No Description

Björn Wärmedal 2078dacd53 Webfinger implemented and the process documented. 4 years ago
app bda7b40963 First commit: empty Lumen project 4 years ago
bootstrap ea367f0aa6 Getting Public Activities 4 years ago
database bda7b40963 First commit: empty Lumen project 4 years ago
public bda7b40963 First commit: empty Lumen project 4 years ago
resources bda7b40963 First commit: empty Lumen project 4 years ago
routes 2078dacd53 Webfinger implemented and the process documented. 4 years ago
storage bda7b40963 First commit: empty Lumen project 4 years ago
tests bda7b40963 First commit: empty Lumen project 4 years ago
userdata 2078dacd53 Webfinger implemented and the process documented. 4 years ago
.editorconfig bda7b40963 First commit: empty Lumen project 4 years ago
.env.example bda7b40963 First commit: empty Lumen project 4 years ago
.gitignore bda7b40963 First commit: empty Lumen project 4 years ago
.styleci.yml bda7b40963 First commit: empty Lumen project 4 years ago
README.md 2078dacd53 Webfinger implemented and the process documented. 4 years ago
artisan bda7b40963 First commit: empty Lumen project 4 years ago
composer.json ea367f0aa6 Getting Public Activities 4 years ago
composer.lock 2078dacd53 Webfinger implemented and the process documented. 4 years ago
phpunit.xml bda7b40963 First commit: empty Lumen project 4 years ago

README.md

Lumen-based ActivityPub Server

I'm learning web dev the hard way :D

Follow me as I implement an ActivityPub server in the micro-framework Lumen, one commit at a time. I'll make all the mistakes and ask all the stupid questions, so you don't have to!

To run this (don't run this in production), simply clone the repo and run composer install from the repo root directory.

Table of Contents

  1. First Commit
  2. Getting Public Activities
  3. (This one) Nginx and webfinger

Failing webfinger

The route to webfinger is /.well-known/webfinger, but if you try that with the php built-in server it'll fail. Why? Apparently there's a bug in the built-in server that makes every path containing a . fail.

You can try all the logic in this step if you change to a different path, or you can do what I did and configure nginx for the purpose.

Nginx

I won't go into detail on SSL certificates here. There are plenty of letsencrypt/nginx tutorials out there that do it better. Suffice to say that for dev purposes I've set up an extra virtualhost in an nginx installation I already had, and it looks like this:

server {
        listen 80 default_server;
        listen [::]:80 default_server;

        server_name _;

        # Redirect all HTTP traffic to HTTPS.
        return 301 https://$host$request_uri;
}

server {
        listen 443 ssl http2;
        listen [::]:443 ssl;

        # adapt to your server name
        server_name localhost;
        # adapt the path
        root /var/www/ap-server/public;
        index index.php;
        # prevent directory listing
        autoindex off;

        ##
        ## SSL Settings
        ##
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

        location / {
                try_files $uri $uri/ /index.php?$query_string;
        }

        # pass to php-fpm
        location ~ \.php(?:$|/) {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_pass unix:/run/php/php7.3-fpm.sock;
                fastcgi_index index.php;
                fastcgi_intercept_errors on;
                include fastcgi_params;
        }
}

The certificate presented is of course not valid for localhost, but for now I only connect with curl -k https://localhost.

Webfinger

So what exactly has changed in the code for this commit?

You'll see that a new route was added in routes/web.php: .well-known/webfinger. I've also added a directory outside of the webroot directory where we'll keep user data, and there's now a user called testuser that exists on this server and can be found with a webfinger request.

I've also added similar logic for a route called user/{id}, but this will probably change sometime in the future, and is not required or defined by either webfinger or ActivityPub.

About Lumen

Lumen PHP Framework

Build Status Total Downloads Latest Stable Version License

Laravel Lumen is a stunningly fast PHP micro-framework for building web applications with expressive, elegant syntax. We believe development must be an enjoyable, creative experience to be truly fulfilling. Lumen attempts to take the pain out of development by easing common tasks used in the majority of web projects, such as routing, database abstraction, queueing, and caching.

Official Documentation

Documentation for the framework can be found on the Lumen website.

Contributing

Thank you for considering contributing to Lumen! The contribution guide can be found in the Laravel documentation.

Security Vulnerabilities

If you discover a security vulnerability within Lumen, please send an e-mail to Taylor Otwell at taylor@laravel.com. All security vulnerabilities will be promptly addressed.

License

The Lumen framework is open-sourced software licensed under the MIT license.

The Lumen-based ActivityPub Server is also licensed under the same license.