this post was submitted on 26 Jun 2023
20 points (100.0% liked)

Lemmy Support

4650 readers
9 users here now

Support / questions about Lemmy.

Matrix Space: #lemmy-space

founded 5 years ago
MODERATORS
 

Apparently, since the 0.18.0 upgrade, Lemmy doesn't have any outbound federation with non-Lemmy instances anymore.

Searching for communities, subscribing to communities and reading posts from communities on Lemmy 0.18.0 instances from at least Mastodon 4.1.0 and Hubzilla 8.4.2 no longer works. Doing the same with communities on the same instances running Lemmy 0.17.x from the same Mastodon or Hubzilla instances running the same versions still used to work.

Affected Lemmy instances include sh.itjust.works and lemmy.ca.

See also my bug report.

top 2 comments
sorted by: hot top controversial new old
[–] db0@lemmy.dbzer0.com 2 points 1 year ago (1 children)

Ah them double reverse proxies will just keep causing us grief, I know it.

[–] terribleplan@lemmy.nrd.li 3 points 1 year ago* (last edited 1 year ago)

I think this is a problem with specifically how Lemmy is designed, how ActivityPub works in the browser, and how Lemmy is deployed. The issue should be entirely contained within Lemmy's nginx layer unless your second LB is doing some sort of mangling to the request (changing the request's Accept header, method, or path).

The design of Lemmy is that there is a "lemmy-ui" component that is responsible for generating HTML pages, and a "lemmy" component that is responsible for everything else. "lemmy-ui" communicates with "lemmy" to make API requests so it can build the necessary pages. Separating these things out makes a certain level of sense, and allows them to be developed independently and even replaced with alternate implementations if necessary.

Based on sniffing (Accept header) the request needs to either route to "lemmy" or "lemmy-ui". The path and method based requests are fairly easy to handle as there isn't ambiguity, if it is for a child of a certain path or it is a certain method (e.g POST), it always goes to "lemmy". Things are more complex for GET requests for a comment/post because users will load that URL in their browser expecting HTML (which "lemmy-ui" is responsible for). Bots/federation/API clients will request that same URL with basically only the Accept header being different and expect JSON-LD (which "lemmy" is responsible for).

The problem comes when you deploy such a system, you need some way to conditionally route certain requests to one service and certain requests to another. Lemmy has chosen to use nginx with manually maintained nginx.conf files.

The options as I see it are:

  1. Build a system to generate the right nginx configuration when the proxy container starts. Something like it taking optional environment variables to define the hostname/port of the "lemmy" and "lemmy-ui, and it spits out basically what is in the repo right now but customized for you. If you need something more custom you're on your own with that still being able to serve as a starting point ,but you probably not even using that container.
  2. Remove nginx entirely and set up "lemmy" to forward requests it thinks are by web browsers to a URL for the UI you can specify. (This may be problematic as it technically makes "lemmy-ui" and "lemmy" co-dependent, though whether "lemmy-ui" should expect to communicate with "lemmy" over anything but your instance's public address is another issue entirely...)
  3. Remove nginx entirely and set up "lemmy-ui" to forward requests that look like backend requests to "lemmy".

I like option 2 best, as "lemmy" does something similar for "pictrs" already, though it is a little counterintuitive for what I consider to be the "backend" to forward requests to the "frontend".

load more comments
view more: next ›