I’d like to self-host my own Lemmy instance. My environment is comprised of a Fedora VM on a separate VLAN running in Proxmox. That VM runs docker, and exposes all my services to Cloudflare using a treafik reverse proxy.

I have found some posts in my googlings of folks that were able to get Lemmy to work inside Traefik. I have tried their docker-compose files, and ultimately came up short.

My question, has anyone been able to get this working? If so, how?

  • btobolaski@threads.ruin.io
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    This is my ingressroute for lemmy:

    
    apiVersion: traefik.containo.us/v1alpha1
    kind: IngressRoute
    metadata:
      name: lemmy
    spec:
      entryPoints:
        - web
      routes:
        - kind: Rule
          match: Host(`threads.ruin.io`) && PathPrefix(`/api/`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`) && PathPrefix(`/pictrs/`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`) && PathPrefix(`/feeds/`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`) && PathPrefix(`/nodeinfo/`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`) && PathPrefix(`/.well-known/`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`) && Method(`POST`, `PUT`, `DELETE`, `PATCH`, `CONNECT`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`) && HeadersRegexp(`Accept`, `application\/(?:activity|ld)\+json`)
          services:
            - kind: Service
              name: lemmy
              passHostHeader: true
              port: 80
        - kind: Rule
          match: Host(`threads.ruin.io`)
          services:
            - kind: Service
              name: lemmy-ui
              passHostHeader: true
              port: 80
    

    It seems to work correctly. Given that you’re not using kubernetes, you’ll need to do some translation work.

    • Domi@lemmy.secnd.me
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      Can you federate with kbin instances? The communities get stuck at subscribe pending for me.

      That’s the only thing not working and I assume I’m missing a proxy rule.

  • zikk_transport2@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    I tried using Traefik in big corporation, 20+ different load balancer and reverse proxy (all with TLS termination) rules.

    Caddy not just worked, but also worked faster and was WAY simplier to setup (using Caddyfile and reverse_proxy directives) than Traefik.

    • daFRAKKINpope@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      0
      ·
      1 year ago

      I’m reading about Caddy and playing around with it. It seems pretty straightforward. I’ll have to see if I can’t implement it.

      • zikk_transport2@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        Here is the example docker-compose.yml:

        services:
          caddy:
            image: caddy
            container_name: caddy
            volumes:
              - ./caddy/data:/data
              - ./caddy/config:/config
              - ./caddy/Caddyfile:/etc/caddy/Caddyfile
            ports:
              - 80:80/tcp
              - 443:443/tcp
              - 443:443/udp
            restart: always
        
          lemmy:
            image: lemmy
            container_name: lemmy
            ...
        

        Before executing, create a new directory caddy i working directory, then create new file Caddyfile in it (lemmy is a container name):

        mydomain.com {
            reverse_proxy lemmy:<lemmy_container_http_port>
            encode zstd gzip
        }
        

        Then fix your UDP Buffer size, so it’s compatible with QUIC: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes

        And that’s it. tcp80, tcp443 and udp443 should be reachable from anywhere, as Caddy out of the box uses ACME to retrieve TLS certificates for your domain.

        Give it a try. Honestly Traefik is shit for a simple load balancer. It’s more suited for large enterprises and kubernetes services, but it also has numerous issues, such as basic auth performance issues, lack of headers customization as well as in overall somewhat difficult configuration. Caddy makes it straightforward & simple, which is perfect for simple users who love to self-host.