Currently browsing: Networks

Cloudflare free tier for home use

A good practice if you expose something from your local network to internet is to go through service like Cloudflare, so you get extra protection. This way you are not going to expose your public API neither.

I have registered a new domain that will be used for the services exposed with Google Domains. Keep in mind that you can register directly with Cloudflare, but I already have domains with Google and this is why registered it there. I just …

Read more

Expanding RAID 1 pool size on Synology NAS by adding more disks

I just received my first Synology NAS (so far I have used asustor) and decided to set it up. Since so far I got only two disks 18TB each I am sure will be enough for now. The idea was to configure them in Synology Hybrid RAID (SHR) and to add more to the same pool when needed.

First I want to say that the 18TB drives are still not officially supported by Synology, but I saw some websites selling …

Read more

Fix Unable to unprotect the message.State. exception on Identity Server redirect

After fixing the 502 Bad Gateway issue I hit another one.

Here is the exception I have from the logs

HTTP POST /signin-oidc responded 500 in 77.6515 ms

System.Exception: An error was encountered while handling the remote login. —> System.Exception: Unable to unprotect the message.State. — End of inner exception stack trace — at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Serilog.AspNetCore.RequestLoggingMiddleware.Invoke(HttpContext httpContext) at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

As mentioned in the previous post – when I run from Visual …

Read more

Solve identity server signin-oidc 502 Bad Gateway error

It was time to run the Identity Server 4 with the rest of the microservices in the Kubernetes cluster on a dedicated machine. I am running single node cluster, since this is not production, but just one of my pet projects and it is running locally. Still, it is going through one more Nginx (on top of the Kubernetes ingress) used to expose over the internet and create the certificates through Let’s Encrypt.

When I run the Identity Server 4 …

Read more

Nginx Proxy Manager and Let’s Encrypt certificates


In my previous for Nginx and Nginx Proxy Manager (NPM), I wrote on how to install NPM, but didn’t configure any certificates.

Out of the box Nginx Proxy Manager supports Let’s Encrypt SSL auto creation and renewal.

There is one limitation – you can create certificates only for specific domains/subdomains directly. If you want to create wildcard certificate you will need to use DNS Challenge.

What does that mean? You need to use some DNS server that allows API …

Read more

NginX as a reverse proxy with Nginx Proxy Manager

Lately I have started playing with Kubernetes and wanted to expose some of the locally hosted services on internet. The situation is that I want to expose multiple clusters running on separate machines through the same IP address and port. Checking around it seems nginx is the the best option. Keep in mind that even you want to expose just one service it is still good idea to do it through nginx.

I have installed Ubuntu 20.04.3 on Raspberry Pi …

Read more