Lets hope this works, I am posting from my new instance, which has some teething issues, so if you see this it is a small victory…
I must fix some issues on my lemmy instance before I go insane. The setup is pretty simple (or so I thought), proxmox > ct with docker lemmy no outside connection, and another ct with docker npm proxying for it.
-
There is this deal breaking issue: on my local posts (the federated content seems to work) when I browse a community, the image posts are not showing the thumb, which expands if you click on it, istead they are shown as “link” and when I click on the black icon with the square with the arrow the image opens full screen on the window (it opens the image link). I think I have verified that the issue is that lemmy sets my image posts as link posts, there are no errors and the html shows no missing thumb. All tests show that my images get processed as they should, but in the end the post is “marked” as a link and it shows the square with the arrow.
-
Federation is also hit or miss, I get content, upvotes, posts, I can search and browse instances BUT some communites (random, even from the same instance) stay pending instead of joined (like this community).
-
Finally, I cannot find my instance searching from other instances, even though my instance is in their lists.
Can someone who has made nginx proxy manager on a separate server in the network give me some pointers?
I have done so many changes, tried to use nginx locally on the same CT (lemmy <> nginx <> npm) got to about the same state, wasted hours with the AI taking for a ride down “Hack-Town”, I am about to call it quits.
Here are the configs:
root@xx:/opt/lemmy# cat docker-compose.yml
networks:
# This stays internal for DB safety
lemmyinternal:
driver: bridge
internal: true
# We use the default bridge for everything that needs internet/DNS
default:
driver: bridge
lemmyexternal:
services:
lemmy:
image: dessalines/lemmy:0.19.15
networks:
- lemmyinternal
- default # Added to allow federation/DNS/Pictrs access
ports:
- 8536:8536
restart: always
environment:
- RUST_LOG="warn,lemmy_server=info,lemmy_api=info,lemmy_api_common=info,lemmy_api_crud=info,lemmy_apub=info,lemmy_db_schema=info,lemmy_db_views=info,lemmy_db_views_actor=info,lemmy_db_views_moderator=info,lemmy_routes=info,lemmy_utils=info,lemmy_websocket=info"
- RUST_BACKTRACE=1
# --- FIXES START HERE ---
- LEMMY_HOSTNAME=lemmy.tserts.com
- LEMMY_EXTERNAL_HOST=lemmy.tserts.com
- LEMMY_HTTPS=true # Tells backend to generate https:// links for the UI
# --- FIXES END HERE ---
volumes:
- /opt/lemmy/lemmy.hjson:/config/config.hjson
depends_on:
- postgres
- pictrs
lemmy-ui:
image: dessalines/lemmy-ui:0.19.15
networks:
- lemmyinternal
- default # Added so it can resolve 'lemmy' container via DNS
ports:
- 1236:1234
environment:
- LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
# --- FIXES START HERE ---
- LEMMY_UI_LEMMY_EXTERNAL_HOST=lemmy.tserts.com # Removed IP to stop CORS errors
- LEMMY_UI_HTTPS=true # Matches your NPM SSL setup
- LEMMY_HTTPS=true
# --- FIXES END HERE ---
depends_on:
- lemmy
restart: always
pictrs:
image: asonix/pictrs:0.5.0
networks:
- lemmyinternal
- default # Critical for downloading external images
hostname: pictrs
#environment:
user: 991:991
volumes:
- /opt/lemmy/volumes/pictrs:/mnt
restart: always
postgres:
image: postgres:15-alpine
networks:
- lemmyinternal
hostname: postgres
# No changes needed here, internal is fine for DB
environment:
- POSTGRES_USER=xx
- POSTGRES_PASSWORD=xxx
- POSTGRES_DB=xx
volumes:
- /opt/lemmy/volumes/postgres:/var/lib/postgresql/data
restart: always
root@xx:/opt/lemmy# cat lemmy.hjson
{
# for more info about the config, check out the documentation
# https://join-lemmy.org/docs/en/administration/configuration.html
# only few config options are covered in this example config
# the domain name of your instance (eg "lemmy.ml" or "fernchat.esotericmonkey.com")
hostname: "lemmy.tserts.com"
# address where lemmy should listen for incoming requests
bind: "0.0.0.0"
# port where lemmy should listen for incoming requests
port: 8536
# Whether the site is available over TLS. Needs to be true for federation to work.
tls_enabled: true
# pictrs host
pictrs: {
url: "http://pictrs:8080/"
# api_key: "API_KEY"
}
# settings related to the postgresql database
database: {
# name of the postgres database for lemmy
database: "xx"
# username to connect to postgres
user: "xx"
# password to connect to postgres
password: "xx"
# host where postgres is running. This needs to match the postgres hostname in the portainer stack
host: "postgres"
# port where postgres can be accessed
port: 5432
# maximum number of active sql connections
pool_size: 5
}
# See the documentation for available config fields and descriptions:
# https://join-lemmy.org/docs/en/administration/configuration.html
federation: {
hostname: "lemmy.tserts.com"
# allowed_instances: <lemmy_ml>
}
email: {
smtp_server: "xx"
smtp_login: "xx"
smtp_password: "xx"
smtp_from_address: "xx"
tls_type: "starttls"
}
}
Here is npm advanced tab, websockets are on and ssl is also setup right.
# Handle ActivityPub/Federation traffic
location ~ ^/(u|c|post|comment|nodeinfo|explore) {
set $proxytarget "http://10.0.0.227:1236/"; # Default to UI
if ($http_accept ~* "application/(activity|ld)\+json") {
set $proxytarget "http://10.0.0.227:8536/"; # Send to Backend
}
proxy_pass $proxytarget;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# Standard Root Location
location / {
proxy_pass http://10.0.0.227:1236/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
}
# API and Pictrs
location /api/ {
proxy_pass http://10.0.0.227:8536/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /pictrs/ {
proxy_pass http://10.0.0.227:8536/;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
}
Help me get my sleep back. ___
You must log in or # to comment.
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters FAA Federal Aviation Administration HTTP Hypertext Transfer Protocol, the Web IP Internet Protocol SSL Secure Sockets Layer, for transparent encryption nginx Popular HTTP server Jargon Definition Raptor Methane-fueled rocket engine under development by SpaceX
5 acronyms in this thread; the most compressed thread commented on today has 9 acronyms.
[Thread #1010 for this comm, first seen 19th Jan 2026, 15:05] [FAQ] [Full list] [Contact] [Source code]
The post reached lemmy.world, so I got this going for me… Thank you in advance!
replying here to test somenthing. 190126 1702
Test 2, I am close.
Replying to me.
What makes you suspect the Nginx config instead of Lemmy? Do you have any failing requests (timeout or statuscode >= 400) in nginx log? What are the failing endpoints?
Hi there, and thanks for taking the time. I cannot reply from my instance, i do not see your reply there. I can test all internal endpoints from the lemmy docker, and i can also test from outside and get a response, but something is not working right, i cannot find me from lemmy.world even with a full link, subscriptions stay pending, its a mess. i tried using the embedded nginx to replicate a stock setup and use npm only for simple proxying and SSL but that has failed as well. Do you have a similar setup to show me how your routing looks? I think lemmy is built for direct exposure to an open inet IP, it seems the devs have no interest in simplifying the structure so that it can work easily behind a proxy, i have a ton of dockerized apps that need minimal routing config, i understand that lemmy does a lot more that simply serve content so there must be a reason, however, i cannot make it work.
Try answering the questions I asked for yourself and see if anything comes up!