@stefano I've never run Varnish. It seems weird to me that it doesn't speak https.
What about speaking to another nginx/relayd reverse proxy that does speak https to the backend?
Top-level
@stefano I've never run Varnish. It seems weird to me that it doesn't speak https. What about speaking to another nginx/relayd reverse proxy that does speak https to the backend? 7 comments
@stefano@mastodon.bsd.cafe @release_candidate@mastodon.bsd.cafe Well, Varnish does not do TLS termination like NGINX does. You can run Varnish & NGINX side by side (varnish handling the caching portions, nginx handling the tls termination) although that can be complicated and with little gain depending on what you're doing. @ricardo @release_candidate openvpn, tinc, zerotier. @stefano Aye, I remember that tinc used to work out of the box on pfSense @ricardo @release_candidate I've been using it for many years both on Linux and FreeBSD @ricardo @release_candidate I still have some tinc networks in production and they just work (but in a launch loop as they crash from time to time) |
@release_candidate sure, it can be done. But I prefer to tunnel via wireguard instead of adding another reverse proxy