I’m running Ghost 6.23.0 on PikaPods. The ActivityPub/Fediverse feature works correctly on the default pikapod.net subdomain, but fails after configuring a custom domain.
On every boot I get:
ERROR Could not get webhook secret for ActivityPub
FetchError: invalid json response body at https://lokz.net/.ghost/activitypub/v1/site
reason: Unexpected token 'g', "ghost_uuid"... is not valid JSON
ERROR No webhook secret found - cannot initialise
When I manually request https://lokz.net/.ghost/activitypub/v1/site I get:
{"error":"Forbidden","code":"ROLE_MISSING"}
The response headers confirm the request is reaching ap.ghost.org:
server: Google Frontend
via: 2.0 Caddy, 1.1 google
I’ve ruled out DNS and proxy issues — the domain resolves correctly to PikaPods’ IP via a clean Porkbun ALIAS record with no Cloudflare proxy involved. PikaPods confirmed their reverse proxy configuration is identical for both the default subdomain and custom domain, and directed me here since ap.ghost.org is Ghost-managed infrastructure.
My understanding is that the AP sidecar at ap.ghost.org has the site registered under the pikapod.net subdomain identity but not under the custom domain. When Ghost tries to initialize AP webhooks using the custom domain hostname, the sidecar returns ROLE_MISSING.
Pod hostname: lilac-buffalo.pikapod.net
Custom domain: lokz.net
Site UUID: aa7d1a2a-3df4-4a9f-8153-084583ec2e50
Ghost version: 6.23.0
Is there a way to register the custom domain with the AP sidecar, or is this a known issue with custom domains on self-hosted instances?