Hey everyone,
I finally figured out how to get my Lemmy instance up and running. Everything seems to work great except for the fact that I can’t subscribe to any lemmy.ml communities; it just stays stuck at pending. All other communities on other instances subscribe successfully.
Is this an issue on my end or is there an issue with lemmy.ml?
I had to restart the lemmy container after setting it up to get federation to work correctly
Thanks for the idea. Tried it and no luck unfortunately
I whitelisted them in settings, but not sure if that is necessary? Only had my instance for a day.
And for me it worked to subscribe.
Tried that, made no difference. Thank you though
Had the same issue, you have a problem with federation. Post your nginx conf file and maybe we can see something
@scrubbles@poptalk.scrubbles.tech
I’m just using the default one from the instructions, pasted it below. It may also be worth noting that I am using Nginx Proxy Manager on top of all this for ssl. I have set all custom locations (api, feeds, nodeinfo, pictrs) but I have left the advanced section blank.
worker_processes 1; events { worker_connections 1024; } http { upstream lemmy { # this needs to map to the lemmy (server) docker service hostname server “lemmy:8536”; } upstream lemmy-ui { # this needs to map to the lemmy-ui docker service hostname server “lemmy-ui:1234”; }
server { # this is the port inside docker, not the public one yet listen 80; # change if needed, this is facing the public web server_name localhost; server_tokens off; gzip on; gzip_types text/css application/javascript image/svg+xml; gzip_vary on; # Upload limit, relevant for pictrs client_max_body_size 20M; add_header X-Frame-Options SAMEORIGIN; add_header X-Content-Type-Options nosniff; add_header X-XSS-Protection "1; mode=block"; # frontend general requests location / { # distinguish between ui requests and backend # don't change lemmy-ui or lemmy here, they refer to the upstream definitions on top set $proxpass "http://lemmy-ui"; if ($http_accept = "application/activity+json") { set $proxpass "http://lemmy"; } if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") { set $proxpass "http://lemmy"; } if ($request_method = POST) { set $proxpass "http://lemmy"; } proxy_pass $proxpass; rewrite ^(.+)/+$ $1 permanent; # Send actual client IP upstream proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } # backend location ~ ^/(api|pictrs|feeds|nodeinfo|.well-known) { proxy_pass "http://lemmy"; # proxy common stuff proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # Send actual client IP upstream proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
}
So first off, yeah their nginx is not the greatest example. Most of it is fine but check out their ansible example
So first off, I don’t see HTTPS. Federation will not work without HTTPS, that’s in the troubleshooting guide. You’ll need to get https up and running and have a valid cert. Certbot is very easy to get up and running, I followed this guide
I don’t know if it matters, but add all of the extra security items from the example guide around HTTPS, I believe Lemmy does depend on some of the extra parameters like ssl_ciphers and protocols to make sure requests are using the correct ones.
One key nugget of information is that in your
http
block you should addresolver 127.0.0.11 ipv6=off;
, which tells nginx to use127.0.0.11
as it’s DNS, which is imperative if you are using docker host names. That IP is Docker’s internal DNS, so things likehttp://lemmy
andhttp://lemmy-ui
work.server_name
should be the external tld. For example, mine ispoptalk.scrubbles.tech
.My entire proxypass for
/
is as follows, I think yours should work, but this is known working:location / { # The default ports: # lemmy_ui_port: 1235 # lemmy_port: 8536 set $proxpass "http://lemmy-ui:1234"; if ($http_accept ~ "^application/.*$") { set $proxpass "http://lemmy:8536"; } if ($request_method = POST) { set $proxpass "http://lemmy:8536"; } proxy_pass $proxpass; rewrite ^(.+)/+$ $1 permanent; proxy_http_version 1.1; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; }
Make sure you’re also redirecting pictshare (which I believe is deprecated, but if you have issues with pictures:
location ~ /pictshare/(.*)$ { return 301 /pictrs/image/$1; }
@scrubbles@poptalk.scrubbles.tech
Thanks for that info! Unfortunately, trying to get my instance up using that config is proving to be quite difficult with my setup. I found another user with a similar setup to me that posted a guide and even that gives me the same problem with ONLY communities on lemmy.ml
https://lemmy.dcrich.net/post/1150
I am using the nginx posted on there, as well as nginx proxy manager on top of it which manages my HTTPS / SSL.
According to everyone that followed that guide, there are zero issues for them, but for me, nothing works on lemmy.ml which is unfortunate as there are a lot of communities I want to subscribe to on here.