colin
/
nix-files
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

lemmy: fix federation (broke due to invalid HTTP signatures)

This commit is contained in:
Colin 2024-04-26 10:31:47 +00:00
parent 3d207ab7bb
commit f3d2dee470
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
hosts/by-name/servo/services/lemmy.nix
View File

@ -68,6 +68,17 @@ in {
services.nginx.virtualHosts."lemmy.uninsane.org" = {
forceSSL = true;
enableACME = true;
# XXX(2024/04/25): fix that incoming federation actions are rejected for invalid HTTP signatures.
# see: <https://github.com/NixOS/nixpkgs/pull/284562#issuecomment-2079104081>
# of all these, we only *need* the `Host` header. the others are just nice-to-have.
locations."/".extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
'';
};
sane.dns.zones."uninsane.org".inet.CNAME."lemmy" = "native";