Allow running mastodon on a different domain as the one used for identifying users (#1267)
* Allow running mastodon on a different domain as the one used for identifying users * Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing * Compare to web_domain instead of local_domain when dealing with feeds/API * Correctly identify mentions to local accounts Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN.
This commit is contained in:
parent
0d2910478a
commit
a9529d3b4b
@ -11,6 +11,10 @@ DB_PORT=5432
|
|||||||
LOCAL_DOMAIN=example.com
|
LOCAL_DOMAIN=example.com
|
||||||
LOCAL_HTTPS=true
|
LOCAL_HTTPS=true
|
||||||
|
|
||||||
|
# Use this only if you need to run mastodon on a different domain than the one used for federation.
|
||||||
|
# Do not use this unless you know exactly what you are doing.
|
||||||
|
# WEB_DOMAIN=mastodon.example.com
|
||||||
|
|
||||||
# Application secrets
|
# Application secrets
|
||||||
# Generate each with the `rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
|
# Generate each with the `rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose)
|
||||||
PAPERCLIP_SECRET=
|
PAPERCLIP_SECRET=
|
||||||
|
@ -30,7 +30,7 @@ class Api::PushController < ApiController
|
|||||||
params = Rails.application.routes.recognize_path(uri.path)
|
params = Rails.application.routes.recognize_path(uri.path)
|
||||||
domain = uri.host + (uri.port ? ":#{uri.port}" : '')
|
domain = uri.host + (uri.port ? ":#{uri.port}" : '')
|
||||||
|
|
||||||
return unless TagManager.instance.local_domain?(domain) && params[:controller] == 'accounts' && params[:action] == 'show' && params[:format] == 'atom'
|
return unless TagManager.instance.web_domain?(domain) && params[:controller] == 'accounts' && params[:action] == 'show' && params[:format] == 'atom'
|
||||||
|
|
||||||
Account.find_local(params[:username])
|
Account.find_local(params[:username])
|
||||||
end
|
end
|
||||||
|
@ -56,6 +56,10 @@ class TagManager
|
|||||||
id.start_with?("tag:#{Rails.configuration.x.local_domain}")
|
id.start_with?("tag:#{Rails.configuration.x.local_domain}")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def web_domain?(domain)
|
||||||
|
domain.nil? || domain.gsub(/[\/]/, '').casecmp(Rails.configuration.x.web_domain).zero?
|
||||||
|
end
|
||||||
|
|
||||||
def local_domain?(domain)
|
def local_domain?(domain)
|
||||||
domain.nil? || domain.gsub(/[\/]/, '').casecmp(Rails.configuration.x.local_domain).zero?
|
domain.nil? || domain.gsub(/[\/]/, '').casecmp(Rails.configuration.x.local_domain).zero?
|
||||||
end
|
end
|
||||||
|
@ -163,7 +163,7 @@ class ProcessFeedService < BaseService
|
|||||||
|
|
||||||
url = Addressable::URI.parse(link['href'])
|
url = Addressable::URI.parse(link['href'])
|
||||||
|
|
||||||
mentioned_account = if TagManager.instance.local_domain?(url.host)
|
mentioned_account = if TagManager.instance.web_domain?(url.host)
|
||||||
Account.find_local(url.path.gsub('/users/', ''))
|
Account.find_local(url.path.gsub('/users/', ''))
|
||||||
else
|
else
|
||||||
Account.find_by(url: link['href']) || FetchRemoteAccountService.new.call(link['href'])
|
Account.find_by(url: link['href']) || FetchRemoteAccountService.new.call(link['href'])
|
||||||
|
@ -2,18 +2,20 @@
|
|||||||
|
|
||||||
port = ENV.fetch('PORT') { 3000 }
|
port = ENV.fetch('PORT') { 3000 }
|
||||||
host = ENV.fetch('LOCAL_DOMAIN') { "localhost:#{port}" }
|
host = ENV.fetch('LOCAL_DOMAIN') { "localhost:#{port}" }
|
||||||
|
web_host = ENV.fetch('WEB_DOMAIN') { host }
|
||||||
https = ENV['LOCAL_HTTPS'] == 'true'
|
https = ENV['LOCAL_HTTPS'] == 'true'
|
||||||
|
|
||||||
Rails.application.configure do
|
Rails.application.configure do
|
||||||
config.x.local_domain = host
|
config.x.local_domain = host
|
||||||
|
config.x.web_domain = web_host
|
||||||
config.x.use_https = https
|
config.x.use_https = https
|
||||||
config.x.use_s3 = ENV['S3_ENABLED'] == 'true'
|
config.x.use_s3 = ENV['S3_ENABLED'] == 'true'
|
||||||
|
|
||||||
config.action_mailer.default_url_options = { host: host, protocol: https ? 'https://' : 'http://', trailing_slash: false }
|
config.action_mailer.default_url_options = { host: web_host, protocol: https ? 'https://' : 'http://', trailing_slash: false }
|
||||||
config.x.streaming_api_base_url = 'http://localhost:4000'
|
config.x.streaming_api_base_url = 'http://localhost:4000'
|
||||||
|
|
||||||
if Rails.env.production?
|
if Rails.env.production?
|
||||||
config.action_cable.allowed_request_origins = ["http#{https ? 's' : ''}://#{host}"]
|
config.action_cable.allowed_request_origins = ["http#{https ? 's' : ''}://#{web_host}"]
|
||||||
config.x.streaming_api_base_url = ENV.fetch('STREAMING_API_BASE_URL') { "http#{https ? 's' : ''}://#{host}" }
|
config.x.streaming_api_base_url = ENV.fetch('STREAMING_API_BASE_URL') { "http#{https ? 's' : ''}://#{web_host}" }
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
Loading…
Reference in New Issue
Block a user