colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

lemmy: fix federation

Browse Source 
now when i subscribe to a community, the request actually seems to go through.

this change probably does more than necessary, but it serves as a known-good config
This commit is contained in:
Colin 2023-05-12 02:35:37 +00:00
parent ada8b75670
commit 083d905f4c
1 changed files with 27 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
hosts/by-name/servo/services/lemmy.nix
View File

@ -9,8 +9,10 @@ in {
services.lemmy = { services.lemmy = {
enable = true; enable = true;
settings.hostname = "lemmy.uninsane.org"; settings.hostname = "lemmy.uninsane.org";
settings.options.federation.enabled = true; settings.federation.enabled = true;
settings.options.port = backendPort; # federation.debug forces outbound federation queries to be run synchronously
settings.federation.debug = true;
settings.port = backendPort;
# settings.database.host = "localhost"; # settings.database.host = "localhost";
# defaults # defaults
# settings.database = { # settings.database = {
@ -34,6 +36,7 @@ in {
}; };
systemd.services.lemmy.environment = { systemd.services.lemmy.environment = {
RUST_BACKTRACE = "full"; RUST_BACKTRACE = "full";
RUST_LOG = "debug";
# upstream defaults LEMMY_DATABASE_URL = "postgres:///lemmy?host=/run/postgresql"; # upstream defaults LEMMY_DATABASE_URL = "postgres:///lemmy?host=/run/postgresql";
# - Postgres complains that we didn't specify a user # - Postgres complains that we didn't specify a user
# lemmy formats the url as: # lemmy formats the url as:
@ -60,24 +63,36 @@ in {
in { in {
# see <LemmyNet/lemmy:docker/federation/nginx.conf> # see <LemmyNet/lemmy:docker/federation/nginx.conf>
# see <LemmyNet/lemmy:docker/nginx.conf> # see <LemmyNet/lemmy:docker/nginx.conf>
# see <LemmyNet/lemmy-ansible:templates/nginx.conf>
"/" = { "/" = {
# "frontend general requests" # "frontend general requests"
proxyPass = "$proxpass"; # proxyPass = "$proxpass";
extraConfig = '' extraConfig = ''
set $proxpass ${ui}; set $proxpass "${ui}";
if ($http_accept = "application/activity+json") { # if ($http_accept = "application/activity+json") {
set $proxpass ${backend}; # set $proxpass "${backend}";
} # }
if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") { # if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
set $proxpass ${backend}; # set $proxpass "${backend}";
# }
# XXX: lemmy-ansible nginx uses this maximally broad redirection
if ($http_accept ~ "^application/.*$") {
set $proxpass "${backend}";
} }
# XXX: POST redirection occurs in docker/nginx.conf but not docker/federation/nginx.conf # XXX: POST redirection occurs in docker/nginx.conf but not docker/federation/nginx.conf
# if ($request_method = POST) { if ($request_method = POST) {
# set $proxpass ${backend}; set $proxpass "${backend}";
# } }
proxy_pass $proxpass;
# Cuts off the trailing slash on URLs to make them valid # Cuts off the trailing slash on URLs to make them valid
rewrite ^(.+)/+$ $1 permanent; rewrite ^(.+)/+$ $1 permanent;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
''; '';
}; };
"~ ^/(api|pictrs|feeds|nodeinfo|.well-known)" = { "~ ^/(api|pictrs|feeds|nodeinfo|.well-known)" = {