search

ckolderup / postmarks

a single-user bookmarking website designed to live on the Fediverse
https://postmarks.glitch.me
MIT License
456 stars 38 forks source link

Remove the suffix ".glitch.me" that is added to the domain #111

Closed XaviArnaus closed 9 months ago

XaviArnaus commented 9 months ago

TL;DR

There is a .glitch.me suffix hardcoded in src/utils.js that breaks the generation of the instance domain and its user when bringing up a Postmarks instance without Glitch, and also produces 503 errors when federating.

Setup

I've set up an own instance without the use of Glitch, let's say into the domain example.com. I also set up the SSL in my Reverse Proxy to this domain.

I have the .env file created and the domain is set up there:

PROJECT_DOMAIN=example.com

I have the account.json file created and the user set up there:

{
  "username": "xavi",
  ...
}

Going to the About section I find the textbox with the account I should follow in the fediverse:

@xavi@example.com.glitch.me

Issue

I found:

  1. this account (actually the domain part of it) do not conform to the SSL certificate and to the domain where the project is published. With a Webfinger lookup tool it shows that it is invalid: https://webfinger.net/lookup/?resource=xavi%40example.com.glitch.me 
    
Request Log
04:52:34 Looking up WebFinger data for acct:xavi@example.com.glitch.me
04:52:34 GET https://example.com.glitch.me/.well-known/webfinger?resource=acct%3Axavi%40example.com.glitch.me
04:52:35 Error getting JRD: Get "https://example.com.glitch.me/.well-known/webfinger?resource=acct%3Axavi%40example.com.glitch.me": tls: failed to verify certificate: x509: certificate is valid for glitch.com, *.gomix.me, gomix.com, gomix.me, glitch.me, *.glitch.com, *.gomix.com, *.glitch.me, not example.com.glitch.me

JSON Resource Descriptor (JRD) null

2. when trying to search for this user from my Mastodon account, it returns a "503 remote cert could not be verified".

## Possible fix
I edited the code here, by removing the suffix `.glitch.me`:
https://github.com/ckolderup/postmarks/blob/main/src/util.js#L25
And I deleted the `./.data/activitypub.db` (as I did not go beyond connectivity tests yet, so it would regenerate), and then everything worked:
1. the Webfinger tool returns the correct answer:

{ "subject": "acct:xavi@example.com", "links": [ { "rel": "self", "type": "application/activity+json", "href": "https://example.com/u/xavi" } ] }



2. The user in the fediverse instances also works, is searchable and followable.

## Suggestion
1. Remove the hardcoded suffix
2. If Glitch needs to be supported, make it a parameter in the `.env` file
ckolderup commented 9 months ago

Thanks for the report, this was definitely still optimized for Glitch hosting-- I think a number of people have just replaced the entire line to hardcode const domain = 'example.com';, but it's probably time that we offer a better solution. I will put something together shortly.

ckolderup commented 9 months ago

@XaviArnaus if you have a moment, take a look at #113 and let me know if that works for you

XaviArnaus commented 9 months ago

Sorry, personal issues... The #113 looks good, thank you!