relayd.conf
No OneTemporary
Actions

Size

3 KB

Referenced Files

None

Subscribers

None

relayd.conf
View Options

	#
	# Default relayd.conf file for Pleroma on OpenBSD
	# Simple installation instructions:
	# 1. Place in /etc
	# 2. Replace <ipaddr> with your public IPv4 address
	# 3. If using IPv6, uncomment IPv6 lines and replace <ip6addr> with your public IPv6 address
	# 4. Replace all occurrences of example.tld with your instance's domain
	# 5. Check file using 'doas relayd -n'
	# 6. Reload/start relayd
	# # doas rcctl enable relayd
	# # doas rcctl start relayd
	#

	ext_inet="<ipaddr>"
	#ext_inet6="<ip6addr>"

	table <pleroma_server> { 127.0.0.1 }

	# Uncomment when you want to serve other services than Pleroma.
	# In this example tables are used only as way to differentiate between Pleroma and other services.
	# Feel free to rename "httpd_server" everywhere to fit your setup.
	#table <httpd_server> { 127.0.0.1 }

	http protocol pleroma { # Protocol for upstream Pleroma server
	#tcp { nodelay, sack, socket buffer 65536, backlog 128 } # Uncomment and adjust as you see fit
	tls ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"
	tls ecdhe "X25519,P-256,P-384,secp521r1" # relayd default+secp521r1

	return error

	# When serving multiple services with different certificates, specify multiple "tls keypair" keywords
	# and add forwards to those services before the block keyword near the bottom of the protocol and relay configurations.
	# The string in quotes must match the fullchain certificate file created by acme-client without the extension.
	# For example:
	# tls keypair "pleroma.example.tld"
	# tls keypair "example.tld"
	tls keypair "example.tld"

	match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
	match request header append "Connection" value "upgrade"

	# When hosting Pleroma on a subdomain, replace example.tld accordingly (not the base domain).
	# From the above example, "example.tld" should be replaced with "pleroma.example.tld" instead.
	pass request quick header "Host" value "example.tld" forward to <pleroma_server>

	# Uncomment when serving media uploads on a different (sub)domain.
	# Keep media proxy disabled, as it will NOT work under relayd/httpd. If you want to also setup media proxy, use nginx instead.
	#pass request quick header "Host" value "media.example.tld" forward to <pleroma_server>

	# When serving multiple services, add the forwards here.
	# Example:
	#pass request quick header "Host" value "example.tld" forward to <httpd_server>

	block
	}

	relay wwwtls {
	listen on $ext_inet port https tls # Comment to disable listening on IPv4
	#listen on $ext_inet6 port https tls # Comment to disable listening on IPv6

	protocol pleroma

	forward to <pleroma_server> port 4000 check tcp timeout 500 # Adjust timeout accordingly when relayd returns 502 while Pleroma is running without problems.

	# When serving multiple services, add the forwards here.
	# Example:
	#forward to <httpd_server> port 8080
	}

File Metadata

Mime Type: text/plain
Expires: Mon, Jun 29, 9:22 AM (1 d, 14 h)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 1623108
Default Alt Text: relayd.conf (3 KB)

relayd.confNo OneTemporaryActions

relayd.confView Options

File Metadata

Event Timeline

relayd.conf
No OneTemporary
Actions

relayd.conf
View Options