On Fri, Jan 6, 2012 at 5:51 AM, Ram <mobileb...@gmail.com> wrote:
> 20_frontends.rc
> isfrontend
> runas=nobody:nogroup
> ports=443
> protos=https
> domain=https:*.mydomain.com:justa_plain_text_password
> frontend=mydomain.com:443
> fe_certname=mydomain.com
> ca_certs=/etc/pagekite.d/site-cert.pem
You don't need all those settings, many of those are only useful on the back-end
and the uid/gid stuff is configured in the sysv init script. I would recommend
deleting: runas, frontend, fe_certname and ca_certs. Also make sure
all the other
.rc files in /etc/pagekite.d are empty.
So just leave:
isfrontend
ports=443
protos=https
domain=https:*.mydomain.com:justa_plain_text_password
Then restart the service with `service pagekite restart`.
It doesn't actually matter which .rc file those lines go in, but
20_frontends.rc is
probably a good choice.
For testing, you can also just run it from the command-line, like so:
pagekite --clean --isfrontend --ports=443 --protos=https --domain=...
> Also: What should be the configurations for my different backends. Is
> there a way to set the password for the different backends separately
> and authenticate them on my FE?
Sure, you can have multiple domain= lines, without the wildcard and each
with its own password:
domain=https:foo.mydomain.com:foopassword
domain=https:bar.mydomain.com:barpassword
domain=https:baz.mydomain.com:bazpassword
For the backends, you should be able to connect with a command-line like this:
pagekite --clean \
--frontend=mydomain.com:443 \
--backend=https:foo.mydomain.com:localhost:443:foopassword
(The --clean argument just ignores any configuration files, thus
avoiding confusion.)
You can then put those two arguments in ~/.pagekite.rc for running from the
command line, or if you are using the debian package on the back-end and
want things to start up just delete all lines from all the files and
put a single
frontend=... line in 20_frontends.rc and the backend= line in a new file named
443_httpd.rc.
That should be enough to get you up and running. This setup assumes you have
an HTTPS server with its own certificate on localhost:443, and the pagekite
connections themselves will be unencrypted (which shouldn't matter much as you
are only transporting encrypted HTTPS streams).
Getting HTTPS enabled for the pagekite connection itself is a little
more involved, but
if you like we can go over that once you've got the basics working.
--
Bjarni R. Einarsson
Founder, lead developer of PageKite.
Make localhost servers visible to the world: https://pagekite.net/
The pagekite.py as distributed on http://pagekite.net/downloads/ is
not suitable for importing into other python programs. However, if
you either install the .deb/.rpm packages, or check out code from
github (https://github.com/pagekite/PyPagekite), you will get code
that is usable in this way.
Great, congratulations. :-)
> How can I find out which user is using how much bandwidth every day?
> Or add a quota to each user?
The bandwidth usage can be aggregated by parsing the logs.
Quotas are checked as part of the remote-authentication protocol,
which I'm sorry to say hasn't really been documented yet - you'll
have to read the source. This also handles delegation of user
authentication and kite creation to an external system.
See below for more about on this.
> When the daemon restarts, are the connections between
> frontend/backend dropped?
Yes, but the client should reconnect quite quickly.
> Also, if the network (uplink/downlink) seems very slow, how can I
> debug it?
The --debugio flag turns on full debugging for pagekite - it is very verbose.
I am not sure whether it will help or not, if you are having network troubles
then traditional tools should apply.
...
It sounds to me like you are trying to create your own custom version of
the pagekite.net service! Although this is explicitly allowed by our AGPLv3
license, there are limits to how much free support we will provide to our
competitors. ;-)
Please consider getting in touch with us outside the mailing list and buy a
support contract or become an early adopter of the still-in-development
white-label (using your own domain) version of the service. This will
support the ongoing development of PageKite and give you better access
to our unreleased internal systems and experience - both of which should
make your job a whole lot easier.
Hi Bjarni, yesterday in the night I was a bit sleepless playing with your wiki and I published this page: https://pagekite.net/wiki/Howto/DnsBasedAuthentication It's not very technical (I was just trying and figure out how remote authentication works) but maybe it can be helpful for other users?