[giantrobot]

I appreciate the lack of a reverse proxy in front. While I love the various "website hosted on X" projects they end up in reality just served by CloudFlare. Which is fine since you don't want your C64 or vape pen or whatever to explode. It's just less "hosted on X" and more "single HTML page served by CloudFlare".

[bombcar]

It looks like it's proxied if you come over IPv4 - which the vast majority of "customers" likely do.

[sjmulder]

I meant to replace it with IP forwarding from a secondary IPv4 address on another host running OpenBSD, but I haven't been able to get that to work yet. Perhaps any OpenBSD/pf folk here have an idea? This is my config (where in the real file the variables are literals):

  pass in on egress inet to $secondary_ipv4 \
    af-to inet6 from $ipv6 to 2a02:a45f:8eaa::2/128

All I get is timeouts and traceroutes with infinite hops. First I tried rdr-to, but that complains of the address family mismatch.

[sjmulder]

Turns out the rule works perfectly fine, I just forgot to enable IPv4 forwarding in sysctl (in addition to IPv6, which I did enable).

[bombcar]

If it's proxying without caching, what you have is "basically" real.

It's just there have been others who put a gameboy behind a massive cache, and most requests would come back from the cache server.

[weird-eye-issue]

It depends on the cache settings but by default CF doesn't cache HTML