dear nginx

if you see HTTP Header Host: livekit.matrix.cyrneko.eu

why do you serve the TLS certificate for auth.vulpecula.zone and why do you proxy my request to Pocket-ID?

I didn't ask for that.

boost this cuz I need help lmfao I usually only do caddy 😭😭😭

@alexia by the time it sees the Host header it would've already served the TLS certificate. is the server name in SNI correct?

@alexia send me your config files and i can take a look

@noisytoot it would be correct if nginx wanted to serve it. If I make cURL do a request (curl -L https://livekit.matrix.cyrneko.eu/livekit/sfu) then nginx responds with the TLS cert of...the page I didn't request

@niko you don't want to read nix do you

jokes aside I can send you the configuration it generates but I can't guarantee I can change its order (I know I can do that but idk how)

@alexia @niko i think niko will be fine as long as you don’t shill it lmao

@alexia is the ssl_certificate/ssl_certificate_key set correctly in the server block with the right server_name?

@noisytoot apparently, it decided not to do that for a reason that's beyond me. sigh.

@noisytoot whoever wrote this nixos module, I hope they can get the stick outta their asses

@alexia are there any „if“s involved in this configuration? those really work in very unexpected ways with nginx and can create weird behaviour all around

@atna nope!

@alexia the tls certificate is served before the host header can be seen

it will likely be making the decision off SNI

@alexia but in practice they should be the same

@CauseOfBSOD I already fixed that dw