| 14 Jul 2025 |
 @saiko:knifepoint.net | I run mumble with a LE cert on its own port | 14:28:04 |
 @n4ch723hr3r:nope.chat | icecast has TLS built into it | 14:28:22 |
| @saiko:knifepoint.net | the certs are not bound to a specific port, so you can give it its own domain, get a cert via http on that domain and then use the cert for the other service | 14:29:18 |
 matthewcroughan | with self-signed certs? | 14:30:07 |
| @n4ch723hr3r:nope.chat | that too. you can specify a path to that cert | 14:30:34 |
| @saiko:knifepoint.net | this is what I do for mumble: https://git.dblsaiko.net/systems/tree/configurations/spike/murmur.nix
(sys2x.ssl.acmeCerts just adds an empty nginx virtual host with enableACME=true) | 14:30:53 |
| matthewcroughan | Well either way, the player seems to get confused if I reverse proxy | 14:31:01 |
| matthewcroughan | since the icecast streams are not http | 14:31:07 |
| @n4ch723hr3r:nope.chat | i've also just read somewhere that the maintainer discourages reverse-proxying | 14:31:36 |
| @saiko:knifepoint.net | how are you reverse-proxying it if it’s not http? | 14:31:37 |
| matthewcroughan | It is a combination of http and tcp | 14:31:49 |
| matthewcroughan | I wish I knew how this person set up this | 14:32:19 |
| @n4ch723hr3r:nope.chat | https://gist.github.com/virtadpt/94eb781cba3ec9c56a4f39ef6bf760f3 | 14:32:20 |
| matthewcroughan | https://brainmelter.brockman.news/ | 14:32:20 |
| matthewcroughan | Specifically I'm not, I'm failing | 14:32:40 |
| matthewcroughan | only the html web page on 8000 is working, the stream doesn't | 14:32:51 |
