Hey everyone,

I finally figured out how to get my Lemmy instance up and running. Everything seems to work great except for the fact that I can’t subscribe to any lemmy.ml communities; it just stays stuck at pending. All other communities on other instances subscribe successfully.

Is this an issue on my end or is there an issue with lemmy.ml?

  • Elbullazul@lemmy.ml
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    I had to restart the lemmy container after setting it up to get federation to work correctly

  • mrmanagerA
    link
    fedilink
    arrow-up
    1
    ·
    edit-2
    1 year ago

    I whitelisted them in settings, but not sure if that is necessary? Only had my instance for a day.

    And for me it worked to subscribe.

    • notdeadyet@lemmy.mlOP
      link
      fedilink
      arrow-up
      0
      ·
      1 year ago

      @scrubbles@poptalk.scrubbles.tech

      I’m just using the default one from the instructions, pasted it below. It may also be worth noting that I am using Nginx Proxy Manager on top of all this for ssl. I have set all custom locations (api, feeds, nodeinfo, pictrs) but I have left the advanced section blank.

      worker_processes 1; events { worker_connections 1024; } http { upstream lemmy { # this needs to map to the lemmy (server) docker service hostname server “lemmy:8536”; } upstream lemmy-ui { # this needs to map to the lemmy-ui docker service hostname server “lemmy-ui:1234”; }

      server {
          # this is the port inside docker, not the public one yet
          listen 80;
          # change if needed, this is facing the public web
          server_name localhost;
          server_tokens off;
      
          gzip on;
          gzip_types text/css application/javascript image/svg+xml;
          gzip_vary on;
      
          # Upload limit, relevant for pictrs
          client_max_body_size 20M;
      
          add_header X-Frame-Options SAMEORIGIN;
          add_header X-Content-Type-Options nosniff;
          add_header X-XSS-Protection "1; mode=block";
      
          # frontend general requests
          location / {
              # distinguish between ui requests and backend
              # don't change lemmy-ui or lemmy here, they refer to the upstream definitions on top
              set $proxpass "http://lemmy-ui";
      
              if ($http_accept = "application/activity+json") {
                set $proxpass "http://lemmy";
              }
              if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
                set $proxpass "http://lemmy";
              }
              if ($request_method = POST) {
                set $proxpass "http://lemmy";
              }
              proxy_pass $proxpass;
      
              rewrite ^(.+)/+$ $1 permanent;
              # Send actual client IP upstream
              proxy_set_header X-Real-IP $remote_addr;
              proxy_set_header Host $host;
              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          }
      
          # backend
          location ~ ^/(api|pictrs|feeds|nodeinfo|.well-known) {
              proxy_pass "http://lemmy";
              # proxy common stuff
              proxy_http_version 1.1;
              proxy_set_header Upgrade $http_upgrade;
              proxy_set_header Connection "upgrade";
      
              # Send actual client IP upstream
              proxy_set_header X-Real-IP $remote_addr;
              proxy_set_header Host $host;
              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          }
      }
      

      }

      • Scrubbles@poptalk.scrubbles.tech
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        So first off, yeah their nginx is not the greatest example. Most of it is fine but check out their ansible example

        So first off, I don’t see HTTPS. Federation will not work without HTTPS, that’s in the troubleshooting guide. You’ll need to get https up and running and have a valid cert. Certbot is very easy to get up and running, I followed this guide

        I don’t know if it matters, but add all of the extra security items from the example guide around HTTPS, I believe Lemmy does depend on some of the extra parameters like ssl_ciphers and protocols to make sure requests are using the correct ones.

        One key nugget of information is that in your http block you should add resolver 127.0.0.11 ipv6=off;, which tells nginx to use 127.0.0.11 as it’s DNS, which is imperative if you are using docker host names. That IP is Docker’s internal DNS, so things like http://lemmy and http://lemmy-ui work.

        server_name should be the external tld. For example, mine is poptalk.scrubbles.tech.

        My entire proxypass for / is as follows, I think yours should work, but this is known working:

             location / {
        
                  # The default ports:
                  # lemmy_ui_port: 1235
                  # lemmy_port: 8536
        
                    set $proxpass "http://lemmy-ui:1234";
                    if ($http_accept ~ "^application/.*$") {
                       set $proxpass "http://lemmy:8536";
                    }
                    if ($request_method = POST) {
                       set $proxpass "http://lemmy:8536";
                    }
                    proxy_pass $proxpass;
                    rewrite ^(.+)/+$ $1 permanent;
                    proxy_http_version 1.1;
        	    proxy_set_header  X-Real-IP $remote_addr;
                    proxy_set_header  Host $host;
                    proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
        	    proxy_set_header  Upgrade $http_upgrade;
                    proxy_set_header  Connection $connection_upgrade;
                }
        

        Make sure you’re also redirecting pictshare (which I believe is deprecated, but if you have issues with pictures:

                location ~ /pictshare/(.*)$ {
                  return 301 /pictrs/image/$1;
                }
        
        
        • notdeadyet@lemmy.mlOP
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          @scrubbles@poptalk.scrubbles.tech

          Thanks for that info! Unfortunately, trying to get my instance up using that config is proving to be quite difficult with my setup. I found another user with a similar setup to me that posted a guide and even that gives me the same problem with ONLY communities on lemmy.ml

          https://lemmy.dcrich.net/post/1150

          I am using the nginx posted on there, as well as nginx proxy manager on top of it which manages my HTTPS / SSL.

          According to everyone that followed that guide, there are zero issues for them, but for me, nothing works on lemmy.ml which is unfortunate as there are a lot of communities I want to subscribe to on here.