README.md 4.8 KB
Lumen-based ActivityPub Server
I'm learning web dev the hard way :D
Follow me as I implement an ActivityPub server in the micro-framework Lumen, one commit at a time. I'll make all the mistakes and ask all the stupid questions, so you don't have to!
To run this (don't run this in production), simply clone the repo and run composer install from the repo root directory.
Table of Contents
- First Commit
- Getting Public Activities
- (This one) Nginx and webfinger
Failing webfinger
The route to webfinger is /.well-known/webfinger, but if you try that with the php built-in server it'll fail. Why? Apparently there's a bug in the built-in server that makes every path containing a . fail.
You can try all the logic in this step if you change to a different path, or you can do what I did and configure nginx for the purpose.
Nginx
I won't go into detail on SSL certificates here. There are plenty of letsencrypt/nginx tutorials out there that do it better. Suffice to say that for dev purposes I've set up an extra virtualhost in an nginx installation I already had, and it looks like this:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
# Redirect all HTTP traffic to HTTPS.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl;
# adapt to your server name
server_name localhost;
# adapt the path
root /var/www/ap-server/public;
index index.php;
# prevent directory listing
autoindex off;
##
## SSL Settings
##
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
# pass to php-fpm
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_intercept_errors on;
include fastcgi_params;
}
}
The certificate presented is of course not valid for localhost, but for now I only connect with curl -k https://localhost.
Webfinger
So what exactly has changed in the code for this commit?
You'll see that a new route was added in routes/web.php: .well-known/webfinger. I've also added a directory outside of the webroot directory where we'll keep user data, and there's now a user called testuser that exists on this server and can be found with a webfinger request.
I've also added similar logic for a route called user/{id}, but this will probably change sometime in the future, and is not required or defined by either webfinger or ActivityPub.
About Lumen
Lumen PHP Framework
Laravel Lumen is a stunningly fast PHP micro-framework for building web applications with expressive, elegant syntax. We believe development must be an enjoyable, creative experience to be truly fulfilling. Lumen attempts to take the pain out of development by easing common tasks used in the majority of web projects, such as routing, database abstraction, queueing, and caching.
Official Documentation
Documentation for the framework can be found on the Lumen website.
Contributing
Thank you for considering contributing to Lumen! The contribution guide can be found in the Laravel documentation.
Security Vulnerabilities
If you discover a security vulnerability within Lumen, please send an e-mail to Taylor Otwell at taylor@laravel.com. All security vulnerabilities will be promptly addressed.
License
The Lumen framework is open-sourced software licensed under the MIT license.
The Lumen-based ActivityPub Server is also licensed under the same license.