in /etc/updater/conf.d/user.lua and rename the file /etc/lighttpd/conf.d/ssl-enable.conf (e.g. to /etc/lighttpd/conf.d/ssl-enable.conf-renamed).
Can you please tell us which [quote=“cynerd, post:12, topic:5880”]
websocket servers for foris depends on it
[/quote]
? Because from what I tested there is no single foris functionality that doesn’t work after renaming the file. Concluding this there is no need to have port 443 for foris.
I was telling you what is in packages dependencies. I am not saying that is something I know why that is, @shenek maintains those packages. I asked him and he told me that there is a reason because there is something in websocket rfc that can be interpreted as that it can possibly rely on 443 port and for example Google Chrome seems to have plans to force secure websockets only. But I don’t know and they seems to be arguing about how that implementation will be and what it really means. In reality nothing breaks now but it might break with some future versions of web browsers.
(Maybe @shenek will tell you more but I have doubts)
Just small note, but please don’t suggest this “solution” to anyone. There is cleaner way without breaking packages and your solution will work for some time until after for example a year we bump lighttpd-https-cert package and you will end up with broken router because you forgot that you did that and you will be complaining here on forum again. I told you how you should do it, split dns is a way to go and is common industry standard.
Thanks for your answer, but I do not take being forced to use port 443 as a solution. And, yes - what I mention is not a solution but only a workaround which I am also being forced to use
And thanks for heads up, I will mark this workaround in my configuration documentation - I did a full documentation on what I’ve configured why and how to be later on exactly able to retrace what I did (not only for TO but for all other servers I’ve setup so far).
And I really hope I will never be forced to use chrome (even if I know that there might be an end to firefox…)!
No, solution suggested it self. Because foris requires given package and if you don’t want that package then you can’t use foris (unless foris developer decides that it is not needed). So solution for you is clear. Don’t use foris. But of course then we won’t support you (don’t take that wrong way, foris just contains all our debugging tools).
My Omnia is still reporting traffic data to project.turris.cz but no SSH.
And on the HaaS site I can find my Turris ID but I have 0 sessions and there’s nothing to see.
