April 22, 2020

From Gerald R. Lucas
Revision as of 06:00, 24 April 2020 by Grlucas (talk | contribs) (Added link.)

Cox-blocked covid-19: day 40 | US: GA | info | act

For the life of me, I could not figure out why my server could not successfully retrieve an SSL certificate from Let’s Encrypt. I had done it before. My proxy server seemed to be working. I even posted to the LE help forum, and some dude told me that my port 80 was down. What? It had been working fine...then I remembered something...

A quick search, and I confirmed it: Cox blocks port 80 on residential service. Of course they do. Of course their reasons are bull💩; they just want to charge you more for a “business” account when it would take some sysadmin three seconds at a terminal to open the firewall. I know: I should call them before I complain too much, but I can already predict that call would not go well. This is so frustrating and negates the only reason I bought my third Raspberry Pi for a proxy server.

Speaking of servers I don’t need anymore, I finally got my cases for my RP4 and RPZ. I think they looks bad-ass.

Asterisk-trans.png          Asterisk-trans.png          Asterisk-trans.png

I’m kind of a t a loss as what I can do to still run a web server. I joined Cloudflare and got grlucas.com resolving again using port 443. This is only a temporary fix, as my certificate from Let’s Encrypt will run out in a couple of months and I will not be able to renew it. That said, Cloudflare is a very nice service, and I’m looking forward to learning more about its capabilities.

In looking around, I came across this thread on r/homelab which gave me some hope. I contacted the OP, but he was not much help, so I’ll have to figure it out myself. He did mention getting a VPS and setting up a reverse proxy on that. I might be able to do something similar. In the mean time, I’m thinking about trying to set up Caddy, as it is able to get certificates via SSL.

I guess I should be excited as this arbitrary Cox-block has made me experiment. I’m just glad nothing I set up already was mission-critical. I should know better, right?