From 5c4548d5e74e40e18d8d1ed98ad256568a063370 Mon Sep 17 00:00:00 2001 From: lain Date: Mon, 10 Aug 2020 13:05:13 +0000 Subject: Revert "Merge branch 'issue/1023' into 'develop'" This reverts merge request !2763 --- installation/init.d/pleroma | 1 - installation/pleroma.service | 2 -- 2 files changed, 3 deletions(-) (limited to 'installation') diff --git a/installation/init.d/pleroma b/installation/init.d/pleroma index e908cda1b..384536f7e 100755 --- a/installation/init.d/pleroma +++ b/installation/init.d/pleroma @@ -8,7 +8,6 @@ pidfile="/var/run/pleroma.pid" directory=/opt/pleroma healthcheck_delay=60 healthcheck_timer=30 -export $(cat /opt/pleroma/config/pleroma.env) : ${pleroma_port:-4000} diff --git a/installation/pleroma.service b/installation/pleroma.service index ee00a3b7a..5dcbc1387 100644 --- a/installation/pleroma.service +++ b/installation/pleroma.service @@ -17,8 +17,6 @@ Environment="MIX_ENV=prod" Environment="HOME=/var/lib/pleroma" ; Path to the folder containing the Pleroma installation. WorkingDirectory=/opt/pleroma -; Path to the environment file. the file contains RELEASE_COOKIE and etc -EnvironmentFile=/opt/pleroma/config/pleroma.env ; Path to the Mix binary. ExecStart=/usr/bin/mix phx.server -- cgit v1.2.3 From 07376bd21ae732a00c61ce55be920ddf8ba603ee Mon Sep 17 00:00:00 2001 From: Farhan Khan Date: Thu, 6 Aug 2020 00:01:57 -0400 Subject: Adding installation documentation for FreeBSD + rc.d script --- installation/freebsd/rc.d/pleroma | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100755 installation/freebsd/rc.d/pleroma (limited to 'installation') diff --git a/installation/freebsd/rc.d/pleroma b/installation/freebsd/rc.d/pleroma new file mode 100755 index 000000000..1e41e57e6 --- /dev/null +++ b/installation/freebsd/rc.d/pleroma @@ -0,0 +1,28 @@ +#!/bin/sh +# REQUIRE: DAEMON postgresql +# PROVIDE: pleroma + +# sudo -u pleroma MIX_ENV=prod elixir --erl \"-detached\" -S mix phx.server + +. /etc/rc.subr + +name="pleroma" +desc="Pleroma Social Media Platform" +rcvar=${name}_enable +command="/usr/local/bin/elixir" +command_args="--erl \"-detached\" -S /usr/local/bin/mix phx.server" +pidfile="/dev/null" + +pleroma_user="pleroma" +pleroma_home="/home/pleroma" +pleroma_chdir="${pleroma_home}/pleroma" +pleroma_env="HOME=${pleroma_home} MIX_ENV=prod" + +check_pidfile() +{ + pid=$(pgrep beam.smp$) + echo -n "${pid}" +} + +load_rc_config ${name} +run_rc_command "$1" -- cgit v1.2.3 From dfcb1401c701edb6e963d40772f4d26662c40793 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Tue, 18 Aug 2020 10:24:34 -0500 Subject: Improve FreeBSD rc script Passes rclint now, $HOME is dynamic, and properly matches process name for signalling shutdown. --- installation/freebsd/rc.d/pleroma | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) (limited to 'installation') diff --git a/installation/freebsd/rc.d/pleroma b/installation/freebsd/rc.d/pleroma index 1e41e57e6..f62aef18d 100755 --- a/installation/freebsd/rc.d/pleroma +++ b/installation/freebsd/rc.d/pleroma @@ -1,28 +1,27 @@ #!/bin/sh -# REQUIRE: DAEMON postgresql +# $FreeBSD$ # PROVIDE: pleroma +# REQUIRE: DAEMON postgresql +# KEYWORD: shutdown # sudo -u pleroma MIX_ENV=prod elixir --erl \"-detached\" -S mix phx.server . /etc/rc.subr -name="pleroma" +name=pleroma +rcvar=pleroma_enable + desc="Pleroma Social Media Platform" -rcvar=${name}_enable -command="/usr/local/bin/elixir" -command_args="--erl \"-detached\" -S /usr/local/bin/mix phx.server" -pidfile="/dev/null" -pleroma_user="pleroma" -pleroma_home="/home/pleroma" -pleroma_chdir="${pleroma_home}/pleroma" -pleroma_env="HOME=${pleroma_home} MIX_ENV=prod" +load_rc_config ${name} -check_pidfile() -{ - pid=$(pgrep beam.smp$) - echo -n "${pid}" -} +: ${pleroma_user:=pleroma} +: ${pleroma_home:=$(getent passwd ${pleroma_user} | awk -F: '{print $6}')} +: ${pleroma_chdir:="${pleroma_home}/pleroma"} +: ${pleroma_env:="HOME=${pleroma_home} MIX_ENV=prod"} + +command=/usr/local/bin/elixir +command_args="--erl \"-detached\" -S /usr/local/bin/mix phx.server" +procname="*beam.smp" -load_rc_config ${name} run_rc_command "$1" -- cgit v1.2.3 From 75f6e5e8b7e0408241a633daba7fde8b51dde8ca Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:10:31 -0500 Subject: Add FedSockets config --- installation/pleroma.nginx | 14 ++++++++++++++ 1 file changed, 14 insertions(+) (limited to 'installation') diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index d301ca615..a3b3394f1 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -63,6 +63,7 @@ server { # the nginx default is 1m, not enough for large media uploads client_max_body_size 16m; + ignore_invalid_headers off; location / { proxy_http_version 1.1; @@ -91,4 +92,17 @@ server { chunked_transfer_encoding on; proxy_pass http://127.0.0.1:4000; } + + location /api/fedsocket/v1 { + proxy_http_version 1.1; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + + # The Important Websocket Bits! + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "Upgrade"; + proxy_request_buffering off; + proxy_pass http://127.0.0.1:4000/api/fedsocket/v1; + } } -- cgit v1.2.3 From 2b553b8f8e7cf01d8530b905c48b97b815098cd9 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:11:01 -0500 Subject: Remove duplicate setting --- installation/pleroma.nginx | 2 -- 1 file changed, 2 deletions(-) (limited to 'installation') diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index a3b3394f1..ce74f46e1 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -75,8 +75,6 @@ server { # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only # and `localhost.` resolves to [::0] on some systems: see issue #930 proxy_pass http://127.0.0.1:4000; - - client_max_body_size 16m; } location ~ ^/(media|proxy) { -- cgit v1.2.3 From ade7fede7134d0e05c91ef48d52e48e64fd6dd98 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:13:45 -0500 Subject: Most proxy settings can be global --- installation/pleroma.nginx | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) (limited to 'installation') diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index ce74f46e1..5517e3fc3 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -65,13 +65,13 @@ server { client_max_body_size 16m; ignore_invalid_headers off; - location / { - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + location / { # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only # and `localhost.` resolves to [::0] on some systems: see issue #930 proxy_pass http://127.0.0.1:4000; @@ -82,7 +82,6 @@ server { slice 1m; proxy_cache_key $host$uri$is_args$args$slice_range; proxy_set_header Range $slice_range; - proxy_http_version 1.1; proxy_cache_valid 200 206 301 304 1h; proxy_cache_lock on; proxy_ignore_client_abort on; @@ -92,14 +91,6 @@ server { } location /api/fedsocket/v1 { - proxy_http_version 1.1; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $host; - - # The Important Websocket Bits! - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "Upgrade"; proxy_request_buffering off; proxy_pass http://127.0.0.1:4000/api/fedsocket/v1; } -- cgit v1.2.3 From 8906f30ba16bdd91ac51ab9d4568c19070c270d5 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Mon, 21 Sep 2020 16:19:08 -0500 Subject: Use an upstream for reverse proxy so future modifications are simplified --- installation/pleroma.nginx | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'installation') diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index 5517e3fc3..d613befd2 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -9,6 +9,12 @@ proxy_cache_path /tmp/pleroma-media-cache levels=1:2 keys_zone=pleroma_media_cache:10m max_size=10g inactive=720m use_temp_path=off; +# this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only +# and `localhost.` resolves to [::0] on some systems: see issue #930 +upstream phoenix { + server 127.0.0.1:4000 max_fails=5 fail_timeout=60s; +} + server { server_name example.tld; @@ -72,9 +78,7 @@ server { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; location / { - # this is explicitly IPv4 since Pleroma.Web.Endpoint binds on IPv4 only - # and `localhost.` resolves to [::0] on some systems: see issue #930 - proxy_pass http://127.0.0.1:4000; + proxy_pass http://phoenix; } location ~ ^/(media|proxy) { @@ -87,11 +91,11 @@ server { proxy_ignore_client_abort on; proxy_buffering on; chunked_transfer_encoding on; - proxy_pass http://127.0.0.1:4000; + proxy_pass http://phoenix; } location /api/fedsocket/v1 { proxy_request_buffering off; - proxy_pass http://127.0.0.1:4000/api/fedsocket/v1; + proxy_pass http://phoenix/api/fedsocket/v1; } } -- cgit v1.2.3 From 49229107e812d649e66e36e32e238db66b353b0f Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 30 Sep 2020 12:32:54 -0500 Subject: Make it possible for Varnish logs to contain the true scheme used by clients instead of always reporting http:// --- installation/pleroma.vcl | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'installation') diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl index 154747aa6..57b6d17b3 100644 --- a/installation/pleroma.vcl +++ b/installation/pleroma.vcl @@ -1,3 +1,4 @@ +# Recommended varnishncsa logging format: '%h %l %u %t "%m %{X-Forwarded-Proto}i://%{Host}i%U%q %H" %s %b "%{Referer}i" "%{User-agent}i"' vcl 4.1; import std; @@ -14,8 +15,11 @@ acl purge { sub vcl_recv { # Redirect HTTP to HTTPS if (std.port(server.ip) != 443) { + set req.http.X-Forwarded-Proto = "http"; set req.http.x-redir = "https://" + req.http.host + req.url; return (synth(750, "")); + } else { + set req.http.X-Forwarded-Proto = "https"; } # CHUNKED SUPPORT -- cgit v1.2.3 From b3015db841536c26934f43374ed75fb77a11ff68 Mon Sep 17 00:00:00 2001 From: Mark Felder Date: Wed, 30 Sep 2020 12:49:51 -0500 Subject: Syntax error --- installation/pleroma.vcl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'installation') diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl index 57b6d17b3..13dad784c 100644 --- a/installation/pleroma.vcl +++ b/installation/pleroma.vcl @@ -109,7 +109,7 @@ sub vcl_hash { sub vcl_backend_fetch { # Be more lenient for slow servers on the fediverse - if bereq.url ~ "^/proxy/" { + if (bereq.url ~ "^/proxy/") { set bereq.first_byte_timeout = 300s; } -- cgit v1.2.3