I finally figured out how to get my Lemmy instance up and running. Everything seems to work great except for the fact that I can’t subscribe to any lemmy.ml communities; it just stays stuck at pending. All other communities on other instances subscribe successfully.
Is this an issue on my end or is there an issue with lemmy.ml?
Hey I just had a question on this exact thing this morning for my new account on mander. So the trick for getting communities active on a new instance is that you first need to search for the whole url (such as https://lemmy.ml/c/lemmy_support). It will of course fail, but then you can immediately search for "lemmy_support" and that will now be found.
@[email protected] Thanks for the reply. I have done that and can successfully see the community. However, when I try to subscribe it is stuck at pending. Cancelling and trying again doesn't seem to fix it.
Sorry to hear that. From the other replies it sounds like it's going to be a configuration issue but I didn't set up my own instance so that's as much advice as I can offer. Good luck!
Thanks for the suggestion. Unfortunately, no luck doing that. I also noticed, I can't see my meta community from the lemmy.ml search, but I can find it from other instances. ( https://lemmy.notdead.net/c/meta )
I seem to only have issues federating with lemmy.ml
I'm just using the default one from the instructions, pasted it below. It may also be worth noting that I am using Nginx Proxy Manager on top of all this for ssl. I have set all custom locations (api, feeds, nodeinfo, pictrs) but I have left the advanced section blank.
worker_processes 1;
events {
worker_connections 1024;
}
http {
upstream lemmy {
# this needs to map to the lemmy (server) docker service hostname
server "lemmy:8536";
}
upstream lemmy-ui {
# this needs to map to the lemmy-ui docker service hostname
server "lemmy-ui:1234";
}
server {
# this is the port inside docker, not the public one yet
listen 80;
# change if needed, this is facing the public web
server_name localhost;
server_tokens off;
gzip on;
gzip_types text/css application/javascript image/svg+xml;
gzip_vary on;
# Upload limit, relevant for pictrs
client_max_body_size 20M;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
# frontend general requests
location / {
# distinguish between ui requests and backend
# don't change lemmy-ui or lemmy here, they refer to the upstream definitions on top
set $proxpass "http://lemmy-ui";
if ($http_accept = "application/activity+json") {
set $proxpass "http://lemmy";
}
if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
set $proxpass "http://lemmy";
}
if ($request_method = POST) {
set $proxpass "http://lemmy";
}
proxy_pass $proxpass;
rewrite ^(.+)/+$ $1 permanent;
# Send actual client IP upstream
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
# backend
location ~ ^/(api|pictrs|feeds|nodeinfo|.well-known) {
proxy_pass "http://lemmy";
# proxy common stuff
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Send actual client IP upstream
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
So first off, yeah their nginx is not the greatest example. Most of it is fine but check out their ansible example
So first off, I don't see HTTPS. Federation will not work without HTTPS, that's in the troubleshooting guide. You'll need to get https up and running and have a valid cert. Certbot is very easy to get up and running, I followed this guide
I don't know if it matters, but add all of the extra security items from the example guide around HTTPS, I believe Lemmy does depend on some of the extra parameters like ssl_ciphers and protocols to make sure requests are using the correct ones.
One key nugget of information is that in your http block you should add resolver 127.0.0.11 ipv6=off;, which tells nginx to use 127.0.0.11 as it's DNS, which is imperative if you are using docker host names. That IP is Docker's internal DNS, so things like http://lemmy and http://lemmy-ui work.
server_name should be the external tld. For example, mine is poptalk.scrubbles.tech.
My entire proxypass for / is as follows, I think yours should work, but this is known working:
location / {
# The default ports:
# lemmy_ui_port: 1235
# lemmy_port: 8536
set $proxpass "http://lemmy-ui:1234";
if ($http_accept ~ "^application/.*$") {
set $proxpass "http://lemmy:8536";
}
if ($request_method = POST) {
set $proxpass "http://lemmy:8536";
}
proxy_pass $proxpass;
rewrite ^(.+)/+$ $1 permanent;
proxy_http_version 1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
Make sure you're also redirecting pictshare (which I believe is deprecated, but if you have issues with pictures: