UFW IPTables Port Forwarding to OpenVPN client

Let’s say: Server with public ip 68.100.100.100 (has the OpenVPN server) Backend with a private ip tun0 10.8.0.6 (OpenVPN client connected to the Server’ OpenVPN server) Client with ip 170.170.170.170 (it connects/queries the Server) My OpenVPN server: $ ip addr 1: lo: inet 127.0.0.1/8 scope host lo 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 inet 68.100.100.100/20 brd…

Providing master_ipv4_cidr_block and subnet range using terraform variables in GCP

I have created a private cluster in GCP using terraform modules. As per the documentation here: https://www.terraform.io/docs/providers/google/r/container_cluster.html#master_ipv4_cidr_block, I have configured the private cluster as below: private_cluster_config { enable_private_endpoint = true enable_private_nodes = true master_ipv4_cidr_block = “${cidrsubnet(var.cidr, 28, 1)}” } This cluster is provisioned in a subnet whose CIDR range is 10.15.0.0/16 (var.cidr is set to…

Nginx serve another file when possible

I currently compile my assets with Webpack’s BrotliPlugin, which creates a separate file, brotli-encoded, i.e.: style.css style.cssb Here’s what I want to achieve: Consider the HTML page requests style.css. IF The user sent br into its Accept-Encoding request header AND the corresponding brotli file exists (style.cssb in this case): THEN Serve the corresponding brotli file…

Apache 2.4 SSLClientVerify on top of Vhost, but exclude one URL

I have the following configuration: <VirtualHost *:443> SSLVerifyClient require SSLVerifyDepth 4 <Location /> ####SSLVerifyClient require ####SSLVerifyDepth 4 Require expr %{SSL_CLIENT_I_DN_CN} in {“CLASSE-4″} </Location> <Location ^/myapplication/healthcheck$> SSLVerifyClient none </Location> For a specific reason, I want to keep “SSLVerifyClient require ” on the top of “VirtualHost” and not inside a “location” tag, because there it generate a…