don't require proxy server

This commit is contained in:
Taeer Bar-Yam 2024-03-06 09:16:35 -05:00
parent 230810bf6f
commit dc6e4936ed
2 changed files with 15 additions and 23 deletions

View file

@ -5,33 +5,14 @@ nixos-rebuild build-vm --flake .#mastodon
./result/bin/run-nixos-vm ./result/bin/run-nixos-vm
``` ```
Now you can access mastodon at <https://social.local.gd:44443> Now you can access mastodon at <https://mastodon.localhost:55001>
- You will have to "accept the security risk". - You will have to "accept the security risk".
- It may take a minute for the webpage to come online. Until then you will see 502 Bad Gateway - It may take a minute for the webpage to come online. Until then you will see 502 Bad Gateway
Remember that if you want to clear the state from one launch to the next, you should delete the `nixos.qcow2` file that is created. Remember that if you want to clear the state from one launch to the next, you should delete the `nixos.qcow2` file that is created.
# Account creation / access - email, when it works, will be accessible at <https://mastodon.localhost:55001/letter_opener>
Mastodon throws a hissyfit when trying to create accounts / login if it's not being **accessed** on port 443. This is a problem with the way we've set up port forwarding.
My current (terrible) solution is to run
```
nixos-rebuild build-vm --flake .#mastodon
# start a proxy server to the server on port 1234 (you can pick your favourite port)
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o LogLevel=Error -D 1234 root@localhost -p 2222
# optional. create a new firefox profile so we don't have to undo the settings when we're done
mkdir /tmp/profile && firefox --profile /tmp/profile
```
Then configure Firefox by going to `about:config` and setting `network.proxy.allow_hijacking_localhost` to `true`, and in `about:preferences` set the proxy to manual `localhost` port `1234`, and enable `Proxy DNS` at the bottom.
Navigate to <https://social.local.gd>, and click "create account"
- email verification is WIP, but should be accessible at <https://social.local.gd/letter_opener>
# TODOs # TODOs
@ -48,7 +29,7 @@ Navigate to <https://social.local.gd>, and click "create account"
- SEE: https://docs.joinmastodon.org/admin/scaling/ - SEE: https://docs.joinmastodon.org/admin/scaling/
- [ ] remove the need for "accept security risk" dialogue if possible - [ ] remove the need for "accept security risk" dialogue if possible
- [ ] development environment does not work seamlessly. - [ ] development environment does not work seamlessly.
- [ ] don't require proxy server - [x] don't require proxy server
- either forward 443 directly, or get mastodon to accept connections on a different port (maybe 3000? see development environment documentation) - either forward 443 directly, or get mastodon to accept connections on a different port (maybe 3000? see development environment documentation)
- [ ] get letter_opener working - [ ] get letter_opener working

View file

@ -102,6 +102,9 @@
{ {
virtualisation.vmVariant = { config, ... }: { virtualisation.vmVariant = { config, ... }: {
services.mastodon = { services.mastodon = {
# needed so we can directly access mastodon at port 55001
# otherwise, mastodon has to be accessed *from* port 443, which we can't do via port forwarding
enableUnixSocket = false;
extraConfig = { extraConfig = {
RAILS_ENV = "development"; RAILS_ENV = "development";
# for letter_opener # for letter_opener
@ -138,9 +141,17 @@
rails db:seed rails db:seed
else else
echo "Migrating database (this might be a noop)" echo "Migrating database (this might be a noop)"
rails db:migrate # TODO: this breaks for some reason
# rails db:migrate
fi fi
''; '';
virtualisation.forwardPorts = lib.mkForce [
{
from = "host";
host.port = 55001;
guest.port = 55001;
}
];
}; };
} }
] ]