Comments (16)
Hey @prologic, primary maintainer here. As you've noticed I've been relatively inactive in the project, for a variety of reasons - some just have to do with personal life, like my being in college, and it's partly because I've become more involved in different communities (e.g. Qubes OS). I can still guarantee security support for pump.io in accordance with our security policy but beyond that I don't want to make any promises that I may not keep :)
As such I cannot tell if Pump the server and Web UI is in any way currently mature and stable enough to be used (even on a personal basis).
As for this question, my suggestion is that you just set it up yourself and see if it meets your needs. Sounds like you're already trying to do so, which brings me to...
The Web UI insists on redirecting browsers to http://pump.mills.io:31337/ instead of https://pump.mills.io/ despite setting an environment
PUMPIO_URLPORT
This is a common issue and is covered in the FAQ: https://pumpio.readthedocs.io/en/latest/sysadmins-faq.html#i-set-urlport-but-my-browser-is-still-sending-me-to-the-wrong-port
from pump.io.
It is my understanding that ActivityPub isn't supported as of yet. See issue #1241
from pump.io.
For the record, following a user on another instance via the web UI has been possible since the beginning of Pump.io, you just need to do the remote login first. I don't personally use the web UI, since I very much prefer to use a desktop client, but the option's there.
ActivityPub support is ongoing (@evanp, ping?), and AFAIK S2S was being worked on first.
from pump.io.
@prologic I have several PR's to improve the UI and I have plans to do more, I think your problem is more related with server config also you can use NGXIN for reverse proxy
from pump.io.
@prologic yeah, I know pump.io has some problems related with the UI/UX and after the next release (6.0.0) I have plans to merge some of those PR, but the web UI require a big refactor.
from pump.io.
@prologic about the config check https://pumpio.readthedocs.io/en/latest/configuration/reference.html in your case without NGINX you should use port: 443
and hostname: https://pump.mills.io
and set up the key/cert
path.
if I start your server previously with another port that can cause the redirect because it is in the DB, you would have to delete it and start the server again.
Can we merge the UI/UX improvements as they stand now rather than wait for a "Big Refactor" of the UI? That would quickly become scope creep and involve a lot of hard work from those more capable on the UI/UX side (not me!)
as I say before I waiting the 6.0.0 release to merge more things, but you can check it https://github.com/pump-io/pump.io/pulls?q=is%3Aopen+is%3Apr+label%3Awebui
from pump.io.
😲That issue was filed over ~2.5yrs ago. It is unlikely that it will be completed. I looks like the scope was far too large to be implement in any tractional time-frame.
A little disappointing; but that's okay. It just makes Pump.io unsuitable for what I'd like to use it for -- a private decentralized social network where I can also follow/subscribe to other ActivityPub streams.
Looks like writeas/Read.as might be more promising especially when writeas/Read.as#4 and writeas/Read.as#5 are completed.
from pump.io.
@jankusanagi Could you explain how this works from a UI/UX point of view? I couldn't honestly figure this out with the instnace on datamost.com
I'm trying really hard to actually spin up an instance myself but I'm running into a lot of difficulty with running pump.io behind Traefik with TLS termination. The Web UI insists on redirecting browsers to http://pump.mills.io:31337/ instead of https://pump.mills.io/ despite setting an environment PUMPIO_URLPORT
:/ Seems sort of related to #1681 but not quite.
from pump.io.
@prologic I hace severals PR's yo improve the UI and I have plans to do more,
Can we get those PRs merged? Improvements to the UI would be very good here; my experience thus far with the Pump UI on a localhost deployment isn't that great -- there are some quirks and UX that could be better.
I think your problem is more related with server config also you can use NGXIN for reverse proxy
No. I do not want to use NGINX. My entire production infra is based on Docker Swarm and Traefik as the primary ingress load balancer and reverse proxy.
The choice of Load Balancer / Reverse Proxy however is not the issue here.
from pump.io.
Hey @prologic, primary maintainer here. As you've noticed I've been relatively inactive in the project, for a variety of reasons - some just have to do with personal life, like my being in college, and it's partly because I've become more involved in different communities (e.g. Qubes OS). I can still guarantee security support for pump.io in accordance with our security policy but beyond that I don't want to make any promises that I may not keep :)
I am sorry to hear that. Life does sometimes get in the way of interesting projects! Believe me I know :D
As such I cannot tell if Pump the server and Web UI is in any way currently mature and stable enough to be used (even on a personal basis).
As for this question, my suggestion is that you just set it up yourself and see if it meets your needs. Sounds like you're already trying to do so, which brings me to...
Yeah I'm doing exactly this and may contribute some fixes that fix some "production" issue I'm facing (see below).
The Web UI insists on redirecting browsers to http://pump.mills.io:31337/ instead of https://pump.mills.io/ despite setting an environment
PUMPIO_URLPORT
This is a common issue and is covered in the FAQ: https://pumpio.readthedocs.io/en/latest/sysadmins-faq.html#i-set-urlport-but-my-browser-is-still-sending-me-to-the-wrong-port
Yeah this is not the problem. I've read that FAQ entry. The problem is I cannot convince Pump to NOT redirect the client to http://mydomain:31337/ -- Its not clear to me how the following configuration parameters come in to play:
- hostname
- address
- port
- urlPort
From my early observation there seems to be some rather odd assumptions made about how Pump is deployed. I expect the server to fully request the Host:
and Path:
headers and correctly redirect to the same origin port and hostname. I do TLS termination at the Load Balancer / Reverse Proxy but Pump insists on redirecting to http://
which is just plain wrong.
Perhaps you could help clarify some of the configuration options and point me in the right direction? Like I said above -- I would be happy to contribute some small fixes that address the "production" issues I am facing.
from pump.io.
@prologic yeah, I know pump.io has some problems related with the UI/UX and after the next release (6.0.0) I have plans to merge some of those PR, but the web UI require a big refactor.
Can we merge the UI/UX improvements as they stand now rather than wait for a "Big Refactor" of the UI? That would quickly become scope creep and involve a lot of hard work from those more capable on the UI/UX side (not me!)
from pump.io.
@prologic about the config check https://pumpio.readthedocs.io/en/latest/configuration/reference.html in your case without NGINX you should use
port: 443
andhostname: https://pump.mills.io
and set up thekey/cert
path.
Okay. Thanks! I can try this tonight. I'll report back here if that works and put up a PR that shows a production level configuration and deployment in Docker Swarm + Traefik.
Can we merge the UI/UX improvements as they stand now rather than wait for a "Big Refactor" of the UI? That would quickly become scope creep and involve a lot of hard work from those more capable on the UI/UX side (not me!)
as I say before I waiting the 6.0.0 release to merge more things, but you can check it https://github.com/pump-io/pump.io/pulls?q=is%3Aopen+is%3Apr+label%3Awebui
Fair enough :)
from pump.io.
@vxcamiloxv Sorry to report but your suggested config does not work.
Setting hostname
to https://...
is wrong. It adds https://http://
to the Redirect URI sent to the client.
e.g: https://https//pump.mills.io:31337/
I'm really finding this redirect behavior to be quite broken and if I have enough energy tonight I may just fix the code.
To be honest I'm not even sure why it has to redirect on the first route/page in the first place :/
from pump.io.
@prologic sorry, my mistake, hostname
should be your IP (127.0.0.1 should works) and address
your domain without protocol, an example of configuration tests on my server.
{
"driver": "memory", // no_for_production
"noweb": false,
"site": "pump",
"owner": "Your Project",
"ownerURL": "http://distopico.info/",
"port": 443,
"hostname": "127.0.0.1",
"address": "activity.distopico.info",
"secret": "-----------",
"cert": "----/fullchain.pem",
"key": "----/privkey.pem",
"nologger": false,
"logLevel": "debug",
"datadir": "/var/local/pump",
"enableUploads": true,
"debugClient": false,
"disableRegistration": true,
"firehose": "ofirehose.com"
}
from pump.io.
I've been looking through the code in lib/app.js
and I'm a little sad to see some of this. #1239 is somewhat related here in that blatant assumptions are being made in the application about TLS. It looks like the only thing Pump's server code understands is useHTTPS
which is inferred from a non-null config.key
which in turn sets up a HTTPS backend.
Unfortunately the Dockerfile
upstream sets up a UID/GID < 1024 meaning that you can't bind the Pump server to port 443
anyway.
Worse if you could you'd not only need a set of certs for your Load Balancer / Reverse Proxy (which in my case is Traeifk + ACME/LetaEncrypt) but also for the backend (which sadly you'd have to do by hand).
I'm not sure at this point whether fixing this broken behavior is easy or not... It looks like all the ExpressJS .redirect(...)
calls are harmless. It s the explicit 301
being done early on in lib/app.js
that seems to be problematic -- which I still haven't figured out why it even does this.
from pump.io.
Sorry but you are wrong again :)
I got it working finally.
This is my working pump.yml
Docker Stackfile:
version: "3.7"
services:
pumpio:
image: r.mills.io/prologic/pumpio
environment:
- NODE_ENVIRONMENT=production
- PUMPIO_SECRET=CKknDicMCF5jV1xflycPGMDUE93MlhwS
- PUMPIO_HOSTNAME=pump.mills.io
- PUMPIO_PORT=443
- PUMPIO_ADDRESS=0.0.0.0
- PUMPIO_DATADIR=/data
- PUMPIO_ENABLE_UPLOADS=true
- PUMPIO_DRIVER=mongodb
- PUMPIO_PARAMS__HOST=mongodb
- PUMPIO_PARAMS__DBNAME=pumpio
networks:
- pump
- traefik
volumes:
- pumpdata:/data
deploy:
replicas: 1
placement:
constraints:
- "node.hostname == dm3.mills.io"
labels:
- "traefik.enable=true"
- "traefik.port=443"
- "traefik.backend=pump"
- "traefik.docker.network=traefik"
- "traefik.frontend.rule=Host:pump.mills.io"
mongodb:
image: mongo:latest
networks:
- pump
volumes:
- mongodata:/data/db
deploy:
replicas: 1
placement:
constraints:
- "node.hostname == dm3.mills.io"
networks:
pump:
driver: overlay
traefik:
external: true
volumes:
pumpdata:
driver: local
mongodata:
driver: local
Deployed with:
$ docker stack deploy pump.yml
I had to rebuild the Docker image with this diff to get this to work correctly:
diff --git a/Dockerfile b/Dockerfile
index 0942c8a4..bca4d7d1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -31,6 +31,6 @@ RUN apk add --no-cache graphicsmagick openssl nodejs npm python make g++ git \
VOLUME "${PUMP_DATADIR}"
WORKDIR "${PUMP_LOCATION}"
-EXPOSE 80
-USER pumpio
+EXPOSE 80 443
+
CMD ["pump"]
Like I said the whole redirection and configuration is a little strange to say the last but this configuration works behind a Traefik Reverse Proxy the TLS termination on the LB.
from pump.io.
Related Issues (20)
- Switch to Snyk
- Missing required Parameter HOT 4
- Suspicious: https://e14n.com/ is redirecting to https://activex.windowss10.com/ HOT 2
- Hilfreiche Nutzung von sozialen Netzwerken HOT 3
- Require the old password to change passwords
- Consider serving HSTS by default if TLS is enabled
- Deal with SVG uploads
- Fill in author displayName for inReplyTo objects
- Comments on comments appear, then disappear after a refresh
- OFirehose is broken HOT 4
- POST /main/register returns 400 Bad Request Invalid signature HOT 7
- Change references to ofirehose.com HOT 1
- improve HTTPS validation
- Search post
- Is this project dead? HOT 1
- Alternatives for Databank
- Is this project abandonded? HOT 3
- Online demo, feature description and screenshots?
- Security Issues HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pump.io.