• 0 Posts
  • 11 Comments
Joined 1 year ago
Cake day: June 30th, 2023
  • NeonWoofGenesis@kek.henlo.fitoSelfhosted@lemmy.world[Question] Installing Lemmy instance from docker -> 502 bad gatewayEnglish
    21·
    1 year ago

    As @slashzero@hakbox.social said, if you’re using an additional nginx server, your docker nginx can’t listen for port 80 or 443. Here’s my host nginx reverse proxy’s ssl section for reference:

    server {
    server_name kek.henlo.fi;

        location / {
	proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

        include proxy_params;
        proxy_pass http://localhost:9001;
    }

    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate /etc/letsencrypt/live/kek.henlo.fi/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/kek.henlo.fi/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

    Maybe you’re missing some proxy headers, or the docker compose isn’t forwarding the correct ports.

    But it can definitely be something completely different.

  • NeonWoofGenesis@kek.henlo.fitoLemmy SupportIn over my head trying to get a new instance running
    2·
    1 year ago

    I’ve been scratching my head over the postfix-relay as you have, until I realized my ISP(running the server at home) blocks port 25.

    So I got the SMTP provider approach to work, through Brevo. I’ll detail my steps here. I also tried to setup using gmail but I got an authentication error so I quickly gave up on that.

    Sign up to Brevo

    Register at Brevo with your totally legit existing company name, then choose the free plan. This allows 300 free emails sent/day.

    On the dash page, click in the top right -> “SMTP & API”. Here’s your login information for the lemmy.hjson config. Use the SMTP key value as your smtp_password

    Edit your lemmy.hjson

    lemmy.hjson

    email: {
  # Hostname and port of the smtp server
  smtp_server: "smtp-relay.brevo.com:587"
  # Address to send emails from, eg noreply@your-instance.com
  smtp_from_address: "noreply@example.tld"
  smtp_login: "<brevo login email>"
  smtp_password: "<smtp key>"
  # Whether or not smtp connections should use tls. Can be none, tls, or starttls
  tls_type: "starttls"
}

    With this approach you also don’t need postfix-relay in your docker-compose.

    With this setup, you should be able to get the verification/password reset emails to be sent. However the recipient will receive a phishing warning or perhaps the email won’t even get through, because your DKIM signature doesn’t match your domain.

    DKIM signature

    To get a proper DKIM signature, you also need to edit your DNS records.

    From the Brevo dashboard click the topright menu again -> “Senders & IP”.

    Go to “Senders” and edit the “From email” field to your own domain example.tld

    Then go back and go to “Domains” -> “Add a domain”. Add in your example.tld and probably choose “Other” for provider. In the next page you get records to add to your DNS provider. If you don’t know how this works there’s a tutorial linked on that page.

    Click authenticate, and you should now see green checkmarks if done correctly :).

    Keep in mind you won’t receive emails if someone replies to these, since there’s no IMAP setup.

    Do tell if there’s anything wrong with these instructions, I only wrote it from memory.