search

EmissarySocial / emissary

The Social Web Toolkit
https://emissary.dev
GNU Affero General Public License v3.0
132 stars 14 forks source link

ActivityPub not working on fresly installed instance #358

Closed c-cesar closed 4 months ago

c-cesar commented 5 months ago

Tried to follow and be followed, and can only follow Masotodon accounts by RSS. When I try to load a remote actor, I get a "401 Unauthorized" error. When trying to follow my Emissary actor from Mastodon I get a "503 Remote data could not be fetched" error.

benpate commented 5 months ago

Thanks for filing this issue. I have run into trouble with ActivityPub servers that use Authorized Fetch, which requires users' credentials to perform any actions on a server. Emissary doesn't (yet) support Authorized Fetch, but I do want to add that in the future.

To help me confirm that this is the case, are you able to share the server/account you're trying to follow?

benpate commented 5 months ago

Another comment prompted me to think of another possible issue. ActivityPub really doesn't work if you're running a test instance on localhost. There are many reasons why:

1) Following via ActivityPub requires two-way communication. When a remote server receives a "Follow" request, it looks up your identity on your home server and sends you an "Accept" message (if it approves of you). This is impossible on localhost because it's a local-only name.

2) Most ActivityPub servers require HTTPS connections. Emissary uses Let's Encrypt to creates SSL certificates automatically, which means that HTTPS "just works" on production environments. However, for similar reasons, Let's Encrypt won't offer SSL certificates for the localhost domain. It needs to be publicly route-able for any of this to work.

-- To test real ActivityPub connections, there are two options:

1) Run Emissary on a publicly available domain name. This could be a machine in a datacenter, or a network tunnel to your development machine. I'm perfectly comfortable doing this because I know Emissary's code and I trust it, but you should generally be skeptical of opening up HTTP networks tunnels to your local machine using software you don't trust.

2) You can set up several local domains on your machine, for instance: localhost, 127.0.0.1, 192.168.0.your-local-ip-address, my-machine-name.local, etc. Then, attach Emissary to several of these domains and send messages between them. For "local" environments, Emissary disregards the HTTPS requirement so that you can just work locally. You may also try doing this with Docker images of other ActivityPub servers, but I can't vouch for them allowing HTTP-only traffic.