commit 5c24376883946e376171ab9a2292fab4573e5e42
parent 2a74710c55d4f6a7ff242d364f5a3e863c1c0de7
author: nathanael <nathanael@dalliard.ch>
date: Mon, 19 Jan 2026 11:47:34 +0000
s2: rm mollysocket
diffstat:
3 files changed, 1 insertion(+), 7 deletions(-)
diff --git a/s2/packages b/s2/packages
@@ -2,4 +2,3 @@ git--
got--
gotd--
hugo--
-mollysocket--
diff --git a/s2/sysfiles/acme-client.conf b/s2/sysfiles/acme-client.conf
@@ -5,7 +5,6 @@ authority letsencrypt {
domain s2.dalliard.ch {
alternative names {
src.dalliard.ch
- ms.dalliard.ch
}
domain key "/etc/ssl/private/s2.dalliard.ch.key"
domain full chain certificate "/etc/ssl/s2.dalliard.ch.crt"
diff --git a/s2/sysfiles/relayd.conf b/s2/sysfiles/relayd.conf
@@ -1,7 +1,6 @@
ipv4="152.53.196.107"
ipv6="2a03:4000:0:170d::1"
table <httpd> { 127.0.0.1 }
-table <molly> { 127.0.0.1 }
http protocol https {
tls { no tlsv1.0, tlsv1.1, ciphers "ECDHE+AESGCM:ECDHE+CHACHA20:!aNULL:!MD5:!DSS" }
tls keypair "s2.dalliard.ch"
@@ -16,23 +15,20 @@ http protocol https {
match response header set "X-Frame-Options" value "deny"
match response header set "Referrer-Policy" value "no-referrer"
match response header set "Content-Security-Policy" value \
- "default-src 'self'; base-uri 'none'; img-src 'self' data:; form-action 'none'; frame-ancestors 'none'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'"
+ "default-src 'self'; base-uri 'none'; img-src 'self' data:; form-action 'none'; frame-ancestors 'none'"
match request path "/*.css" tag "static"
match response tagged "static" header set "Cache-Control" value "public, max-age=31536000, immutable"
- pass request quick header "Host" value "ms.dalliard.ch" forward to <molly>
pass request forward to <httpd>
}
relay wwwtls4 {
listen on $ipv4 port https tls
protocol https
forward to <httpd> port https
- forward to <molly> port 8020
}
relay wwwtls6 {
listen on $ipv6 port https tls
protocol https
forward to <httpd> port https
- forward to <molly> port 8020
}
