Ltning

@ltning@weirdr.net

He/him. This is one of my alter egos in the retro world. Read about this instance on front page. My goal is to be able to post here from a 286* running DOS. Might be a while..

and enthusiast with a craving for retro (mostly PC) hardware. Four kids and a wonderful patchwork family.

*Speaking of 286es: http://floppy.museum/

11 following 17 followers

6 ★ 5 ↺

Ltning »
@ltning@weirdr.net

Damn I like the whole css-or-bust approach to styling that has. I mean I know many (most?) others do a bit of the same but this is just delightful.

So..TLS aside, what is the most lightweight reverse proxy I can use instead of nginx in front of this thing? You know, in case I would like to move the instance from this beefy PPro to, say, a or a Wii running ? :)


...
Older...

Funky Bob »
@FunkyBob@chaos.social

@ltning worth looking into: OpenBSDs httpd, and h2o

...
0 ★ 0 ↺

Ltning »
@ltning@weirdr.net

I'm on NetBSD and at least pkgin knows nothing about OpenBSD's httpd (I think)..
Do you have any idea of the memory footprint of h2o when doing TLS and proxying?

kbity... »
@cybertailor@wetdry.world

@ltning httpd and relayd can come with base system in case of BSDs

...
0 ★ 0 ↺

Ltning »
@ltning@weirdr.net

Sadly not on NetBSD though :)

theothertom »
@tom@epsom.social

@ltning I used Apache HTTPd, with many modules ripped out as a reverse proxy for Snac on a machine with 32MB of RAM if that helps.
Something I was able to do with Apache that turned out to be helpful was limiting the connections to Snac itself to 1 - meant that the storm of hits from other servers allowed some requests to work, rather than mostly failing.
If curious: people.cobaltqu.be/~theotherto

...

theothertom »
@tom@epsom.social

@ltning oh, and as an aside - I found Snac just about usable on a 450MHz K6-II with 32MB of RAM. Extrapolating backwards makes me think you would need quite a lot of patience to use it on a 486 :D

...
0 ★ 0 ↺

Ltning »
@ltning@weirdr.net

I'm thinking of running it on a 120/133MHz AMD 5x86 or something like that. It should (at least) have 64MB RAM, possibly 128 if I can get it to cache the whole range.

A bigger challenge will be the Nintendo WII - it has, I believe, 24MB or something like that? But at least the CPU should be vastly superior to any 486..

...

theothertom »
@tom@epsom.social

@ltning 24MB is tight, though you might be able to do it if you use something else as a proxy in front on Snac.
Something else that might not be immediately obvious too - lots of 32-bit builds target i686 these days, at least for Linux. The only Linux distro I could find that targets i586 with recent releases was Slackware - dunno what the situation is for NetBSD though.

...
1 ★ 0 ↺

Ltning »
@ltning@weirdr.net

@tom@epsom.social fully expect I have to build a bunch of stuff myself. Including netbsd. But I expect snac to build nicely and not require any special gymnastics. :)

0 ★ 0 ↺

Ltning »
@ltning@weirdr.net

How much memory does Apache use then? It sounds like unnecessary bloat even with modules disabled. But maybe that's just me still clinging to 20+ year old impressions of Apache being bloated by definition.

Do you do TLS in Apache too? On a K6-II?

...

theothertom »
@tom@epsom.social

@ltning I've managed to add more memory since I first installed the system, so it's not quite as tight as it was (and now there's meaningful disk cache, which seems to help loads).
Looking at the stats on it, snac is using 13.5MB (resident), Apache is using 10.5MB.
I think the perception of Apache as a resource hog may have come from the "prefork" MPM there's other, lighter MPMs you can use instead.
Yeah - it's doing TLS in apache. social.cobaltqu.be/theothertom if you want a sense of how quick it is.

Screenshot of htop, showing the resource usage on a snac server. The relevant parts are mentioned in the body of the original message.

Alt...Screenshot of htop, showing the resource usage on a snac server. The relevant parts are mentioned in the body of the original message.

...
0 ★ 0 ↺

Ltning »
@ltning@weirdr.net

@tom@epsom.social Mind sharing the tls config? Key lengths, curves, ciphers and protocols?

...

theothertom »
@tom@epsom.social

@ltning Sure. I've got this, which I'm pretty sure is just the defaults from the distro package (at least, I don't remember tuning it):
SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
SSLHonorCipherOrder on
SSLProtocol all -SSLv3
SSLProxyProtocol all -SSLv3
SSLPassPhraseDialog builtin
SSLSessionCache "shmcb:/var/run/ssl_scache(512000)"
SSLSessionCacheTimeout 300

History

about this site - powered by snac