-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hello all, I was hoping I could get some Hockeypuck SKS peers. I run a
hockeypuck server at "keyserver.maxweiss.io" which was not peering for
the
past several months because I didn't check in on it and didn't know
about the
flood attack.
I have moved it from my old single-server to a self-managed kubernetes
cluster, so the FQDN resolves to four new nodes now. I have also
started
from scratch in order to clean up the bad/flood keys, and I have
implemented
the HAProxy recommendations in front of ports 80,443,11371. 80 and 443
go
through my Traefik reverse proxy before hitting HAProxy, and 80 gets a
301 redirect to https (so it never really hits HAProxy). 11371 bypasses
Traefik and goes directly to HAProxy. 11370 goes through Traefik before
hitting the hockeypuck pod, so that I can add IP whitelisting via
Traefik,
which I currently haven't done, but may in the future if 11370 starts
getting
dos'd or otherwise attacked.
I have loaded a key dump from Sep. 25, so I'm a few weeks out of date,
but
still have ~657k keys loaded.
I am hoping to add as many peers as I can to ensure that I stay
up-to-date,
now that I have HAProxy setup and the ability to whitelist peers on
11370.
Thanks so much!
# Max Weiss <max@maxweiss.io>
# 0xE8B26E04C57C1280F83FAFA0C752F3B9871F2ADF
[hockeypuck.conflux.recon.partner.keyserver_maxweiss_io]
httpAddr="keyserver.maxweiss.io:11371"
reconAddr="keyserver.maxweiss.io:11370"
-----BEGIN PGP SIGNATURE-----
iHUEARYIAB0WIQTosm4ExXwSgPg/r6DHUvO5hx8q3wUCZSROAAAKCRDHUvO5hx8q
38X4AP0ShaWNLM8PqSR/1QWiq7omXZH0ZG+aJwV1LRIEqC3dkwEA57Oxz1N1+MEA
398t5OPnFQDXSnMnOwWJop0LarWZUgc=
=ESO2
-----END PGP SIGNATURE-----