};
};
- services.nginx = mkIf cfg.nginx.enable {
+ services.nginx = let
+ ui = "http://127.0.0.1:${toString cfg.ui.port}";
+ backend = "http://127.0.0.1:${toString cfg.settings.port}";
+ in mkIf cfg.nginx.enable {
enable = mkDefault true;
- virtualHosts."${cfg.settings.hostname}".locations = let
- ui = "http://127.0.0.1:${toString cfg.ui.port}";
- backend = "http://127.0.0.1:${toString cfg.settings.port}";
- in {
+ appendHttpConfig = ''
+ map "$request_method:$http_accept" $proxpass {
+ # If no explicit matches exists below, send traffic to lemmy-ui
+ default "${ui}";
+
+ # GET/HEAD requests that accepts ActivityPub or Linked Data JSON should go to lemmy.
+ #
+ # These requests are used by Mastodon and other fediverse instances to look up profile information,
+ # discover site information and so on.
+ "~^(?:GET|HEAD):.*?application\/(?:activity|ld)\+json" "${backend}";
+
+ # All non-GET/HEAD requests should go to lemmy
+ #
+ # Rather than calling out POST, PUT, DELETE, PATCH, CONNECT and all the verbs manually
+ # we simply negate the GET|HEAD pattern from above and accept all possibly $http_accept values
+ "~^(?!(GET|HEAD)).*:" "${backend}";
+ }
+ '';
+ virtualHosts."${cfg.settings.hostname}".locations = {
"~ ^/(api|pictrs|feeds|nodeinfo|.well-known)" = {
# backend requests
proxyPass = backend;
proxyPass = "$proxpass";
recommendedProxySettings = true;
extraConfig = ''
- set $proxpass "${ui}";
- if ($http_accept = "application/activity+json") {
- set $proxpass "${backend}";
- }
- if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {
- set $proxpass "${backend}";
- }
- if ($request_method = POST) {
- set $proxpass "${backend}";
- }
-
# Cuts off the trailing slash on URLs to make them valid
rewrite ^(.+)/+$ $1 permanent;
'';
environment = {
LEMMY_UI_HOST = "127.0.0.1:${toString cfg.ui.port}";
- LEMMY_UI_LEMMY_INTERNAL_HOST = "127.0.0.1:${toString cfg.settings.port}";
+ LEMMY_UI_LEMMY_INTERNAL_HOST =
+ "127.0.0.1:${toString cfg.settings.port}";
LEMMY_UI_LEMMY_EXTERNAL_HOST = cfg.settings.hostname;
LEMMY_UI_HTTPS = "false";
};