From a9529d3b4b057eeb3b47943b271ad6605e22732d Mon Sep 17 00:00:00 2001 From: ThibG Date: Sat, 15 Apr 2017 02:15:46 +0200 Subject: [PATCH] Allow running mastodon on a different domain as the one used for identifying users (#1267) * Allow running mastodon on a different domain as the one used for identifying users * Alter documentation of WEB_DOMAIN to make clear it shouldn't be used unless the admin knows what they are doing * Compare to web_domain instead of local_domain when dealing with feeds/API * Correctly identify mentions to local accounts Mentions URLs point to the person's web profile, i.e., the user page served on WEB_DOMAIN. --- .env.production.sample | 4 ++++ app/controllers/api/push_controller.rb | 2 +- app/lib/tag_manager.rb | 4 ++++ app/services/process_feed_service.rb | 2 +- config/initializers/ostatus.rb | 8 +++++--- 5 files changed, 15 insertions(+), 5 deletions(-) diff --git a/.env.production.sample b/.env.production.sample index fd2f71165ab..1125eedbff5 100644 --- a/.env.production.sample +++ b/.env.production.sample @@ -11,6 +11,10 @@ DB_PORT=5432 LOCAL_DOMAIN=example.com LOCAL_HTTPS=true +# Use this only if you need to run mastodon on a different domain than the one used for federation. +# Do not use this unless you know exactly what you are doing. +# WEB_DOMAIN=mastodon.example.com + # Application secrets # Generate each with the `rake secret` task (`docker-compose run --rm web rake secret` if you use docker compose) PAPERCLIP_SECRET= diff --git a/app/controllers/api/push_controller.rb b/app/controllers/api/push_controller.rb index 78d4e36e691..f2ddfd969ee 100644 --- a/app/controllers/api/push_controller.rb +++ b/app/controllers/api/push_controller.rb @@ -30,7 +30,7 @@ class Api::PushController < ApiController params = Rails.application.routes.recognize_path(uri.path) domain = uri.host + (uri.port ? ":#{uri.port}" : '') - return unless TagManager.instance.local_domain?(domain) && params[:controller] == 'accounts' && params[:action] == 'show' && params[:format] == 'atom' + return unless TagManager.instance.web_domain?(domain) && params[:controller] == 'accounts' && params[:action] == 'show' && params[:format] == 'atom' Account.find_local(params[:username]) end diff --git a/app/lib/tag_manager.rb b/app/lib/tag_manager.rb index 07b2fb91e01..f26c943d256 100644 --- a/app/lib/tag_manager.rb +++ b/app/lib/tag_manager.rb @@ -56,6 +56,10 @@ class TagManager id.start_with?("tag:#{Rails.configuration.x.local_domain}") end + def web_domain?(domain) + domain.nil? || domain.gsub(/[\/]/, '').casecmp(Rails.configuration.x.web_domain).zero? + end + def local_domain?(domain) domain.nil? || domain.gsub(/[\/]/, '').casecmp(Rails.configuration.x.local_domain).zero? end diff --git a/app/services/process_feed_service.rb b/app/services/process_feed_service.rb index a2def453513..321f53f22e6 100644 --- a/app/services/process_feed_service.rb +++ b/app/services/process_feed_service.rb @@ -163,7 +163,7 @@ class ProcessFeedService < BaseService url = Addressable::URI.parse(link['href']) - mentioned_account = if TagManager.instance.local_domain?(url.host) + mentioned_account = if TagManager.instance.web_domain?(url.host) Account.find_local(url.path.gsub('/users/', '')) else Account.find_by(url: link['href']) || FetchRemoteAccountService.new.call(link['href']) diff --git a/config/initializers/ostatus.rb b/config/initializers/ostatus.rb index fb0b8b7fe32..155d0a9f1a8 100644 --- a/config/initializers/ostatus.rb +++ b/config/initializers/ostatus.rb @@ -2,18 +2,20 @@ port = ENV.fetch('PORT') { 3000 } host = ENV.fetch('LOCAL_DOMAIN') { "localhost:#{port}" } +web_host = ENV.fetch('WEB_DOMAIN') { host } https = ENV['LOCAL_HTTPS'] == 'true' Rails.application.configure do config.x.local_domain = host + config.x.web_domain = web_host config.x.use_https = https config.x.use_s3 = ENV['S3_ENABLED'] == 'true' - config.action_mailer.default_url_options = { host: host, protocol: https ? 'https://' : 'http://', trailing_slash: false } + config.action_mailer.default_url_options = { host: web_host, protocol: https ? 'https://' : 'http://', trailing_slash: false } config.x.streaming_api_base_url = 'http://localhost:4000' if Rails.env.production? - config.action_cable.allowed_request_origins = ["http#{https ? 's' : ''}://#{host}"] - config.x.streaming_api_base_url = ENV.fetch('STREAMING_API_BASE_URL') { "http#{https ? 's' : ''}://#{host}" } + config.action_cable.allowed_request_origins = ["http#{https ? 's' : ''}://#{web_host}"] + config.x.streaming_api_base_url = ENV.fetch('STREAMING_API_BASE_URL') { "http#{https ? 's' : ''}://#{web_host}" } end end