Activity Pub Not Loading?

Hi there, haven’t gotten any help on the comments made on other threads yet, so I thought I’d make my own. I’m self-hosting Ghost on an Ubuntu 22.04 server from Akamai. I’m running the latest version of Ghost (6.0.3) and the CLI (1.28.3).

Based on what’s written in the documents, I updated my nginx configs, in my case mnchrm.co.conf and mnchrm.co-ssl.conf. The contents of these are now as follows:

server {
    listen 80;
    listen [::]:80;

    server_name mnchrm.co;
    root /var/www/mnchrm/system/nginx-root;

location ~ /.ghost/activitypub/* {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
    add_header X-Content-Type-Options $header_content_type_options;
    proxy_ssl_server_name on;
    proxy_pass https://ap.ghost.org;
}

location ~ /.well-known/(webfinger|nodeinfo) {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $http_host;
    add_header X-Content-Type-Options $header_content_type_options;
    proxy_ssl_server_name on;
    proxy_pass https://ap.ghost.org;
}

    location / {
        return 301 https://$server_name$request_uri;
    }
    client_max_body_size 50m;
}

and

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name mnchrm.co;
    root /var/www/mnchrm/system/nginx-root;

    ssl_certificate /etc/letsencrypt/mnchrm.co/fullchain.cer;
    ssl_certificate_key /etc/letsencrypt/mnchrm.co/mnchrm.co.key;

    include /etc/nginx/snippets/ssl-params.conf;

    client_max_body_size 1g;

    location ~ /.ghost/activitypub/* {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        add_header X-Content-Type-Options $header_content_type_options;
        proxy_ssl_server_name on;
        proxy_pass https://ap.ghost.org;
    }

    location ~ /.well-known/(webfinger|nodeinfo) {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        add_header X-Content-Type-Options $header_content_type_options;
        proxy_ssl_server_name on;
        proxy_pass https://ap.ghost.org;
    }

    location / {
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
        proxy_pass http://127.0.0.1:2368;
    }

}

respectively.

Weirdly, it seems to be about half-working:

Profile and reader show page not found, but the notes page loads (as does the explore page):

and I even seem to have some notifications:

Can anyone spot my mistake to get this working?

One thing I would recommend is to simplify the first server block that’s listening on port 80:

server {
    listen 80;
    listen [::]:80;

    server_name _;

    location / {
        return 301 https://mnchrm.co$request_uri;
    }

}

That block is redirecting all http requests to https, so the other directives aren’t needed since you have them later in the next server block for https.

In the above server_name _; is used as a kind of catch all to match everything.

I suspect this might actually be a rendering issue on certain browsers.

I see exactly what you see with Chrome on mobile/Android. ActivityPub seems to be federating correctly, but the UI for the Admin/Network section is mostly broken.

The UI all renders correctly on Chrome on Windows, however.