Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
how to set up a slave controller?
#11
Thank you Gerard. Good advice.



@Paul,

I did not intend to suggest that you log in as Root.

I do that in my particular software development environment for various reasons but it is not recommended as a general practice.


Dan
<p><br></p>
Reply
#12
(2021 Jul 23, 03:04 PM)astrogerard Wrote: Running programs as a non-root user is a (very) good practice. But a non privileged user is by default not allowed to start a socket on the lower ports like 80 or 443. Another good practice is to run a non privileged program on a higher port (e.g. 8080) and use a rev proxy (HAproxy, Squid, Apache2, NGinx etc.) for (SSL/TLS) offloading and adding a little more security.

--Gerard

Thank you Gerard.

Your answer clears my puzzle about socket restriction for non-root user.  

I will also look into SSL/TLS layer protocol for pi.  I tried a few months ago to run an SSL micro-webserver on esp32 via micro-python but unfortunately micro-python requires a non-free version of SSL certificates.  A reversed proxy is beyond the computing power of esp32.  I am curious to know if I may have better luck with the pi.  I will search the topic in this forum.

Paul

(2021 Jul 23, 06:15 PM)dan Wrote: Thank you Gerard. Good advice.



@Paul,

I did not intend to suggest that you log in as Root.

I do that in my particular software development environment for various reasons but it is not recommended as a general practice.


Dan
Hi Dan,

Thank you for your help.  Thank you also for putting together this software.  It's a joy to work with.

Paul
Reply
#13
About the proxy there is a topic on this. I posted (partially) my working HAProxy config. See: this 

--Gerard
Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)