farias/InstallLemmyKO
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Installation Lemmy
1 commit 1 branch 0 tags 25 KiB
Find a file
Exact
farias 6dae90084e Ajouter README.md
2025-08-26 12:32:58 +00:00
README.md Ajouter README.md 2025-08-26 12:32:58 +00:00

README.md

Configuration

Configuration de Apache2

J'ai une VM devant la VM de Lemmy, cette VM fait la gestion des domaines et des certificats.

<IfModule mod_ssl.c>
<Location />
SetEnvIfNoCase User-Agent "MJ12bot" bad_bot
SetEnvIfNoCase User-Agent "Baiduspider" bad_bot
SetEnvIfNoCase User-Agent "Vagabondo" bad_bot
SetEnvIfNoCase User-Agent "lwp-trivial" bad_bot
SetEnvIfNoCase User-Agent "Wget" bad_bot
SetEnvIfNoCase User-Agent "XoviBot" bad_bot
SetEnvIfNoCase User-Agent "xovibot" bad_bot
SetEnvIfNoCase User-Agent "AhrefsBot" bad_bot
SetEnvIfNoCase User-Agent "SemrushBot" bad_bot
SetEnvIfNoCase User-Agent "python-requests" bad_bot
SetEnvIfNoCase User-Agent "YandexBot" bad_bot
SetEnvIfNoCase User-Agent "megaindex" bad_bot
SetEnvIfNoCase User-Agent "GuzzleHttp" bad_bot
SetEnvIfNoCase User-Agent "CCBot" bad_bot
SetEnvIfNoCase User-Agent "barkrowler" bad_bot
SetEnvIfNoCase User-Agent "dotbot" bad_bot
SetEnvIfNoCase User-Agent "attentio" bad_bot
SetEnvIfNoCase User-Agent "Neevabot" bad_bot
SetEnvIfNoCase User-Agent "netEstate" bad_bot
SetEnvIfNoCase User-Agent "amazonbot" bad_bot
SetEnvIfNoCase User-Agent "AmazonBot" bad_bot
SetEnvIfNoCase User-Agent "IbouBot" bad_bot

Deny from env=bad_bot
</Location>
<VirtualHost *:80>
        ServerName lemmy.cyber-neurones.org
        Redirect / https://lemmy.cyber-neurones.org/
</VirtualHost>
<VirtualHost *:443 >
    ServerAdmin XXXXXX@cyber-neurones.org
    ServerName lemmy.cyber-neurones.org
    ProxyPreserveHost On
    ProxyRequests On
    ErrorLog ${APACHE_LOG_DIR}/error.lemmy-ssl.log
    CustomLog ${APACHE_LOG_DIR}/access.lemmy-ssl.log combined

    RequestHeader set X-Forwarded-Proto "https"

    Protocols h2 http/1.1

    AddOutputFilterByType DEFLATE text/css
    AddOutputFilterByType DEFLATE application/javascript
    AddOutputFilterByType DEFLATE image/svg+xml

    Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
    Header always set X-Frame-Options SAMEORIGIN
    Header always set X-Content-Type-Options nosniff
    Header always set X-XSS-Protection "1; mode=block"
    Header always set Access-Control-Allow-Origin "*"
    Header always set Access-Control-Max-Age "1000"
    Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
    ProxyPreserveHost On
    ProxyAddHeaders On

    ProxyPassMatch ^/(api|pictrs|feeds|nodeinfo|\.well-known)/(.*)$ http://192.168.1.114:6536/$1/$2

    ProxyPassReverse /api/ http://192.168.1.114:6536/api/
    ProxyPassReverse /pictrs/ http://192.168.1.114:6536/pictrs/
    ProxyPassReverse /feeds/ http://192.168.1.114:6536/feeds/
    ProxyPassReverse /nodeinfo/ http://192.168.1.114:6536/nodeinfo/
    ProxyPassReverse /.well-known/ http://192.168.1.114:6536/.well-known/

    ProxyPass / http://192.168.1.114:1234/
    ProxyPassReverse / http://192.168.1.114:1234

    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} websocket [NC]
    RewriteRule .* http://192.168.1.114:6536%{REQUEST_URI} [P]

    RewriteCond %{HTTP_ACCEPT} "=application/activity+json" [NC,OR]
    RewriteCond %{HTTP_ACCEPT} '=application/ld+json; profile="https://www.w3.org/ns/activitystreams"' [NC,OR]
    RewriteCond %{REQUEST_METHOD} ^POST [NC]
    RewriteRule .* http://192.168.1.114:6536%{REQUEST_URI} [P]
    <Proxy *>
    Order deny,allow
    Allow from all
    Deny from bad_bot
    </Proxy>

    Include /etc/letsencrypt/options-ssl-apache.conf
    SSLCertificateFile /etc/letsencrypt/live/lemmy.cyber-neurones.org/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/lemmy.cyber-neurones.org/privkey.pem
</VirtualHost>
</IfModule>

Dans les logs j'ai le Register qui ne fonctionne pas (erreur 503) :

XX.XX.XX.XX- - [26/Aug/2025:13:50:50 +0200] "POST /api/v3/user/register HTTP/1.1" 503 1262 "https://lemmy.cyber-neurones.org/setup" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:141.0) Gecko/20100101 Firefox/141.0"

J'ai pas de logs dans Lemmy alors que je suis en mode TRACE

Fichier : /etc/systemd/system/lemmy.service

[Unit]
Description=Lemmy Server
After=network.target

[Service]
User=lemmy
ExecStart=/opt/lemmy/lemmy-server/lemmy_server
Environment=LEMMY_CONFIG_LOCATION=/opt/lemmy/lemmy-server/lemmy.hjson
Environment=RUST_LOG="trace"
Restart=on-failure
WorkingDirectory=/opt/lemmy

# Hardening
ProtectSystem=yes
PrivateTmp=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

Fichier : /opt/lemmy/lemmy-server/lemmy.hjson

{
  setup: {
    admin_username: "admin"
    admin_password: "secret"
    site_name: "My Lemmy Instance"
    admin_email: "XXXXX@cyber-neurones.org"
 }
  database: {
    password: "secret"
    connection: "postgres://lemmy:secret@localhost:5432/lemmy"
    pool_size: 30
  }
  hostname: lemmy.cyber-neurones.org
  bind: "0.0.0.0"
  port: 8536
  tls_enabled: false
  federation: {
    enabled: true
  }
}

Bref je comprends pas le problème ....