blue_berry

Hello again,

thanks to your great feedback last time, I set up SSL with letsencrypt and got HTTPS working.

However, federation is still not working.

When troubleshooting as described in the docs I get the following Bad-Gateway error:

"~# curl -H "Accept: application/activity+json" https:///u/blueberry

So apparently, its again the reverse-proxy, but this time, its not able to speak to the backend.

My nginx-error-file shows the following error: "2024/02/08 12:37:46 [error]: connect() failed (111: Connection refused) while connecting to upstream, client: , server: , request: "GET /u/blueberry HTTP/2.0", upstream: "http://0.0.0.0:8536/u/blueberry", host: "

But using "docker ps" I find port 8536 open, so it should work.

Do you have any idea whats the problem here?

I hope this is the right place for this.

So, here is the thing: my lemmy instance is accessible in the browser via its domain, everything is fine, but no other communities are shown. When I test federation with "curl -H "Accept: application/activity+json" https://my-instance.com/u/some-local-user" I get a SSL certificate error.

So I figured that it has something to do with my reverse proxy and modified the nginx.conf like described in the documentation.

But the error persists.

This is my nginx.config in /etc/nginx/sites-enables/:

" limit_req_zone $binary_remote_addr zone={{ my_domain }}_ratelimit:10m rate=1r/s;

server { listen 80; listen [::]:80; server_name {{ my_domain }}; # Hide nginx version server_tokens off; location / { return 301 https://$host$request_uri; } }

server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name {{ my_domain }};

# Replace these lines with your own certificate and key paths
ssl_certificate /etc/ssl/certs/{{ my_certs }};
ssl_certificate_key /etc/ssl/certs/{{ my_keys }};

ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers {{ cipher_encrypt }};
ssl_session_timeout  10m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets on;
ssl_stapling on;
ssl_stapling_verify on;

# Hide nginx version
server_tokens off;

# Upload limit, relevant for pictrs
client_max_body_size 20M;

# Enable compression for JS/CSS/HTML bundle, for improved client load times.
gzip on;
gzip_types text/css application/javascript image/svg+xml;
gzip_vary on;

# Various content security headers
add_header Referrer-Policy "same-origin";
add_header X-Content-Type-Options "nosniff";
add_header X-Frame-Options "DENY";
add_header X-XSS-Protection "1; mode=block";

#location / {
#  proxy_pass http://0.0.0.0:1236;
#  proxy_http_version 1.1;
#  proxy_set_header Upgrade $http_upgrade;
#  proxy_set_header Connection "upgrade";
#  proxy_set_header X-Real-IP $remote_addr;
#  proxy_set_header Host $host;
#  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#}


location / {
  set $proxy_pass "http://0.0.0.0:1236";
  if ($http_accept = "application/activity+json") {
      set $proxy_pass "http://0.0.0.0:8536";
  }
  if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
      set $proxy_pass "http://0.0.0.0:8536";
  }
  proxy_pass $proxy_pass;
  proxy_http_version 1.1;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "upgrade";
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header Host $host;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

}

access_log /var/log/nginx/access.log combined;

"(end of file)

Maybe, someone has an idea how to solve this. I'm really at the end of my wits here :(

cross-posted from: https://feddit.de/post/6792877

TL;DR: The current Mastodon-signup is only removing the confusion of users on first glance, because it either hides the server-choice altogether, or leaves them with a choice that is impossible to make at this point of their Mastodon-journey. Instead, it should introduce them to decentrality on a lower scale, with a handful of handpicked servers to choose from, such that the decision makes sense to them and shows them the merits and fun of the concept instead of scaring them away. Ideal would be to give them a sense of agency. Then, chances are higher that they consider migrating again in the future and eventually internalize it as a permanent option of the digital world.

TL;DR: The current Mastodon-signup is only removing the confusion of users on first glance, because it either hides the server-choice altogether, or leaves them with a choice that is impossible to make at this point of their Mastodon-journey. Instead, it should introduce them to decentrality on a lower scale, with a handful of handpicked servers to choose from, such that the decision makes sense to them and shows them the merits and fun of the concept instead of scaring them away. Ideal would be to give them a sense of agency. Then, chances are higher that they consider migrating again in the future and eventually internalize it as a permanent option of the digital world.

cross-posted from: https://feddit.de/post/6258115

New story, I hope you like it. Feedback always welcome.

cross-posted from: https://feddit.de/post/6258115

New story, I hope you like it. Feedback always welcome.

cross-posted from: https://feddit.de/post/5568383

When she woke up, she immediately sensed that something was wrong.

She stumbled out of bed, went to the window and looked outside. Her heart almost stopped: it was even worse than she had expected. Chaos was unfolding all across her communities. She was seeing and feeling people running headless around the streets, panicking from the incoming influx of screaming noise that seemed to come from everywhere at once. Where the hell did it come from, she thought against the unbearable throbbing in her head that made it almost impossible to concentrate. And then, in a sudden pang of realization that almost hurt her physically, it occurred to her: the Meta Myzel. It had actually arrived.

She pushed herself away from the window and while holding her ears, rushed down the staircase to severe the connection to the Meta Myzel – or was it already too late?

...

cross-posted from: https://feddit.de/post/5328368

The idea is to have a piece of fiction that you can give a person to experience the Fediverse while also being moderately entertained in the process. So: would you give this story to a person that doesn’t know anything about the Fediverse? I would love to hear your opinions. I will try to incorporate feedback into the story but no promises!

cross-posted from: https://feddit.de/post/5328368

The idea is to have a piece of fiction that you can give a person to experience the Fediverse while also being moderately entertained in the process. So: would you give this story to a person that doesn’t know anything about the Fediverse? I would love to hear your opinions. I will try to incorporate feedback into the story but no promises!

(based on Feedback now with Fungi-Taylor-Swift, a Moderator character, Fridays for Fungi and MUCH MORE Lemmy-Drama)