tidy up: fixes and bsd extaction

1 files changed, 58 insertions, 0 deletions

diff --git a/content/bsd/relayd-custom-webserver.md b/content/bsd/relayd-custom-webserver.md
new file mode 100644
index 0000000..a361fc2
--- /dev/null
+++ b/content/bsd/relayd-custom-webserver.md
@@ -0,0 +1,58 @@
+---
+title: "forwarding requests from Relayd to custom webserver"
+category: 
+- bsd
+abstract: How to forward requests to a webserver?
+date: 2023-07-19T12:27:54+02:00
+year: 
+draft: false
+tags:
+---
+One thing that OpenBSD doesn't provide (yet?) is an HTTP proxy. I use [Plausible](https://plausible.io/)[^nope] for basic visitor analytics [^privacy] here, and one of the cool things you can do is to break all adblockers via serving Plausible from my own domain[^adblock]
+[^privacy]: Yes, I want to know what people are reading! For details, refer to my [two sence long privacy policy](https://michal.sapka.me/about/#privacy-policy).
+[^nope]: [this is no longer the case](https://michal.sapka.me/site/updates/2023/removed-plausible/)
+[^adblock]: yes, it's a dick move. But my reasoning was simple: Plausible gathers so little information that the harm is almost nonexistent, and I really want to know what people are reading.
+
+After two evenings of failed attempts, I reminded myself that I am a programmer, and I wrote one myself. You can find it on my [VCS page](https://vcs.sapka.me/plaprox/). It was a great learning exercise and  a chance to touch Golang[^ruby] for the first time.
+[^ruby]: I am a Ruby developer by trade and heart, but I will try anything that is not an IDE-driven language. LSP for Java/Scala is still a joke, and I refuse to pollute my system with Intellij. [Go](https://go.dev/), on the other hand, is a modern language designed for humans. I am not good at it, but I am infinitetly[^infinit] better than a week ago. 
+[^infinit]: Any positive number would be infinite progress compared to zero, or as an old wise man once said: "to have a nickel and to not a nickel is already two nickles".
+
+Assuming you have it running (it works on my machine!), let's adjust our relayd(8). Plaprox listens on port 9090, and we want to relay all requests to `/js/script.js` there.
+
+Let's add it to our relays in `relayd.conf`:
+
+{{<highlight shell "linenos=inline">}}
+table <plausibleproxyd> { 127.0.0.1 }
+
+http protocol "https" {
+    
+   # all our previous content omitted
+
+    match request quick path "/js/script.js"  forward to <plausibleproxyd>
+    match request quick path "/api/event"  forward to <plausibleproxyd>
+}
+
+
+relay "https" {
+    listen on 0.0.0.0 port 443 tls
+    protocol https
+    forward to <httpd> port 8080
+    forward to <plausibleproxyd> port 9090
+}
+relay "https6" {
+    listen on :: port 443 tls
+    protocol https
+    forward to <httpd> port 8080
+    forward to <plausibleproxyd> port 9090
+}
+{{</highlight>}}
+
+You can also move the port number to a table.
+
+Remember that in Relayd(8) last one wins. We already have a match for the domain and added another matcher for the path. The request will be forwarded to the last marching matcher - so we put our new matchers at the end of the protocol definition.
+
+## Updates
+
+2023-07-28: remove wrong information abot PF.  
+2023-07-30: fix invalid cron format
+2023-12-12: extracted to a dedicated article