Hello again, thanks to your great feedback last time, I set up SSL with letsencrypt and got HTTPS working. However, federation is still not working. When troubleshooting as described in the docs I get the following Bad-Gateway error: "~# curl -H "Accept: application/activity+json" https://<domain>/u/blueberry <html> <head><title>502 Bad Gateway</title></head> <body> <center><h1>502 Bad Gateway</h1></center> <hr><center>nginx</center> </body> </html>" So apparently, its again the reverse-proxy, but this time, its not able to speak to the backend. My nginx-error-file shows the following error: "2024/02/08 12:37:46 [error]: connect() failed (111: Connection refused) while connecting to upstream, client: <domain-ip>, server: <domain>, request: "GET /u/blueberry HTTP/2.0", upstream: "http://0.0.0.0:8536/u/blueberry", host: <domain>" But using "docker ps" I find port 8536 open, so it should work. Do you have any idea whats the problem here?

I hope this is the right place for this. So, here is the thing: my lemmy instance is accessible in the browser via its domain, everything is fine, but no other communities are shown. When I test federation with "curl -H "Accept: application/activity+json" https://my-instance.com/u/some-local-user" I get a SSL certificate error. So I figured that it has something to do with my reverse proxy and modified the nginx.conf like described in the documentation. But the error persists. This is my nginx.config in /etc/nginx/sites-enables/<my-domain>: " limit_req_zone $binary_remote_addr zone={{ my_domain }}_ratelimit:10m rate=1r/s; server { listen 80; listen [::]:80; server_name {{ my_domain }}; # Hide nginx version server_tokens off; location / { return 301 https://$host$request_uri; } } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name {{ my_domain }}; # Replace these lines with your own certificate and key paths ssl_certificate /etc/ssl/certs/{{ my_certs }}; ssl_certificate_key /etc/ssl/certs/{{ my_keys }}; ssl_protocols TLSv1.2 TLSv1.3; ssl_prefer_server_ciphers on; ssl_ciphers {{ cipher_encrypt }}; ssl_session_timeout 10m; ssl_session_cache shared:SSL:10m; ssl_session_tickets on; ssl_stapling on; ssl_stapling_verify on; # Hide nginx version server_tokens off; # Upload limit, relevant for pictrs client_max_body_size 20M; # Enable compression for JS/CSS/HTML bundle, for improved client load times. gzip on; gzip_types text/css application/javascript image/svg+xml; gzip_vary on; # Various content security headers add_header Referrer-Policy "same-origin"; add_header X-Content-Type-Options "nosniff"; add_header X-Frame-Options "DENY"; add_header X-XSS-Protection "1; mode=block"; #location / { # proxy_pass http://0.0.0.0:1236; # proxy_http_version 1.1; # proxy_set_header Upgrade $http_upgrade; # proxy_set_header Connection "upgrade"; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header Host $host; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #} location / { set $proxy_pass "http://0.0.0.0:1236"; if ($http_accept = "application/activity+json") { set $proxy_pass "http://0.0.0.0:8536"; } if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") { set $proxy_pass "http://0.0.0.0:8536"; } proxy_pass $proxy_pass; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } access_log /var/log/nginx/access.log combined; "(end of file) Maybe, someone has an idea how to solve this. I'm really at the end of my wits here :(