
>
0 0 0 0 0 0 0 0 --:--:-- 0:00:01 --:--:-- 0* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Date: Mon, 19 Feb 2024 22:16:45 GMT
< X-Redirect-By: WordPress
< Location: https://tempesta-tech.com/
< Content-Length: 0
< Content-Type: text/html; charset=UTF-8
< via: 1.1 tempesta_fw (Tempesta FW 0.7.0)
< strict-transport-security: max-age=31536000; includeSubDomains
< Server: Tempesta FW/0.7.0
<
0 0 0 0 0 0 0 0 --:--:-- 0:00:02 --:--:-- 0
* Connection #0 to host staging.tempesta-tech.com left intact
* Clear auth, redirects to port from 80 to 443
* Issue another request to this URL: 'https://tempesta-tech.com/'
* Trying 191.168.100.4:443...
0 0 0 0 0 0 0 0 --:--:-- 0:02:12 --:--:-- 0* connect to 191.168.100.4 port 443 failed: Connection timed out
* Failed to connect to tempesta-tech.com port 443 after 130457 ms: Connection timed out
0 0 0 0 0 0 0 0 --:--:-- 0:02:12 --:--:-- 0
* Closing connection 1
curl: (28) Failed to connect to tempesta-tech.com port 443 after 130457 ms: Connection timed out
Scenario
Deploy production (10.245.18.154) and staging (10.245.18.235) container (the 2nd production container isn't used) with the WP website (see https://github.com/tempesta-tech/tempesta-tech.com/pull/85) on a host system:
Deploy Tempesta FW as of ee2d801 master in a 2 CPU VM with config:
and self-signed SAN (tempesta-tech.com and staging.tempesta-tech.com) nist256 EC certificate. Build Tempesta FW with
DBG_HTTP=1 DBG_HTTP_PARSER=1 make clean all
. Redirect local DNS for tempesta-tech.com and staging.tempesta-tech.com to the VM. Execute curl on the host system:Warning
With the curl command above I got this warning
This is
in
tfw_cache_copy_resp()
.I saw the warning only once.
The text was updated successfully, but these errors were encountered: