I’d like to self-host my own Lemmy instance. My environment is comprised of a Fedora VM on a separate VLAN running in Proxmox. That VM runs docker, and exposes all my services to Cloudflare using a treafik reverse proxy.
I have found some posts in my googlings of folks that were able to get Lemmy to work inside Traefik. I have tried their docker-compose files, and ultimately came up short.
My question, has anyone been able to get this working? If so, how?
This is my ingressroute for lemmy:
apiVersion: traefik.containo.us/v1alpha1 kind: IngressRoute metadata: name: lemmy spec: entryPoints: - web routes: - kind: Rule match: Host(`threads.ruin.io`) && PathPrefix(`/api/`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) && PathPrefix(`/pictrs/`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) && PathPrefix(`/feeds/`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) && PathPrefix(`/nodeinfo/`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) && PathPrefix(`/.well-known/`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) && Method(`POST`, `PUT`, `DELETE`, `PATCH`, `CONNECT`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) && HeadersRegexp(`Accept`, `application\/(?:activity|ld)\+json`) services: - kind: Service name: lemmy passHostHeader: true port: 80 - kind: Rule match: Host(`threads.ruin.io`) services: - kind: Service name: lemmy-ui passHostHeader: true port: 80
It seems to work correctly. Given that you’re not using kubernetes, you’ll need to do some translation work.
Can you federate with kbin instances? The communities get stuck at subscribe pending for me.
That’s the only thing not working and I assume I’m missing a proxy rule.
I had the same issue, upgrading to 0.18.1 and using the revised nginx.conf from lemmy-ansible fixed the issue.
Figured it out. I also had to add the PUT, DELETE, PATCH and CONNECT rules, only POST doesn’t work for kbin apparently.
I tried using Traefik in big corporation, 20+ different load balancer and reverse proxy (all with TLS termination) rules.
Caddy not just worked, but also worked faster and was WAY simplier to setup (using Caddyfile and reverse_proxy directives) than Traefik.
I’m reading about Caddy and playing around with it. It seems pretty straightforward. I’ll have to see if I can’t implement it.
Here is the example
docker-compose.yml
:services: caddy: image: caddy container_name: caddy volumes: - ./caddy/data:/data - ./caddy/config:/config - ./caddy/Caddyfile:/etc/caddy/Caddyfile ports: - 80:80/tcp - 443:443/tcp - 443:443/udp restart: always lemmy: image: lemmy container_name: lemmy ...
Before executing, create a new directory
caddy
i working directory, then create new fileCaddyfile
in it (lemmy
is a container name):mydomain.com { reverse_proxy lemmy:<lemmy_container_http_port> encode zstd gzip }
Then fix your UDP Buffer size, so it’s compatible with QUIC: https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
And that’s it. tcp80, tcp443 and udp443 should be reachable from anywhere, as Caddy out of the box uses ACME to retrieve TLS certificates for your domain.
Give it a try. Honestly Traefik is shit for a simple load balancer. It’s more suited for large enterprises and kubernetes services, but it also has numerous issues, such as basic auth performance issues, lack of headers customization as well as in overall somewhat difficult configuration. Caddy makes it straightforward & simple, which is perfect for simple users who love to self-host.