Every time Hacker News discusses IPv6 someone mentions that GitHub is commonly cited as one of the last holdouts. You can't access GitHub through IPv6, and a lot of servers want to access GitHub, and this is one of the last reasons your server can't be IPv6-only and save a few bucks.
So I set up a proxy so that you can. Apparently a few of these already exist. One more can't hurt. Mine doesn't require any address changes if you just add it to your hosts file.
See https://githubv6.com/ for more information. This link only works if you have IPv6.
Will GitHub block it? No idea. It seems like I've somehow become way too afraid of annoying Big Tech. I deployed this anyway.
This proxy really isn't complicated. It's very simple, actually. Here are the relevant forwarding commands so you can run your own:
socat tcp6-listen:80,fork,bind=[2a06:7e00:a97:a100::667] tcp4-connect:github.com:80 socat tcp6-listen:443,fork,bind=[2a06:7e00:a97:a100::667] tcp4-connect:github.com:443 socat tcp6-listen:22,fork,bind=[2a06:7e00:a97:a100::667] tcp4-connect:github.com:22 socat tcp6-listen:22,fork,bind=[2a06:7e00:a97:a100::666] tcp4-connect:github.com:22
and here's the nginx site configuration.
server {
server_name githubv6.com;
root /var/www/githubv6.com;
index index.html;
location / {
try_files $uri $uri/ =404;
}
location /gh/ {
proxy_pass https://github.com/;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Host github.com;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# this defines the maximum header size. Default is 4k, but github sends over 4k of headers
proxy_buffer_size 32k;
# required because we changed proxy_buffer_size - the default isn't valid.
proxy_buffers 8 32k;
}
listen [2a06:7e00:a97:a100::666]:443 ssl ipv6only=on; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/githubv6.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/githubv6.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = githubv6.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen [2a06:7e00:a97:a100::666]:80;
server_name githubv6.com;
return 404; # managed by Certbot
}
Additionally, make sure sshd isn't listening on the same address as it will conflict. If you're running SSH on the standard port (22) use the ListenAddress option in /etc/ssh/sshd_config and reload sshd. To specify more than one address (e.g. IPv4 and IPv6), use it more than once.