semaphore/docs/Admin-Guide.md

30 lines
1.3 KiB
Markdown
Raw Permalink Normal View History

Admin Guide
====
2023-01-10 14:21:38 +00:00
This guide is for instance admins who may be having trouble with Semaphore compatibility.
2023-01-10 14:21:38 +00:00
By default, [Mastodon allows cross-origin access to the `/api` endpoint](https://github.com/tootsuite/mastodon/blob/50529cbceb84e611bca497624a7a4c38113e5135/config/initializers/cors.rb#L15-L20). Thus Semaphore should "just work" for most Mastodon servers.
2023-01-10 14:21:38 +00:00
If the nginx/Apache settings have been changed, though, then Semaphore might not be able to connect to an instance. To check if the instance is supported, run this command (replacing `myinstance.com` with your instance URL):
```bash
2023-01-10 14:21:38 +00:00
curl -sLv -H 'Origin: https://semaphore.social' -o /dev/null \
myinstance.com/api/v1/instance
```
If you see this in the output:
```
Access-Control-Allow-Origin: *
```
2023-01-10 14:21:38 +00:00
Then Semaphore should work as expected!
2023-01-10 14:21:38 +00:00
Otherwise, if the instance admin would like to whitelist only certain websites (including Semaphore) to work with CORS, then they will need to make sure that the server echoes:
```
2023-01-10 14:21:38 +00:00
Access-Control-Allow-Origin: https://semaphore.social
```
2023-01-10 14:21:38 +00:00
when Semaphore tries to access it. Note that this is a bit complicated to configure (compared to the simpler `*` approach), but [there are instructions on StackOverflow](https://stackoverflow.com/q/1653308) for nginx, Apache, and other servers.