Skip to content
Fragmented Development

How micro.fragdev.com was fixed

In a previous post (https://fragdev.com/blog/why-micro-fragdev-com-is-broken), I explained what happened to break subscriptions on our GNUsocial instance. Long story short: GNUsocial now forces HTTPS, which broke federation.

Today, I had a terrible idea of how it might be fixed. We're still waiting for the full results of the test, but I'm hopeful that this might be the fix we needed. It all started when Mikael "MMN-o" Nordfeldth suggested that I could fix our realtime plugin by using nginx to proxy the plain HTTP meteor through nginx.

If you can use nginx to proxy plain HTTP traffic via HTTPS… can you reverse the process and get plain HTTP from a HTTPS site?

server {
    server_name micro.fragdev.com;

    ## So crazy, it just might work...
    listen 80; 
    listen [::]:80;

    location / { 
        proxy_pass https://micro.fragdev.com;
    }   
}

That, ladies and gentleman, makes me cringe every time I look at it.

I made sure that micro.fragdev.com was added to my host file, so that it would resolve, but it works. Nginx visits the website for you, peels off the HTTPS encryption, and sends you back unencrypted text. The HTTPS site is still enabled, of course, giving us the best of both worlds.

Now, if you'll excuse me, I have to go wash my hands.

Tags: server gnusocial


Add Your Comment