this post was submitted on 17 Dec 2023
29 points (96.8% liked)

Selfhosted

40041 readers
624 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

How do you configure your webfingers to support multiple subdomains that host AP services?

Edit: looks like someone filed this issue. If you have a GitHub account, please thumbs up/bump it!

https://github.com/pixelfed/pixelfed/issues/3563

all 14 comments
sorted by: hot top controversial new old
[–] poVoq@slrpnk.net 5 points 10 months ago (1 children)

You can't have them all on the same webfinger on the root domain, but having them separately on subdomains should work without issues.

[–] thisisawayoflife@lemmy.world 1 points 10 months ago (1 children)

I was hoping that pixelfed would request a different rel than mastodon. I'm pretty sure I have my webfinger configured to use myemail@mydomain.tld, which works fine for diaspora and mastodon because they operate off different resources - but I think pixelfed copies mastodon so requesting the mastodon rel gives my mastodon user. That seems like a bug in pixelfed, to me.

[–] poVoq@slrpnk.net 2 points 10 months ago (1 children)

Maybe there is some kind of workaround, but I have not seen it so far.

[–] thisisawayoflife@lemmy.world 2 points 10 months ago (1 children)
[–] poVoq@slrpnk.net 2 points 10 months ago (2 children)

Yes, but I think this still would not allow having two different AP services on the same root domain.

For that it would need to do some webfinger multiplexing and also the s2s connections would need to be somehow marked according to what specific type of AP software they are supposed to address.

[–] thisisawayoflife@lemmy.world 2 points 10 months ago* (last edited 10 months ago)

If a service was serving the webfinger, it could guess which account needed to be returned based on the requesters user agent. If the UA was mastodon, it could return the mastodon link rel, if pixelfed then return that link rel, etc.

Might be able to rig it with some more complex conditional logic and regex in nginx as a bandaid. AFAICT, the webfinger spec doesn't really allow for this, which if true, was pretty short sighted.

I haven't considered more in depth S2S connections. I'll have to watch the traffic logs and see what exactly is being requested and see if all of it can be directed accordingly. I see now you commented on that issue. Also, to be clear, I'm still running the services in subdomains, but I'm trying to use user@domain.tld as the discovery account.

[–] lemmyvore@feddit.nl 1 points 10 months ago (1 children)

How do you run two AP services on the same domain?

[–] poVoq@slrpnk.net 1 points 10 months ago (1 children)

Exactly... But as I wrote it might be possible with some nginx multiplexing hack.

[–] lemmyvore@feddit.nl 1 points 10 months ago (1 children)

I'm not sure I understand why hacks are needed. In order to run two AP services you either need two different [sub]domains, or two different URLs on the same domain. In both cases the webfinger URL will be specific to the AP [sub]domain or URL. So the problem is already solved.

How would this "multiplexed" webfinger URL even look?

[–] poVoq@slrpnk.net 1 points 10 months ago

The webfinger would be the same, but once the server gets contacted it would need to multiplex requests on some sort of identifier.

[–] Decronym@lemmy.decronym.xyz 2 points 10 months ago* (last edited 10 months ago)

Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:

Fewer Letters More Letters
AP WiFi Access Point
HTTP Hypertext Transfer Protocol, the Web
nginx Popular HTTP server

2 acronyms in this thread; the most compressed thread commented on today has 7 acronyms.

[Thread #362 for this sub, first seen 18th Dec 2023, 07:45] [FAQ] [Full list] [Contact] [Source code]

[–] stown@sedd.it 1 points 10 months ago (1 children)

I've wanted somebody to create a webfinger proxy for a while now. Let me know if you find anything.

[–] thisisawayoflife@lemmy.world 1 points 10 months ago

I'll start researching what the user agents are for the various services and then work on creating a simple POC with nginx. If that actually works, I can try to put together a production quality app to handle it.