SSL Support??

[StZ]

Hi,

is it possible work with xbtt using ssl ??

for example now my announce url is http://announce.domain.tld:2710/ but exist any chance to work with https://announce.domain.tld ??

Regards

[Olaf van der Spek]

Yes, by setting up a (web) proxy to handle the SSL part.

> --
> You received this message because you are subscribed to the Google Groups
> "XBT Tracker" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to xbt-tracker...@googlegroups.com.
> For more options, visit https://groups.google.com/groups/opt_out.



--
Olaf

[StZ]

Something like this (nginx), but xbtt can handle the real client ip?? for example with nginx i need to set the parameter "set_real_ip_from proxy_server_ip" to get the client ip and not the proxy ip in the main server.


 listen       announce.domain.tld:2710 ssl default_server;

        location / {
                proxy_pass      http://announce.domain.tld:2810/;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

[Olaf van der Spek]

Yes, if you append it like &ip=x.x.x.x

[StZ]

after try with nginx and haproxy i cant get the real ip of the user with xbtt, i alway get the ip of the proxy server.

by default the torrents client dont sent the value "&ip=" , and that its the problem .

Do you have any information of a working environment with xbtt behind a http proxy??

Or is it possible have xbtt working in two different servers using the same database???

My goal is try to implement a loadbalanced/faultolerance scenario for xbtt.

Thanks

[Olaf van der Spek]

On Wed, Nov 13, 2013 at 8:55 PM, StZ <dmt...@gmail.com> wrote:
> after try with nginx and haproxy i cant get the real ip of the user with
> xbtt, i alway get the ip of the proxy server.
>
> by default the torrents client dont sent the value "&ip=" , and that its the
> problem .

You have to add it yourself and the tracker has to run on the same
server as the proxy. Or you have to alter the tracker code.

> Do you have any information of a working environment with xbtt behind a http
> proxy??
>
> Or is it possible have xbtt working in two different servers using the same
> database???

That's not possible, but you could have two databases / tables.

> My goal is try to implement a loadbalanced/faultolerance scenario for xbtt.

Why?

[StZ]

Why??

I dont expose the real server of my tracker to internet, i work with multiple VPS  configured as reverse proxy in different regions and the users are pointed to the near server based on their dns servers using geodns, if you live in latin america the ip of my website will be in latinamerica , the same for europe and north america, and with the nginx caching the site always will work fast.

Something like a little version of cloudflare, thinking in the same model if one of the servers have problems i can route all the traffic to another point.

The unique single point of failure is the real server, but if someone send a dmca to one of our vps providers with one little change the website will be up in minutes and the affected users will be only one geolocation and the files/database are protected.

but with xbtt i cant setup this model, a now i'm working with 1 vps and a vpn tunnel to access to the database in the real location of the servers, but with a problem with the vps provider all the users are affected , the reposition of the service is slow based on the need of a new vps and setup it to work.

a question, are you interested in develop the support for reverse http proxy in xbtt??

i know about some "specials commercial mods" for xbtt , this can be one more :D

Sorry my English

[Olaf van der Spek]

On Thu, Nov 14, 2013 at 3:26 AM, StZ <dmt...@gmail.com> wrote:
> Something like a little version of cloudflare, thinking in the same model if
> one of the servers have problems i can route all the traffic to another
> point.

That's very nice!

> but with xbtt i cant setup this model, a now i'm working with 1 vps and a
> vpn tunnel to access to the database in the real location of the servers,
> but with a problem with the vps provider all the users are affected , the
> reposition of the service is slow based on the need of a new vps and setup
> it to work.

You could setup hot-spares on one (or all) of your existing frontends proxies.

> a question, are you interested in develop the support for reverse http proxy
> in xbtt??

Sure, what's the budget?

Olaf

[Jack Dashwood]

Can I assume, based on this topic, that XBTT will not work with Cloudflare?

[Olaf van der Spek]

On Thu, Jan 15, 2015 at 4:09 PM, Jack Dashwood
<blubitsc...@gmail.com> wrote:
> Can I assume, based on this topic, that XBTT will not work with Cloudflare?

Not without extra code to extract the real IP from the headers CF adds.

[Gianluca Giuman]

Hi Olaf.

You resell the xbt modification for the ipb forum ?

[Olaf van der Spek]

Hi,

I don't have a mod for IPB..

> --
> You received this message because you are subscribed to the Google Groups
> "XBT Tracker" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to xbt-tracker...@googlegroups.com.

> For more options, visit https://groups.google.com/d/optout.



--
Olaf

[Stephan]

Hi Olaf,

do you have some advices to implement the "CF-Connecting-IP" on xbtt? I've searched but I didn't find something similar that I can implement.

Thanks

[Olaf van der Spek]

Yes, I do. What does it pay? :p

server {
set_real_ip_from 199.27.128.0/21;
real_ip_header CF-Connecting-IP;

location / {
rewrite ^(.*)$ $1?ip=$remote_addr break;
proxy_pass http://127.0.0.1:2710;

[Stephan]

Thanks Olaf,

so you use nginx like proxy for xbtt too. I thought that you implemented this directly on the xbtt code.

Do you think that there would be some connectivity or performance issue on that or not?

Another question. If someone change the announce url to http://ip:2710/passkey/announce?ip=1.1.1.1 the tracker use 1.1.1.1 like peer's ip?

And what's happen if someone use this announce url: http://ip:2710/passkey/announce?ip=1.1.1.1 and the nginx will add http://ip:2710/passkey/announce?ip=1.1.1.1?ip=2.2.2.2 where 2.2.2.2 is the real client ip?

Thanks in advance Olaf for your time and knowledge.

[Olaf van der Spek]

2015-07-21 20:58 GMT+02:00 Stephan <john....@gmail.com>:
> Thanks Olaf,
> so you use nginx like proxy for xbtt too. I thought that you implemented
> this directly on the xbtt code.

That's possible too, but using nginx allows you to use SSL as well.

> Do you think that there would be some connectivity or performance issue on
> that or not?

No

> Another question. If someone change the announce url to
> http://ip:2710/passkey/announce?ip=1.1.1.1 the tracker use 1.1.1.1 like
> peer's ip?

No, ip= only accepted from localhost and private IPs.

> And what's happen if someone use this announce url:
> http://ip:2710/passkey/announce?ip=1.1.1.1 and the nginx will add
> http://ip:2710/passkey/announce?ip=1.1.1.1?ip=2.2.2.2 where 2.2.2.2 is the
> real client ip?

Good one.. Not sure, you should try it. ;)

[Stephan]

Thanks for you info Olaf.

A little note. 

If you use Cloudflare you cannot use :2710 public port, it's not supported by cloudflare, you have to create a subdomain not filtered on Cloudflare DNS zone, or use port 80/443 and rewrite the announce url with nginx.