Matthias Liffers

[mətiːəs] / Never send a human to do a computer’s job / Opinions are my own etc.

1 minute read

Quite a few years ago I met a travel agent whose email address was [email protected].

He inspired me to look at interesting domains and, to my great delight, American Samoa let me register tthi.as - resulting in my website at https://ma.tthi.as and my email address of [email protected].

More recently I’ve become interested in open and federated social networks, resulting in the great usernames of ma:tthi.as and @[email protected] on Matrix and Mastodon, respectively. I’m running a server for each in Docker on a server in my store room.

Both Synapse (the “default” Matrix server) and Mastodon let you run a server at a subdomain, but both require the root domain to point to the correct subdomain. Matrix wants something served from http://{domainurl}/.well-known/matrix and Mastodon looks at http://{domainurl}/.well-known/webfinger.

Since I already run everything in containers behind Traefik, I decided to use a small Nginx container to serve this content. First up, my docker-compose.yml:

version: '3'

services:
  web:
    restart: unless-stopped
    image: nginx:alpine
    networks:
      - web
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./content:/var/www/
    environment:
      - TZ=Australia/Perth
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.wellknown.entrypoints=websecure"
      - "traefik.http.routers.wellknown.rule=(Host(`tthi.as`))"
      - "traefik.http.routers.wellknown.tls.certresolver=letsencrypt"
      - 'traefik.http.routers.wellknown.tls.domains[0].main=tthi.as'
      - "traefik.http.services.wellknown.loadbalancer.server.port=80"
      - "traefik.docker.network=web"

networks:
  web:
    external: true

Secondly, a bare-bones nginx.conf. It serves the Matrix content from static files on the local filesystem, but redirects Mastodon requests to my Mastodon server.

events {
    use epoll;
    worker_connections 128;
}

http {
  server {
    server_name tthi.as;
    listen 0.0.0.0:80;

    location / {
      root /var/www;
      index index.html;
    }
    location /.well-known/webfinger {
      return 301 https://social.tthi.as$request_uri;
    }
  }
}

So far, so good. Nothing broken!

You May Also Enjoy

Contributing to science!

less than 1 minute read

I used to be in the habit of uploading my “good” shots to Flickr. Where possible, I’d include the Latin scientific name. I also slap on an open and permissiv...

Default Raspberry Pi OS password deprecated

less than 1 minute read

I just felt like I was beating my head against a brick wall for the past thirty minutes. I wanted to set up a headless Raspberry Pi with a fresh Raspberry Pi...