Slashzero

Yes, there is: 0.18.2-rc.1, which has the hot fix, but will also require a DB query to “fix” the modlog once upgraded.

Sorry I didn’t get a chance to look at this, but I’m mostly on mobile and the link doesn’t work.

For future reference you can put it in a code block and lemmy-ui should be able to render it for you.

Example code block

I recommend using the docker images directly. As you see, the ansible scripts are basically another abstraction layer used to build the docker containers and their configs (and has string substitutions like {{some_string}} which are not valid for docker-compose.yml). Some will disagree but I feel ansible adds unnecessary complexity to deploying lemmy containers.

Anyway, glad you figured it all out!

Hi there! This sounds like you might just have a typo in your docker-compose.yml file. It might be helpful if you posted your docker-compose.yml contents here (be sure to remove any sensitive information).

Line 26 of my docker-compose.yml file is the volume block/map for letsencrypt. Did you perhaps mix tabs and spaces, or have one too many spaces in your indentations, in your yaml file? That’s a no-no…

Personally, I setup my instance using the same guide as you, opting for the docker containers. There were definitely a few pitfalls to deal with.

Hi there!

TL;DR: probably have an nginx misconfiguration. Check the nginx logs for errors.

You don’t need to install and run nginx on the host. It has its own container in the docker-compose.yml which gets started up on docker-compose up -d

If both instances of nginx are trying to bind to the same port, one will start and one will fail.

Is the lemmy proxy nginx docker container running? Check with: docker ps or docker container ls. If the lemmy nginx proxy container isn’t running, try stopping the host instance of nginx (systemctl nginx stop) and restart docker lemmy (docker-compose down, docker-compose up -d), the try to access your site again.

I think the safest option is to not host from your home network. If you aren’t up to date on security patches, you could potentially expose a lot of data from an insecure server running inside your network.

There are precautions you can take, like isolating any external facing servers from the rest of your network, for example, but I generally recommend using a hosted service instead.

Great write up!

Also going to suggest using the docker containers as well. It’s much easier to get up and running, plus Docker knowledge is great to have under your belt.

You might be able to setup a mod_rewrite rule to load a specific file path or other url based on the URL path, but a subdomain would probably be easier/cleaner.

From Apache mod_rewrite docs:

The mod_rewrite module uses a rule-based rewriting engine, based on a PCRE regular-expression parser, to rewrite requested URLs on the fly. By default, mod_rewrite maps a URL to a filesystem path. However, it can also be used to redirect one URL to another URL, or to invoke an internal proxy fetch.

Just remember the old adage about regular expressions: when you use a regular expression to try to solve one problem, you create two problems.

A subdomain would likely be cleaner and easier.

Yes, it does matter. Unfortunately you will have to try canceling (just tap or click the pending button) and subbing several times until you get lucky and it finally works.

This is sort of a catch 22, because the issue is caused by the server being under load (and some bad code or database queries likely needing to be fixed / optimized / refactored), and clicking the buttons is adding to that load, contributing to the problem.

TL;DR pending subscriptions are not subbed, so do not federate.

It happens. Better to fall for a fake one.

I remember back in 2000 or 2001 sitting at my desk and all of sudden my work e-mail client started going nuts with notifications filling with random emails. That was followed by people yelling “who clicked on that?!” Note: it wasn’t me. Good times.

It’s surprising how many people still fall for those tests.

Wait… these stupid IT security tests are now following me onto lemmy? The really obvious trying to be funny fake security emails are bad enough at work!

Hi there! What part of the docker setup are you getting hung up on? Can you post the log errors?

sudo docker logs lemmy_lemmy_1

And you can replace lemmy_lemmy_1 with the other service names for their logs.

To list the running docker containers (services):

sudo docker container ls or sudo docker ps

Here is the problem I had (it was that both smtp and external community searches were timing out) and how I fixed it. I think the only service I added to the new external network was lemmy. I can double check in the morning but it’s documented here in this post.

https://lemmy.ml/comment/494632

My thought process was that I wanted the lemmy services to all communicate on the internal network, but allow the lemmy service to make outgoing calls.

Interesting. I took a different approach to solve this issue.

I left all the containers on their internal only network, but added a secondary external facing network for lemmy so it could make outbound calls (otherwise it couldn’t make outbound calls to SMTP or for searches of communities on other instances).

I think it is more secure to leave the backend services on the internal network only otherwise they might be exposed.

It happens automatically. You just need to search for and subscribe to some communities on a few of the bigger instances from yours and it’s like magic.

In all seriousness, that’s all you need to do.

I setup my own instance and went with the free mail tier on brevo.com. They allow 300 relays per 24 hour period on the free tier. Their email stats and tracking looks decent too.

Prior to that I had setup my own postfix server, and while it worked fine, emails to gmail accounts were not getting through.