This is a HTTPS proxy HowTo for Merecat httpd using pound and OpenSSL.

Pound is a reverse proxy, load balancer, and HTTPS front-end for Web servers. It is available in Debian/Ubuntu and is very simple to set up:

First install the package, including OpenSSL, or LibreSSL:

sudo apt install pound openssl

Use OpenSSL to create a self-signed certificate:

mkdir ~/certs
cd  ~/certs
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes
cat cert.pem key.pem > bundle.pem

Now, we move to the Merecat directory from the previous blog post and start it on port 8080:

cd ~/merecat
./src/merecat -p 8080 www/

Now, edit the default /etc/pound/pound.cfg to include the following:

    Port 443
    AddHeader "X-Forwarded-Proto: https"
    AddHeader "X-Forwarded-Port: 80"
    HeadRemove "X-Forwarded-Proto"
    HeadRemove "X-Forwarded-For"
    Cert "/home/jocke/certs/bundle.pem"

    # This is the address and TCP port where Merecat httpd runs
                    Port 8080

We make sure to remove any existing X-Forwarded-For header to prevent any malicious client from injecting them beforehand. Then enable pound by editing /etc/default/pound


And start the service

sudo /etc/init.d/pound restart

Your service is now available over HTTPS. Try it with curl, which needs to be called with -k to skip certificate validation:

curl -ki https://localhost/~jocke/
HTTP/1.0 200 OK
testing stderr
Content-Type: text/html;charset=utf-8

<p>Hello, HTTP SPOKEN HERE</p>

All done. Good Luck!

This is a HowTo for setting up ikiwiki with Merecat httpd.

First install ikiwiki

sudo apt install ikiwiki libcgi-session-perl libcgi-formbuilder-perl

Follow the steps to setup a new Wiki or Blog. In this example we set up a wiki in our ~/public_html:

ikiwiki --setup /etc/ikiwiki/auto.setup
Successfully set up wiki:
url:         http://localhost/~jocke/wiki
srcdir:      ~/wiki
destdir:     ~/public_html/wiki
repository:  ~/wiki.git

To modify settings, edit ~/home.setup and then run:
    ikiwiki --setup ~/home.setup

By default Merecat has per-user ~/public_html support disabled, this is for safety purposes. To build from source, here from GIT, use:

git clone
./configure --enable-public-html
sudo make install

Now, to start playing with Ikiwiki, simply start the httpd as your user on a non-priviliged port:

merecat -n -p 8080

… and open http://localhost:8080/~jocke/wiki/ in your browser :smiley:

NOTE: Although Merecat httpd is a fork of thttpd. Compared to its forefather Mercat is fully capable of running ikiwiki without any patches. Problems with port not being included in HTTP_HOST or missing trailing slash in PATH_INFO, have all been fixed.


Having worked with Linux for the last 20 years, and embedded for more than ten of them, I’ve become quite a fan of virtualization in general and Qemu in particular.

Qemu is a fantastic little tool, created by the Open Source superhero Fabrice Bellard. It can be used to verify an embedded system without having to deal with the problems of actual HW until you really have to. Don’t get me wrong, HW excites me like any other nerd, but if the HW is new and shaky it can be quite a pain to develop higher level functions.

My holy grail is to have a 100% complete and accurate virtualization target per architecture to test my various software projects on. That’s why I created TroglOS.

The last game I ever played was Castle Wolfenstein 3D, released in 1992 for MS-DOS, made by the now legendary id Software. OK, admittedly I’ve played other games since then, but I’ve never again been so manic about a game since Wolfenstein.

This post is about how to build, install and set up Wolfenstein 3D on a Raspberry Pi running RetroPie … on a Picade :-)

This is a quick writeup of how to get the Trust Bluetooth 4.0 adapter (dongle) working in Linux, Ubuntu 16.04.