SKS behind a reverse HTTP proxy -- cache invalidation hooks?
hey SKS folks--
The HKP service from keys.mayfirst.org is served by
zimmermann.mayfirst.org. zimmermann runs sks on the standard ports,
with nginx as an HTTP proxy in front of it to provide plain HTTP service
on port 80, and HKPS service on port 443.
Due to recent discussion on this list, it occurred to me to enable
caching in that proxy. I'm considering doing it with these settings:
(If you have suggestions on those settings, i'd be happy to hear them)
I'm also wondering if there's a way that i could get a hook *out* from
SKS to get it to invalidate the cache when it receives an update for a
given key. I can work out how to invalidate the nginx proxy cache
myself -- i'm just not sure how to get the hook from SKS to know when to
do so. Initially, i'd like to target key-specific fetches by keyid
Any suggestions or pointers? cache invalidation hooks aren't currently
implemented, would there be any objections to adding such a feature?