mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-11-25 13:16:40 +00:00
Merge a05ffbebd9
into 3b037d165c
This commit is contained in:
commit
7ba9306e35
|
@ -2,9 +2,9 @@
|
||||||
|
|
||||||
## Requirements
|
## Requirements
|
||||||
|
|
||||||
For this guide you will need [Caddy 2](https://caddyserver.com/), there are no other dependencies. Caddy manages Lets Encrypt certificates and renewal for them.
|
For this guide, you will need [Caddy 2](https://caddyserver.com/), there are no other dependencies. Caddy manages Let's Encrypt certificates and their renewal.
|
||||||
|
|
||||||
Caddy is in the most popular package managers, or you can get a static binary. For all latest installation guides, refer to [their manual](https://caddyserver.com/docs/install).
|
Caddy is in the most popular package managers, or you can get a static binary. For all the latest installation guides, refer to [their manual](https://caddyserver.com/docs/install).
|
||||||
|
|
||||||
### Debian, Ubuntu, Raspbian
|
### Debian, Ubuntu, Raspbian
|
||||||
|
|
||||||
|
@ -45,15 +45,15 @@ If GoToSocial is already running, stop it.
|
||||||
```bash
|
```bash
|
||||||
sudo systemctl stop gotosocial
|
sudo systemctl stop gotosocial
|
||||||
```
|
```
|
||||||
In your GoToSocial config turn off Lets Encrypt by setting `letsencrypt-enabled` to `false`.
|
In your GoToSocial config, turn off Lets Encrypt by setting `letsencrypt-enabled` to `false`.
|
||||||
|
|
||||||
If you we running GoToSocial on port 443, change the `port` value back to the default `8080`.
|
If you are running GoToSocial on port 443, change the `port` value back to the default `8080`.
|
||||||
|
|
||||||
If the reverse proxy will be running on the same machine, set the `bind-address` to `"localhost"` so that the GoToSocial server is only accessible via loopback. Otherwise it may be possible to bypass your proxy by connecting to GoToSocial directly, which might be undesirable.
|
If the reverse proxy will be running on the same machine, set the `bind-address` to `"localhost"` so that the GoToSocial server is only accessible via loopback. Otherwise, it may be possible to bypass your proxy by connecting to GoToSocial directly, which might be undesirable.
|
||||||
|
|
||||||
## Set up Caddy
|
## Set up Caddy
|
||||||
|
|
||||||
We will configure Caddy 2 to use GoToSocial on our main domain example.org. Since Caddy takes care of obtaining the Lets Encrypt certificate, we only need to configure it properly once.
|
We will configure Caddy 2 to use GoToSocial on our main domain example.org. Since Caddy takes care of obtaining the Let's Encrypt certificate, we only need to configure it properly once.
|
||||||
|
|
||||||
In most simple use cases Caddy defaults to a file called Caddyfile. It can reload on changes, or can be configured through an HTTP API for zero downtime, but this is out of our current scope.
|
In most simple use cases Caddy defaults to a file called Caddyfile. It can reload on changes, or can be configured through an HTTP API for zero downtime, but this is out of our current scope.
|
||||||
|
|
||||||
|
@ -73,17 +73,17 @@ example.org {
|
||||||
|
|
||||||
# The actual proxy configuration to port 8080 (unless you've chosen another port number)
|
# The actual proxy configuration to port 8080 (unless you've chosen another port number)
|
||||||
reverse_proxy * http://127.0.0.1:8080 {
|
reverse_proxy * http://127.0.0.1:8080 {
|
||||||
# Flush immediatly, to prevent buffered response to the client
|
# Flush immediately, to prevent buffered response to the client
|
||||||
flush_interval -1
|
flush_interval -1
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
```
|
```
|
||||||
|
|
||||||
By default, caddy sets `X-Forwarded-For` in forwarded requests. To make this and rate limiting work, set the `trusted-proxies` configuration variable. See the [rate limiting](../../api/ratelimiting.md) and [general configuration](../../configuration/general.md) docs
|
By default, caddy sets `X-Forwarded-For` in forwarded requests. To make this and rate-limiting work, set the `trusted-proxies` configuration variable. See the [rate limiting](../../api/ratelimiting.md) and [general configuration](../../configuration/general.md) docs
|
||||||
|
|
||||||
For advanced configuration check the [reverse_proxy directive](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) at the Caddy documentation.
|
For advanced configuration, check the [reverse_proxy directive](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) at the Caddy documentation.
|
||||||
|
|
||||||
Now check for configuration errors.
|
Now, check for configuration errors.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
sudo caddy validate
|
sudo caddy validate
|
||||||
|
@ -105,4 +105,4 @@ sudo systemctl start gotosocial
|
||||||
|
|
||||||
## Results
|
## Results
|
||||||
|
|
||||||
You should now be able to open the splash page for your instance in your web browser, and will see that it runs under HTTPS!
|
You should now be able to open the splash page for your instance in your web browser and will see that it runs under HTTPS!
|
||||||
|
|
Loading…
Reference in a new issue