Skip Navigation

Federation of my Lemmy instances doesnt work (please help)

I hope this is the right place for this.

So, here is the thing: my lemmy instance is accessible in the browser via its domain, everything is fine, but no other communities are shown. When I test federation with "curl -H "Accept: application/activity+json" https://my-instance.com/u/some-local-user" I get a SSL certificate error.

So I figured that it has something to do with my reverse proxy and modified the nginx.conf like described in the documentation.

But the error persists.

This is my nginx.config in /etc/nginx/sites-enables/

<my-domain>

:

" limit_req_zone $binary_remote_addr zone={{ my_domain }}_ratelimit:10m rate=1r/s;

server { listen 80; listen [::]:80; server_name {{ my_domain }}; # Hide nginx version server_tokens off; location / { return 301 https://$host$request_uri; } }

server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name {{ my_domain }};

 undefined
        # Replace these lines with your own certificate and key paths
    ssl_certificate /etc/ssl/certs/{{ my_certs }};
    ssl_certificate_key /etc/ssl/certs/{{ my_keys }};

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers {{ cipher_encrypt }};
    ssl_session_timeout  10m;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets on;
    ssl_stapling on;
    ssl_stapling_verify on;

    # Hide nginx version
    server_tokens off;

    # Upload limit, relevant for pictrs
    client_max_body_size 20M;

    # Enable compression for JS/CSS/HTML bundle, for improved client load times.
    gzip on;
    gzip_types text/css application/javascript image/svg+xml;
    gzip_vary on;

    # Various content security headers
    add_header Referrer-Policy "same-origin";
    add_header X-Content-Type-Options "nosniff";
    add_header X-Frame-Options "DENY";
    add_header X-XSS-Protection "1; mode=block";

    #location / {
    #  proxy_pass http://0.0.0.0:1236;
    #  proxy_http_version 1.1;
    #  proxy_set_header Upgrade $http_upgrade;
    #  proxy_set_header Connection "upgrade";
    #  proxy_set_header X-Real-IP $remote_addr;
    #  proxy_set_header Host $host;
    #  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    #}


    location / {
      set $proxy_pass "http://0.0.0.0:1236";
      if ($http_accept = "application/activity+json") {
          set $proxy_pass "http://0.0.0.0:8536";
      }
      if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
          set $proxy_pass "http://0.0.0.0:8536";
      }
      proxy_pass $proxy_pass;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }

  

}

access_log /var/log/nginx/access.log combined;

"(end of file)

Maybe, someone has an idea how to solve this. I'm really at the end of my wits here :(

You're viewing a single thread.

10 comments
10 comments