Home of the Squeezebox™ & Transporter® network music players.
Page 2 of 23 FirstFirst 123412 ... LastLast
Results 11 to 20 of 222
  1. #11
    Senior Member
    Join Date
    Feb 2008
    Posts
    4,638
    Failed at first hurdle ....

    This page isn’t working
    xxxx.serveo.net is currently unable to handle this request.

    502 error
    LMS server: Pi Zero

    Amp: Denon PMA-50

    Players/Speakers: Touch, Logitech Radios, Sonos Play 1s & Beam, Libratone Zipp, GGMM E2 & E3, Yamaha WXAD-010, Loewe Airspeaker, Google Home Mini, Pioneer WX-SMA1, Roberts S1, O2 Joggler, Cisco Joggler

    Brexit = ∞ stupidity


    ------------------------------------------------------------------------------------

  2. #12
    Senior Member
    Join Date
    Feb 2011
    Location
    Cheshire, UK
    Posts
    4,066
    Quote Originally Posted by mherger View Post
    > Serveo has the option to use SSH public key authentication but that
    > involves public/private rsa keys which are not a traditional username
    > and password and explains why they are to be left blank.


    It's my understanding that this is not being used to protect access to
    the host, but the connection when using a custom domain of yours.

    IMHO ngrok is kind of a cloud based reverse proxy with additional
    features, whereas serveo is much simpler, but mostly a port forwarding
    service. No added http features besides the https wrapper. But your LMS
    would be as exposed to the internet as if you did forward the port on
    your router.

    --

    Michael
    Serveo
    A portscanner on 9000 wouldn’t find it.
    You’d have to guess the unique part of the serveo host name and know that 443 would expose 9000 but yes it must effectively be open.
    It’s the simplicity and validity of the SSL cert that makes this attractive if a little risky.

    I’ll get myself an SSL cert for my router I think and use it’s in built SSL web proxy
    VB2.4 storage QNAP TS419p (NFS)
    Living Room - Joggler & SB3 -> Onkyo TS606 -> Celestion F20s
    Office - Pi3+Sreen -> Sony TAFE320 -> Celestion F10s / Pi2+DAC & SB3 -> Onkyo CRN755 -> Wharfedale Modus Cubes
    Dining Room -> SB Boom
    Kitchen -> UE Radio (upgraded to SB Radio)
    Bedroom (Bedside) - Pi2+DAC ->ToppingTP21 ->AKG Headphones
    Bedroom (TV) - SB Touch ->Sherwood AVR ->Mordaunt Short M10s
    Everything controlled by iPeng

  3. #13
    Member philchillbill's Avatar
    Join Date
    Jan 2019
    Location
    The Netherlands
    Posts
    79
    Quote Originally Posted by mherger View Post
    > Serveo has the option to use SSH public key authentication but that
    > involves public/private rsa keys which are not a traditional username
    > and password and explains why they are to be left blank.


    It's my understanding that this is not being used to protect access to
    the host, but the connection when using a custom domain of yours.

    IMHO ngrok is kind of a cloud based reverse proxy with additional
    features, whereas serveo is much simpler, but mostly a port forwarding
    service. No added http features besides the https wrapper. But your LMS
    would be as exposed to the internet as if you did forward the port on
    your router.
    I agree. Serveo is the least attractive option, but I added it to the list because people have preferences for ways of doing things and it's yet another way. I have found it to be flaky as far as availability in my testing.

    If I were using serveo myself, I'd always combine it with apache as an extra layer for auth. That way, serveo would handle the 'front-end' of me not having to open a port, not having to do DDNS, not get a cert. And apache would do the 'back end' of forwarding the serveo tunnel through a basic-auth capable local proxy in my network towards LMS as an extra security layer. Rather involved, but hey there's more than one road that leads to Rome.

    In the end, it's only the JSON that's tracing these pathways and not audio-streams, so not a big deal to add a layer.
    Last edited by philchillbill; 2019-09-25 at 12:54.

  4. #14
    Member philchillbill's Avatar
    Join Date
    Jan 2019
    Location
    The Netherlands
    Posts
    79
    Quote Originally Posted by d6jg View Post
    My router - Draytek Vigor - supports SSL Web Proxy with user/pass.
    Https://mypublicipaddress:443 proxies to http://lmsip:9000
    Presumably this would also work?
    Absolutely. If you already have a public IP address and cert (the hard parts) then however you proxy that to lmsip:9000 is largely irrelevant. Apache is there for people who don't have fancy routers like you

  5. #15
    Babelfish's Best Boy mherger's Avatar
    Join Date
    Apr 2005
    Location
    Switzerland
    Posts
    20,310

    [Announce] 'MediaServer' *certified*Alexa skill for LMS

    > Serveo
    > A portscanner on 9000 wouldn’t find it.


    Correct: as you wouldn't get your own IP address, but only a virtual
    host name, a simple IP scanner wouldn't find your LMS. A visitor would
    need to know your host name. That's different from (and quite a bit more
    secure than) simple port forwarding on the router, where an IP scanner
    would find you.

    --

    Michael

  6. #16
    Senior Member
    Join Date
    Feb 2011
    Location
    Cheshire, UK
    Posts
    4,066
    I’ve realised my router also supports LetsEncrypt when coupled with DrayDDNS so I have everything I need to securely try this except an Echo Dot!!
    I have Prime though so it will be here for Friday!
    VB2.4 storage QNAP TS419p (NFS)
    Living Room - Joggler & SB3 -> Onkyo TS606 -> Celestion F20s
    Office - Pi3+Sreen -> Sony TAFE320 -> Celestion F10s / Pi2+DAC & SB3 -> Onkyo CRN755 -> Wharfedale Modus Cubes
    Dining Room -> SB Boom
    Kitchen -> UE Radio (upgraded to SB Radio)
    Bedroom (Bedside) - Pi2+DAC ->ToppingTP21 ->AKG Headphones
    Bedroom (TV) - SB Touch ->Sherwood AVR ->Mordaunt Short M10s
    Everything controlled by iPeng

  7. #17
    Senior Member
    Join Date
    Jan 2010
    Location
    Hertfordshire
    Posts
    3,120
    I installed ngrok on my Pi but when I try to run the command I get
    ngrok: command not found.
    What am I doing wrong?

    Sent from my SM-G900F using Tapatalk

  8. #18
    Senior Member
    Join Date
    Jan 2010
    Location
    Hertfordshire
    Posts
    3,120
    Quote Originally Posted by slartibartfast View Post
    I installed ngrok on my Pi but when I try to run the command I get
    ngrok: command not found.
    What am I doing wrong?

    Sent from my SM-G900F using Tapatalk
    OK the command is
    ./ngrok


    Sent from my SM-G900F using Tapatalk

  9. #19
    Senior Member
    Join Date
    Jan 2010
    Location
    Hertfordshire
    Posts
    3,120
    I succeeded in getting ngrok to run on my pi and also accessed LMS using the URL generated by ngrok via Firefox on my laptop. When I put the same URL into the skill settings adding port 443 I get "No players discovered due to connectivity error" . I am using
    "https://xxxxxxxx.ngrok.io:443"
    I must be making a basic error but I can't see what it is.


    Sent from my SM-G900F using Tapatalk

  10. #20
    Senior Member
    Join Date
    Jan 2010
    Location
    Hertfordshire
    Posts
    3,120
    Quote Originally Posted by slartibartfast View Post
    I succeeded in getting ngrok to run on my pi and also accessed LMS using the URL generated by ngrok via Firefox on my laptop. When I put the same URL into the skill settings adding port 443 I get "No players discovered due to connectivity error" . I am using
    "https://xxxxxxxx.ngrok.io:443"
    I must be making a basic error but I can't see what it is.


    Sent from my SM-G900F using Tapatalk
    Maybe my region is wrong in ngrok. US is reported when I am in the UK. How do In change it and what do I change it to? Thanks in advance. This looks promising.

    Sent from my SM-G900F using Tapatalk

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •