semaphore/docs/Admin-Guide.md

Admin Guide
====

This guide is for instance admins who may be having trouble with Pinafore compatibility.

By default, [Mastodon allows cross-origin access to the `/api` endpoint](https://github.com/tootsuite/mastodon/blob/50529cbceb84e611bca497624a7a4c38113e5135/config/initializers/cors.rb#L15-L20). Thus Pinafore should "just work" for most Mastodon servers.

If the nginx/Apache settings have been changed, though, then Pinafore might not be able to connect to an instance. To check if the instance is supported, run this command (replacing `myinstance.com` with your instance URL):

```bash
curl -sLv -H 'Origin: https://pinafore.social' -o /dev/null \
  myinstance.com/api/v1/instance
```

If you see this in the output:

```
Access-Control-Allow-Origin: *
```

Then Pinafore should work as expected!

Otherwise, if the instance admin would like to whitelist only certain websites (including Pinafore) to work with CORS, then they will need to make sure that the server echoes:

```
Access-Control-Allow-Origin: https://pinafore.social
```

when Pinafore tries to access it. Note that this is a bit complicated to configure (compared to the simpler `*` approach), but [there are instructions on StackOverflow](https://stackoverflow.com/q/1653308) for nginx, Apache, and other servers.
Add instructions for admins to achieve Pinafore compatibility (#406) [skip ci] 2018-07-02 18:33:44 +01:00			`Admin Guide`
			`====`

			`This guide is for instance admins who may be having trouble with Pinafore compatibility.`

			By default, [Mastodon allows cross-origin access to the `/api` endpoint](https://github.com/tootsuite/mastodon/blob/50529cbceb84e611bca497624a7a4c38113e5135/config/initializers/cors.rb#L15-L20). Thus Pinafore should "just work" for most Mastodon servers.

docs: improve docs in Admin guide (#1794) [skip ci] 2020-05-30 20:55:20 +01:00			If the nginx/Apache settings have been changed, though, then Pinafore might not be able to connect to an instance. To check if the instance is supported, run this command (replacing `myinstance.com` with your instance URL):
Add instructions for admins to achieve Pinafore compatibility (#406) [skip ci] 2018-07-02 18:33:44 +01:00
			```bash
docs: improve docs in Admin guide (#1794) [skip ci] 2020-05-30 20:55:20 +01:00			`curl -sLv -H 'Origin: https://pinafore.social' -o /dev/null \`
			`myinstance.com/api/v1/instance`
Add instructions for admins to achieve Pinafore compatibility (#406) [skip ci] 2018-07-02 18:33:44 +01:00			```

			`If you see this in the output:`

			```
			`Access-Control-Allow-Origin: *`
			```

			`Then Pinafore should work as expected!`

docs: improve docs in Admin guide (#1794) [skip ci] 2020-05-30 20:55:20 +01:00			`Otherwise, if the instance admin would like to whitelist only certain websites (including Pinafore) to work with CORS, then they will need to make sure that the server echoes:`
Add instructions for admins to achieve Pinafore compatibility (#406) [skip ci] 2018-07-02 18:33:44 +01:00
			```
			`Access-Control-Allow-Origin: https://pinafore.social`
			```

			when Pinafore tries to access it. Note that this is a bit complicated to configure (compared to the simpler `*` approach), but [there are instructions on StackOverflow](https://stackoverflow.com/q/1653308) for nginx, Apache, and other servers.