this post was submitted on 18 Jan 2026
28 points (96.7% liked)

Selfhosted

54724 readers
749 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
28
Lemmy <> Nginx proxy manager nightmares (lemmy.tserts.com)
submitted 1 day ago* (last edited 1 day ago) by tserts@lemmy.tserts.com to c/selfhosted@lemmy.world
8 comments fedilink hide all child comments
 

Lets hope this works, I am posting from my new instance, which has some teething issues, so if you see this it is a small victory...

I must fix some issues on my lemmy instance before I go insane. The setup is pretty simple (or so I thought), proxmox > ct with docker lemmy no outside connection, and another ct with docker npm proxying for it.

  1. There is this deal breaking issue: on my local posts (the federated content seems to work) when I browse a community, the image posts are not showing the thumb, which expands if you click on it, istead they are shown as "link" and when I click on the black icon with the square with the arrow the image opens full screen on the window (it opens the image link). I think I have verified that the issue is that lemmy sets my image posts as link posts, there are no errors and the html shows no missing thumb. All tests show that my images get processed as they should, but in the end the post is "marked" as a link and it shows the square with the arrow.

  2. Federation is also hit or miss, I get content, upvotes, posts, I can search and browse instances BUT some communites (random, even from the same instance) stay pending instead of joined (like this community).

  3. Finally, I cannot find my instance searching from other instances, even though my instance is in their lists.

Can someone who has made nginx proxy manager on a separate server in the network give me some pointers?

I have done so many changes, tried to use nginx locally on the same CT (lemmy <> nginx <> npm) got to about the same state, wasted hours with the AI taking for a ride down "Hack-Town", I am about to call it quits.

Here are the configs:

root@xx:/opt/lemmy# cat docker-compose.yml

networks:
  # This stays internal for DB safety
  lemmyinternal:
    driver: bridge
    internal: true
  # We use the default bridge for everything that needs internet/DNS
  default:
    driver: bridge
  lemmyexternal:

services:
  lemmy:
    image: dessalines/lemmy:0.19.15
    networks:
      - lemmyinternal
      - default # Added to allow federation/DNS/Pictrs access
    ports:
      - 8536:8536
    restart: always
    environment:
      - RUST_LOG="warn,lemmy_server=info,lemmy_api=info,lemmy_api_common=info,lemmy_api_crud=info,lemmy_apub=info,lemmy_db_schema=info,lemmy_db_views=info,lemmy_db_views_actor=info,lemmy_db_views_moderator=info,lemmy_routes=info,lemmy_utils=info,lemmy_websocket=info"
      - RUST_BACKTRACE=1
      #
***
FIXES START HERE
***
      - LEMMY_HOSTNAME=lemmy.tserts.com
      - LEMMY_EXTERNAL_HOST=lemmy.tserts.com
      - LEMMY_HTTPS=true # Tells backend to generate https:// links for the UI
      #
***
FIXES END HERE
***
    volumes:
      - /opt/lemmy/lemmy.hjson:/config/config.hjson
    depends_on:
      - postgres
      - pictrs

  lemmy-ui:
    image: dessalines/lemmy-ui:0.19.15
    networks:
      - lemmyinternal
      - default # Added so it can resolve 'lemmy' container via DNS
    ports:
      - 1236:1234
    environment:
      - LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
      #
***
FIXES START HERE
***
      - LEMMY_UI_LEMMY_EXTERNAL_HOST=lemmy.tserts.com # Removed IP to stop CORS errors
      - LEMMY_UI_HTTPS=true # Matches your NPM SSL setup
      - LEMMY_HTTPS=true
      #
***
FIXES END HERE
***
    depends_on:
      - lemmy
    restart: always

  pictrs:
    image: asonix/pictrs:0.5.0
    networks:
      - lemmyinternal
      - default # Critical for downloading external images
    hostname: pictrs
    #environment:
    user: 991:991
    volumes:
      - /opt/lemmy/volumes/pictrs:/mnt
    restart: always

  postgres:
    image: postgres:15-alpine
    networks:
      - lemmyinternal
    hostname: postgres
    # No changes needed here, internal is fine for DB
    environment:
      - POSTGRES_USER=xx
      - POSTGRES_PASSWORD=xxx
      - POSTGRES_DB=xx
    volumes:
      - /opt/lemmy/volumes/postgres:/var/lib/postgresql/data
    restart: always

root@xx:/opt/lemmy# cat lemmy.hjson

{
  # for more info about the config, check out the documentation
  # https://join-lemmy.org/docs/en/administration/configuration.html

  # only few config options are covered in this example config


  # the domain name of your instance (eg "lemmy.ml" or "fernchat.esotericmonkey.com")
  hostname: "lemmy.tserts.com"
  # address where lemmy should listen for incoming requests
  bind: "0.0.0.0"
  # port where lemmy should listen for incoming requests
  port: 8536
  # Whether the site is available over TLS. Needs to be true for federation to work.
  tls_enabled: true

  # pictrs host
  pictrs: {
    url: "http://pictrs:8080/"
    # api_key: "API_KEY"
  }

  # settings related to the postgresql database
  database: {
    # name of the postgres database for lemmy
    database: "xx"
    # username to connect to postgres
    user: "xx"
    # password to connect to postgres
    password: "xx"
    # host where postgres is running. This needs to match the postgres hostname in the portainer stack
    host: "postgres"
    # port where postgres can be accessed
    port: 5432
    # maximum number of active sql connections
    pool_size: 5
  }


# See the documentation for available config fields and descriptions:
# https://join-lemmy.org/docs/en/administration/configuration.html
  federation: {
  hostname: "lemmy.tserts.com"
  # allowed_instances: <lemmy_ml>
}

  email: {
    smtp_server: "xx"
    smtp_login: "xx"
    smtp_password: "xx"
    smtp_from_address: "xx"
    tls_type: "starttls"
  }
}

Here is npm advanced tab, websockets are on and ssl is also setup right.

# Handle ActivityPub/Federation traffic
location ~ ^/(u|c|post|comment|nodeinfo|explore) {
    set $proxytarget "http://10.0.0.227:1236/"; # Default to UI
    
    if ($http_accept ~* "application/(activity|ld)\+json") {
        set $proxytarget "http://10.0.0.227:8536/"; # Send to Backend
    }

    proxy_pass $proxytarget;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

# Standard Root Location
location / {
    proxy_pass http://10.0.0.227:1236/;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
}

# API and Pictrs
location /api/ {
    proxy_pass http://10.0.0.227:8536/;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
}

location /pictrs/ {
    proxy_pass http://10.0.0.227:8536/;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
}

Help me get my sleep back. ___

you are viewing a single comment's thread
view the rest of the comments
[–] kumi@feddit.online 4 points 1 day ago (1 children)

What makes you suspect the Nginx config instead of Lemmy? Do you have any failing requests (timeout or statuscode >= 400) in nginx log? What are the failing endpoints?

[–] tserts@lemmy.world 1 points 20 hours ago (1 children)

Hi there, and thanks for taking the time. I cannot reply from my instance, i do not see your reply there. I can test all internal endpoints from the lemmy docker, and i can also test from outside and get a response, but something is not working right, i cannot find me from lemmy.world even with a full link, subscriptions stay pending, its a mess. i tried using the embedded nginx to replicate a stock setup and use npm only for simple proxying and SSL but that has failed as well. Do you have a similar setup to show me how your routing looks? I think lemmy is built for direct exposure to an open inet IP, it seems the devs have no interest in simplifying the structure so that it can work easily behind a proxy, i have a ton of dockerized apps that need minimal routing config, i understand that lemmy does a lot more that simply serve content so there must be a reason, however, i cannot make it work.

[–] kumi@feddit.online 1 points 20 hours ago* (last edited 20 hours ago)

Try answering the questions I asked for yourself and see if anything comes up!