relayd.conf (1676B)
- #
- # Default relayd.conf file for Pleroma on OpenBSD
- # Simple installation instructions:
- # 1. Place in /etc
- # 2. Replace <ipaddr> with your public IPv4 address
- # 3. If using IPv6i, uncomment IPv6 lines and replace <ip6addr> with your public IPv6 address
- # 4. Check file using 'doas relayd -n'
- # 5. Reload/start relayd
- # # doas rcctl enable relayd
- # # doas rcctl start relayd
- #
- ext_inet="<ipaddr>"
- #ext_inet6="<ip6addr>"
- table <pleroma_server> { 127.0.0.1 }
- table <httpd_server> { 127.0.0.1 }
- http protocol plerup { # Protocol for upstream pleroma server
- #tcp { nodelay, sack, socket buffer 65536, backlog 128 } # Uncomment and adjust as you see fit
- tls ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA0-POLY1305"
- tls ecdhe secp384r1
- # Forward some paths to the local server (as pleroma won't respond to them as you might want)
- pass request quick path "/robots.txt" forward to <httpd_server>
- # Append a bunch of headers
- match request header append "X-Forwarded-For" value "$REMOTE_ADDR" # This two header and the next one are not strictl required by pleroma but adding them won't hurt
- match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
- match request header append "Connection" value "upgrade"
- }
- relay wwwtls {
- listen on $ext_inet port https tls # Comment to disable listening on IPv4
- # listen on $ext_inet6 port https tls # Comment to disable listening on IPv6
- protocol plerup
- forward to <pleroma_server> port 4000 check http "/" code 200
- forward to <httpd_server> port 80 check http "/robots.txt" code 200
- }