Re: [Sks-devel] Proxy config issue and question

[Phil Pennock]

On 2013-08-20 at 13:30 -0400, James Cloos wrote:
> >>>>> "PP" == Phil Pennock <address@hidden> writes:
> PP> Use:
> PP>   https://bitbucket.org/skskeyserver/sks-keyserver/wiki/Peering#!nginx
> 
> Too bad that isn't what shows up when searching for example configs.

Write a blog post and link to it, help improve the reputation of the
wiki site so that search engines rank it more highly.  :)

There's not much else we can do, besides put correct information out
there.

> I'm sure I'm not the only one who used goog as a reminder and ended up
> with a config like the one I quoted.

People are wrong on the Internet.  It happens.

> It would be better were the proxy able to listen(2) on 0.0.0.0 a/o ::.

Depending upon your setup, you very possibly can.  On Unix systems with
a BSD sockets API (which is "all of the Unices that are left", I think),
a specific binding takes precedence over an INADDR_ANY binding.

Debugging that and helping people through just leads to more confusion,
as we then have to talk about layers of binding and more specific
binding, and debug server software which sees INADDR_ANY and iterates
the interfaces, binding to each IP in turn to prevent this masking
behaviour (as some security-conscious software does).

So instead, the example configurations keep things as simple as
possible, both for "simple to set up" and "simple to debug".

Once you have a working configuration, which you can revert back to if
things go wrong, you can of course experiment with "better"
configurations for your setup.

-Phil