You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/02-admin/03-optional-features/07-anubis.md
+19Lines changed: 19 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -180,12 +180,19 @@ server {
180
180
location / {
181
181
# try to serve file directly, fallback to index.php
182
182
try_files $uri /index.php$is_args$args;
183
+
184
+
# lie to Symfony that the request is an HTTPS one, so it generates HTTPS URLs
185
+
fastcgi_param SERVER_PORT "443";
186
+
fastcgi_param HTTPS "on";
183
187
}
184
188
}
185
189
```
186
190
187
191
As you can see instead of serving Mbin directly we proxy it through the Anubis service. Anubis is then going to decide whether to call the UNIX socket that the actual Mbin site is served over or if it presents a challenge to the client (or straight up denying it).
188
192
193
+
In the actual Mbin call we lie to Symfony that the request is coming from port 443 (`fastcgi_param SERVER_PORT`) and the https scheme (`fastcgi_param HTTPS`).
194
+
The reason is that it will otherwise generate HTTP URLs which are incompatible with some other fediverse software, like Lemmy.
The `| jq` part outputs formatted json which should make this easier to see. There should not be any `http://` URLs in this output.
396
+
378
397
### Take it live
379
398
380
399
To start routing the traffic through Anubis nginx has to be restarted (not just reloaded), because of the new socket that needs to be created. But before we do that we should check the config for validity:
0 commit comments