ActivityPub: Self-hosting ActivityPub and routing with nginx

Mod note: Split from ActivityPub: 503 and then 404 and 401 errors, with Ghost CLI - #22

Following; I am seeing the same behavior on my self-hosted instance, where I have admin.domain[.]com/ghost as the admin URL and www.domain[.]com as the guest URL. The admin portal URL is only allowed on my internal network via nginx configurations. I have added the snippets Update Ghost To The Latest Major Version - Ghost Developer Docs to my nginx config.

Confirming that I’m seeing the error regarding webhook secrets at ghost startup with these configurations and am receiving “Loading interrupted” error when accessing the “Network” blade of the admin dash, with corresponding 401s on the www.domain[.]com/.ghost resources.

Hoping that PR Added redirect for /ghost/* when configured with separate admin domain by kevinansfield · Pull Request #24630 · TryGhost/Ghost · GitHub would not require admin dash URL to be opened to public for activitypub to function properly, can anyone from Ghost team confirm?

@badbroccoli , I think that the one specific url is going to need to be routable. So you might look at poking a hole through your current setup, just for the one url. /ghost/api/admin/site/ needs to be accessible.

Will that be the case even if I choose to self host activity pub?

The url I listed above is for Ghost-hosted activitypub to get your site info, so that it can host you. I don’t know if you need it open for self hosting (presumably only for your local ap to talk to Ghost?), although you’ll need to work out what routes are needed for ghost and ap to communicate locally, and for the ap to talk to the fediverse.

Edit: It may be helpful to look at the caddyfile setup in ghost-docker, even if you are choosing to route with nginx, since that setup should get all the routing between Ghost and ActivityPub right!