Deploying an IPv6 Test Service on Kubernetes

From ee75979b5d94ae18f930ff91e5b2d51cd554b60d Mon Sep 17 00:00:00 2001 From: Paul Buetow Date: Mon, 9 Mar 2026 22:45:54 +0200 Subject: Update content for html --- gemfeed/DRAFT-ipv6test-deployment.html | 143 ++++++++++++++++----------------- 1 file changed, 69 insertions(+), 74 deletions(-) (limited to 'gemfeed/DRAFT-ipv6test-deployment.html') diff --git a/gemfeed/DRAFT-ipv6test-deployment.html b/gemfeed/DRAFT-ipv6test-deployment.html index a858bf63..9bc33ffb 100644 --- a/gemfeed/DRAFT-ipv6test-deployment.html +++ b/gemfeed/DRAFT-ipv6test-deployment.html @@ -2,17 +2,12 @@ - Deploying an IPv6 Test Service on Kubernetes -

@@ -48,15 +43,15 @@ Client → relayd (OpenBSD) → Traefik (k3s) → Apache + CGI (Pod) by Lorenzo Bettini http://www.lorenzobettini.it http://www.gnu.org/software/src-highlite --> -

#!/usr/bin/perl
-use strict;
-use warnings;
+#!/usr/bin/perl
+use strict;
+use warnings;
 
-print "Content-type: text/html\n\n";
+print "Content-type: text/html\n\n";
 
-my $is_ipv4 = ($ENV{REMOTE_ADDR} =~ /(?:\d+\.){3}\d/);
-print "You are using: " . ($is_ipv4 ? "IPv4" : "IPv6") . "\n";
-print "Client address: $ENV{REMOTE_ADDR}\n";
+my $is_ipv4 = ($ENV{REMOTE_ADDR} =~ /(?:\d+\.){3}\d/);
+print "You are using: " . ($is_ipv4 ? "IPv4" : "IPv6") . "\n";
+print "Client address: $ENV{REMOTE_ADDR}\n";
 
 

 Docker Image


@@ -153,17 +148,17 @@ http protocol "https" {
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-<% for my $host (@$f3s_hosts) {
-     my $is_ipv6_only = $host =~ /^ipv6\./;
-     my $is_ipv4_only = $host =~ /^ipv4\./;
--%>
-<% unless ($is_ipv6_only) { -%>
-<%= $host %>.         300 IN A <%= $ips->{current_master}{ipv4} %>
-<% } -%>
-<% unless ($is_ipv4_only) { -%>
-<%= $host %>.         300 IN AAAA <%= $ips->{current_master}{ipv6} %>
-<% } -%>
-<% } -%>
+<% for my $host (@$f3s_hosts) {
+     my $is_ipv6_only = $host =~ /^ipv6\./;
+     my $is_ipv4_only = $host =~ /^ipv4\./;
+-%>
+<% unless ($is_ipv6_only) { -%>
+<%= $host %>.         300 IN A <%= $ips->{current_master}{ipv4} %>
+<% } -%>
+<% unless ($is_ipv4_only) { -%>
+<%= $host %>.         300 IN AAAA <%= $ips->{current_master}{ipv6} %>
+<% } -%>
+<% } -%>
 
 

 This ensures:

@@ -184,22 +179,22 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-<% for my $host (@$acme_hosts) {
-     # Skip ipv4/ipv6 subdomains - they're included as SANs in parent cert
-     next if $host =~ /^(ipv4|ipv6)\./;
--%>
-<%   my @alt_names = ("www.$host");
-     for my $sub_host (@$acme_hosts) {
-         if ($sub_host =~ /^(ipv4|ipv6)\.\Q$host\E$/) {
-             push @alt_names, $sub_host;
-         }
-     }
--%>
-domain <%= $host %> {
-    alternative names { <%= join(' ', @alt_names) %> }
-    ...
-}
-<% } -%>
+<% for my $host (@$acme_hosts) {
+     # Skip ipv4/ipv6 subdomains - they're included as SANs in parent cert
+     next if $host =~ /^(ipv4|ipv6)\./;
+-%>
+<%   my @alt_names = ("www.$host");
+     for my $sub_host (@$acme_hosts) {
+         if ($sub_host =~ /^(ipv4|ipv6)\.\Q$host\E$/) {
+             push @alt_names, $sub_host;
+         }
+     }
+-%>
+domain <%= $host %> {
+    alternative names { <%= join(' ', @alt_names) %> }
+    ...
+}
+<% } -%>
 
 

 This generates a single certificate for ipv6test.f3s.buetow.org that includes:

@@ -216,19 +211,19 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-our @f3s_hosts = qw/
-    ...
-    ipv6test.f3s.buetow.org
-    ipv4.ipv6test.f3s.buetow.org
-    ipv6.ipv6test.f3s.buetow.org
-/;
+our @f3s_hosts = qw/
+    ...
+    ipv6test.f3s.buetow.org
+    ipv4.ipv6test.f3s.buetow.org
+    ipv6.ipv6test.f3s.buetow.org
+/;
 
-our @acme_hosts = qw/
-    ...
-    ipv6test.f3s.buetow.org
-    ipv4.ipv6test.f3s.buetow.org
-    ipv6.ipv6test.f3s.buetow.org
-/;
+our @acme_hosts = qw/
+    ...
+    ipv6test.f3s.buetow.org
+    ipv4.ipv6test.f3s.buetow.org
+    ipv6.ipv6test.f3s.buetow.org
+/;
 
 

 Running rex nsd httpd acme acme_invoke relayd deploys the DNS zone, configures httpd for ACME challenges, obtains the certificates, and reloads relayd.

@@ -241,17 +236,17 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-$ dig ipv4.ipv6test.f3s.buetow.org A +short
-46.23.94.99
+$ dig ipv4.ipv6test.f3s.buetow.org A +short
+46.23.94.99
 
-$ dig ipv4.ipv6test.f3s.buetow.org AAAA +short
-(no output - IPv4 only)
+$ dig ipv4.ipv6test.f3s.buetow.org AAAA +short
+(no output - IPv4 only)
 
-$ dig ipv6.ipv6test.f3s.buetow.org AAAA +short
-2a03:6000:6f67:624::99
+$ dig ipv6.ipv6test.f3s.buetow.org AAAA +short
+2a03:6000:6f67:624::99
 
-$ dig ipv6.ipv6test.f3s.buetow.org A +short
-(no output - IPv6 only)
+$ dig ipv6.ipv6test.f3s.buetow.org A +short
+(no output - IPv6 only)
 
 

 Verify the application shows the correct test type:

@@ -260,8 +255,8 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-$ curl -s https://ipv4.ipv6test.f3s.buetow.org/cgi-bin/index.pl | grep "Test Results"
-<h3>IPv4 Only Test Results:</h3>
+$ curl -s https://ipv4.ipv6test.f3s.buetow.org/cgi-bin/index.pl | grep "Test Results"
+<h3>IPv4 Only Test Results:</h3>
 
 

 The displayed IP should be the real client IP, not an internal cluster address.

@@ -278,15 +273,15 @@ http://www.gnu.org/software/src-highlite -->
 by Lorenzo Bettini
 http://www.lorenzobettini.it
 http://www.gnu.org/software/src-highlite -->
-sub html_escape {
-    my $str = shift;
-    $str =~ s/&/&amp;/g;
-    $str =~ s/</&lt;/g;
-    $str =~ s/>/&gt;/g;
-    return $str;
-}
+sub html_escape {
+    my $str = shift;
+    $str =~ s/&/&amp;/g;
+    $str =~ s/</&lt;/g;
+    $str =~ s/>/&gt;/g;
+    return $str;
+}
 
-my $digremote = html_escape(`dig -x $ENV{REMOTE_ADDR}`);
+my $digremote = html_escape(`dig -x $ENV{REMOTE_ADDR}`);
 
 

 You can verify the output passes validation:

@@ -317,11 +312,11 @@ http://www.gnu.org/software/src-highlite -->
 

 ← Back to the index

 
-    Generated with Gemtexter 3.0.1-develop |
-    served by OpenBSD/relayd(8)+httpd(8) |
-    Site Mirrors
-    

-    Webring: previous | shring | next
+	Generated with Gemtexter 3.0.1-develop |
+	served by OpenBSD/relayd(8)+httpd(8) |
+	Site Mirrors
+	

+	Webring: previous | shring | next
 
 
 
-- 
cgit v1.2.3