Open Infrastructure

h1. Common operations on IPv4-to-IPv6-Proxy

{{toc}}

*%{color:red}This document only concerns operations by ungleich staff. See [[How to use the IPv4-to-IPv6-Proxy]] page for user documentation.%*

h2. Status

This document is *IN PRODUCTION*. 

h2. HTTP / HTTPS proxying.

* It's configured by cdist, type @__ungleich_haproxy@

* To add a domain, edit manifest/ungleich

** Find *either* ipv6-proxy.place5.ungleich.ch *OR* ipv6-proxy.place6.ungleich.ch

** Verify that the domain has an AAAA entry

** Add the domain using the "--v4proxy DOMAIN" parameter

** Commit in git, push

* Run cdist: (either of them)

** @cdist config ipv6-proxy.place5.ungleich.ch@

** @cdist config ipv6-proxy.place6.ungleich.ch@

h3. Troubleshooting

If the customer domain does not exist (anymore), haproxy will refuse to reload. In this case the customer domain has to be removed and the customer to be notified.

h2. SMTP proxying (experimental)

* Configured by cdist, type @__ungleich_smtp_proxy@.

* To add an entry, edit @manifest/ungleich@.

** Find configuration entry for @ipv6-mx.ungleich.ch@.

** Add @--proxy domain.tld@ entry to the @__ungleich_smtp_proxy@ type. Make sure that @ipv6-mx.ungleich.ch@ is not the primary MX of @domain.tld@:t we will have routing loops if it is the case.

** Commit, push.

* Deploy with @cdist config -v ipv6-mx.ungleich.ch@.

h3. Troubleshooting

Postfix's logs can be found in @/var/log/messages@ on @ipv6-mx.ungleich.ch@.