Skip to content

Instantly share code, notes, and snippets.

@dariusk

dariusk/readme.md Secret

Last active September 15, 2018 18:41
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dariusk/2aee81cd28a9620e5a5d0071daf7b2f8 to your computer and use it in GitHub Desktop.
Save dariusk/2aee81cd28a9620e5a5d0071daf7b2f8 to your computer and use it in GitHub Desktop.
Download ZIP
Wildcard Subdomains for Mastodon
Raw
readme.md

These instructions are for making it so your Mastodon server supports infinite subdomains. This can be useful because if someone has more than one account on your server, they can have one tab logged in on "yourdomain.social" and another tab logged in on "otheraccount.yourdomain.social". Everything works as normal, it just tricks the browser into using a different set of cookies so you can have two logins on the same domain.

DNS stuff

First you have to create a wildcard A record on my DNS provider. It will vary from provider to provider, but make sure to make your hostname * and point it to your server. Mine looks like:

Hostname: *
IP Address: (my IP)
TTL: 300

It may take a little bit for the DNS to propagate.

Horrific certbot nightmare (plus more DNS stuff)

I had to follow the instructions at this github issue comment to get LetsEncrypt/Certbot to issue me a wildcard SSL cert (so we have valid https on every subdomain without having to register infinite certs). The main issue here is you can't use normal automated certbot stuff to get a wildcard. You need to run a manual authentication command, which asks you to prove you own the domain by updating a TXT record in your DNS with a specific string that certbot gives you, then you need to wait for that record to propagate and update while keeping the dang terminal open, and then you continue the command and it hopefully works.

There is also a more complete article by the same author available here but I didn't actually use this so I don't know if there are any weird issues it introduces, or if it's easier/clearer, or what.

All I know is that this part took me like a whole day to figure out. Godspeed.

Nginx stuff

Open the nginx conf for your site (probably in /etc/nginx/sites-enabled/your-conf-file.conf) and find the two lines that say:

 server_name *.example.com example.com;

Where "example.com" is your domain name. There should be one line in a server block for port 80 (http) and one in a server block for port 443 (https).

When you've made these changes run nginx -t to make sure that the files are valid and if they are, do a sudo systemctl restart nginx to restart nginx. Then you should be able to go in to whatever subdomain!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment