mirror of
https://github.com/superseriousbusiness/gotosocial.git
synced 2024-11-21 19:26:40 +00:00
Compare commits
2 commits
352eba7ab6
...
ae39703958
Author | SHA1 | Date | |
---|---|---|---|
ae39703958 | |||
a05ffbebd9 |
|
@ -2,9 +2,9 @@
|
|||
|
||||
## Requirements
|
||||
|
||||
For this guide you will need [Caddy 2](https://caddyserver.com/), there are no other dependencies. Caddy manages Lets Encrypt certificates and renewal for them.
|
||||
For this guide, you will need [Caddy 2](https://caddyserver.com/), there are no other dependencies. Caddy manages Let's Encrypt certificates and their renewal.
|
||||
|
||||
Caddy is in the most popular package managers, or you can get a static binary. For all latest installation guides, refer to [their manual](https://caddyserver.com/docs/install).
|
||||
Caddy is in the most popular package managers, or you can get a static binary. For all the latest installation guides, refer to [their manual](https://caddyserver.com/docs/install).
|
||||
|
||||
### Debian, Ubuntu, Raspbian
|
||||
|
||||
|
@ -45,15 +45,15 @@ If GoToSocial is already running, stop it.
|
|||
```bash
|
||||
sudo systemctl stop gotosocial
|
||||
```
|
||||
In your GoToSocial config turn off Lets Encrypt by setting `letsencrypt-enabled` to `false`.
|
||||
In your GoToSocial config, turn off Lets Encrypt by setting `letsencrypt-enabled` to `false`.
|
||||
|
||||
If you we running GoToSocial on port 443, change the `port` value back to the default `8080`.
|
||||
If you are running GoToSocial on port 443, change the `port` value back to the default `8080`.
|
||||
|
||||
If the reverse proxy will be running on the same machine, set the `bind-address` to `"localhost"` so that the GoToSocial server is only accessible via loopback. Otherwise it may be possible to bypass your proxy by connecting to GoToSocial directly, which might be undesirable.
|
||||
If the reverse proxy will be running on the same machine, set the `bind-address` to `"localhost"` so that the GoToSocial server is only accessible via loopback. Otherwise, it may be possible to bypass your proxy by connecting to GoToSocial directly, which might be undesirable.
|
||||
|
||||
## Set up Caddy
|
||||
|
||||
We will configure Caddy 2 to use GoToSocial on our main domain example.org. Since Caddy takes care of obtaining the Lets Encrypt certificate, we only need to configure it properly once.
|
||||
We will configure Caddy 2 to use GoToSocial on our main domain example.org. Since Caddy takes care of obtaining the Let's Encrypt certificate, we only need to configure it properly once.
|
||||
|
||||
In most simple use cases Caddy defaults to a file called Caddyfile. It can reload on changes, or can be configured through an HTTP API for zero downtime, but this is out of our current scope.
|
||||
|
||||
|
@ -73,17 +73,17 @@ example.org {
|
|||
|
||||
# The actual proxy configuration to port 8080 (unless you've chosen another port number)
|
||||
reverse_proxy * http://127.0.0.1:8080 {
|
||||
# Flush immediatly, to prevent buffered response to the client
|
||||
# Flush immediately, to prevent buffered response to the client
|
||||
flush_interval -1
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
By default, caddy sets `X-Forwarded-For` in forwarded requests. To make this and rate limiting work, set the `trusted-proxies` configuration variable. See the [rate limiting](../../api/ratelimiting.md) and [general configuration](../../configuration/general.md) docs
|
||||
By default, caddy sets `X-Forwarded-For` in forwarded requests. To make this and rate-limiting work, set the `trusted-proxies` configuration variable. See the [rate limiting](../../api/ratelimiting.md) and [general configuration](../../configuration/general.md) docs
|
||||
|
||||
For advanced configuration check the [reverse_proxy directive](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) at the Caddy documentation.
|
||||
For advanced configuration, check the [reverse_proxy directive](https://caddyserver.com/docs/caddyfile/directives/reverse_proxy) at the Caddy documentation.
|
||||
|
||||
Now check for configuration errors.
|
||||
Now, check for configuration errors.
|
||||
|
||||
```bash
|
||||
sudo caddy validate
|
||||
|
@ -105,4 +105,4 @@ sudo systemctl start gotosocial
|
|||
|
||||
## Results
|
||||
|
||||
You should now be able to open the splash page for your instance in your web browser, and will see that it runs under HTTPS!
|
||||
You should now be able to open the splash page for your instance in your web browser and will see that it runs under HTTPS!
|
||||
|
|
Loading…
Reference in a new issue