| 14 Jul 2025 |
 @saiko:knifepoint.net | In reply to @n4ch723hr3r:nope.chat
the main problem seems to be the inability to put it behind a reverse proxy oh. well, that’s mostly a http specific thing | 14:27:54 |
| @saiko:knifepoint.net | In reply to @matthewcroughan:defenestrate.it
Because the only way to run it properly is on port 80/443, if you want a letsencrypt SSL cert, because you can't proxy it no absolutely not | 14:27:58 |
| @saiko:knifepoint.net | I run mumble with a LE cert on its own port | 14:28:04 |
 @n4ch723hr3r:nope.chat | icecast has TLS built into it | 14:28:22 |
| @saiko:knifepoint.net | the certs are not bound to a specific port, so you can give it its own domain, get a cert via http on that domain and then use the cert for the other service | 14:29:18 |
 matthewcroughan @fosdem | with self-signed certs? | 14:30:07 |
| @n4ch723hr3r:nope.chat | that too. you can specify a path to that cert | 14:30:34 |
| @saiko:knifepoint.net | this is what I do for mumble: https://git.dblsaiko.net/systems/tree/configurations/spike/murmur.nix
(sys2x.ssl.acmeCerts just adds an empty nginx virtual host with enableACME=true) | 14:30:53 |
| matthewcroughan @fosdem | Well either way, the player seems to get confused if I reverse proxy | 14:31:01 |
| matthewcroughan @fosdem | since the icecast streams are not http | 14:31:07 |
| @n4ch723hr3r:nope.chat | i've also just read somewhere that the maintainer discourages reverse-proxying | 14:31:36 |
| @saiko:knifepoint.net | how are you reverse-proxying it if it’s not http? | 14:31:37 |
