From 950ed7507635e842f1c09221d36c3484e051e465 Mon Sep 17 00:00:00 2001
From: Will Murphy <william@datatitian.com>
Date: Sun, 8 May 2022 10:29:11 -0500
Subject: [PATCH 1/2] fix #50, remove hard-coded domain name in guppe
 instructions

---
 CHANGELOG.md           |  4 ++++
 web/src/views/Home.vue | 17 +++++++++--------
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bdc60e6..c9a96f3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Unreleased
+
+* Fix: show correct domain name in guppe instructions on homepage
+
 ## v1.1.0 (2022-05-1)
 
 ### Added
diff --git a/web/src/views/Home.vue b/web/src/views/Home.vue
index 0d88517..557505c 100644
--- a/web/src/views/Home.vue
+++ b/web/src/views/Home.vue
@@ -16,10 +16,10 @@
       ActivityPub service, but they automatically share anything you send them with all of their followers.
     </p>
     <ol>
-      <li>Follow a group on @a.gup.pe to join that group</li>
-      <li>Mention a group on @a.gup.pe to share a post with everyone in the group</li>
-      <li>New groups are created on demand, just search for or mention @YourGroupNameHere@a.gup.pe and it will show up</li>
-      <li>Visit a @a.gup.pe group profile to see the group history</li>
+      <li>Follow a group on @{{ domain }} to join that group</li>
+      <li>Mention a group on @{{ domain }} to share a post with everyone in the group</li>
+      <li>New groups are created on demand, just search for or mention @YourGroupNameHere@{{ domain }} and it will show up</li>
+      <li>Visit a @{{ domain }} group profile to see the group history</li>
     </ol>
     <h2 class="w3-center">Active Groups</h2>
     <div class="profile-grid w3-margin-bottom w3-mobile">
@@ -40,10 +40,11 @@ export default {
   components: {
     ProfileSummary
   },
-  data() {
+  data () {
     return {
       groups: [],
-      error: null
+      error: null,
+      domain: window.location.host
     }
   },
   created () {
@@ -56,7 +57,7 @@ export default {
       .then(json => {
         this.groups = json.orderedItems
       })
-      .catch(err => this.error = err.message)
+      .catch(err => (this.error = err.message))
   }
 }
 </script>
@@ -77,4 +78,4 @@ export default {
   .profile-image {
     width: 75px;
   }
-</style>
\ No newline at end of file
+</style>

From 4f07700573b2026427c10247e62ed2a366df0fbe Mon Sep 17 00:00:00 2001
From: Will Murphy <william@datatitian.com>
Date: Sun, 8 May 2022 10:43:33 -0500
Subject: [PATCH 2/2] Added PROXY_MODE. Close #45

---
 CHANGELOG.md |  1 +
 README.md    | 31 +++++++++++++++++++++++++++++++
 index.js     | 24 +++++++++++++++++++-----
 3 files changed, 51 insertions(+), 5 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index c9a96f3..71b7117 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,7 @@
 ## Unreleased
 
 * Fix: show correct domain name in guppe instructions on homepage
+* Add: Support running behind SSL-terminating reverse proxy (PROXY_MODE environment variable)
 
 ## v1.1.0 (2022-05-1)
 
diff --git a/README.md b/README.md
index d429b1f..6129e1a 100644
--- a/README.md
+++ b/README.md
@@ -29,6 +29,37 @@ echo DOMAIN=yourdomain.com >> .env
 docker-compose up --build -d
 ```
 
+## Updating
+
+Backup database:
+
+```
+docker-compose exec -T mongodb sh -c 'mongodump --archive' > guppe.dump
+```
+
+Fetch latest code & restart server:
+
+```
+git pull
+docker-compose up --build -d
+```
+
+## Optional configuration
+
+Additional values can be set in `.env` file
+
+| Setting | Description |
+| --- | --- |
+| PROXY_MODE | Enable use behind an SSL-terminating proxy or load balancer, serves over http instead of https and sets Express `trust proxy` setting to the value of `PROXY_MODE` (e.g. `1`, [other options](https://expressjs.com/en/guide/behind-proxies.html)) See note. |
+
+**Notes on use with a reverse proxy**: When setting proxyMode, you must ensure your reverse proxy sets the following headers: X-Forwarded-For, X-Forwarded-Host, and X-Forwarded-Proto (example for nginx below).
+
+```
+proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+proxy_set_header X-Forwarded-Host $host;
+proxy_set_header X-Forwarded-Proto $scheme;
+```
+
 ## License
 
 Copyright (c) 2021 William Murphy. Licensed under the AGPL-3
diff --git a/index.js b/index.js
index 8fee352..b8f6f08 100644
--- a/index.js
+++ b/index.js
@@ -4,13 +4,14 @@ const express = require('express')
 const MongoClient = require('mongodb').MongoClient
 const fs = require('fs')
 const https = require('https')
+const http = require('http')
 const morgan = require('morgan')
 const history = require('connect-history-api-fallback')
 const { onShutdown } = require('node-graceful-shutdown')
 const ActivitypubExpress = require('activitypub-express')
 
 const { version } = require('./package.json')
-const { DOMAIN, KEY_PATH, CERT_PATH, CA_PATH, PORT_HTTPS, DB_URL, DB_NAME } = process.env
+const { DOMAIN, KEY_PATH, CERT_PATH, CA_PATH, PORT_HTTPS, DB_URL, DB_NAME, PROXY_MODE } = process.env
 
 const app = express()
 const client = new MongoClient(DB_URL)
@@ -191,10 +192,23 @@ client.connect()
       await apex.store.saveObject(systemUser)
       apex.systemUser = systemUser
     }
-
-    const server = process.env.NODE_ENV === 'production'
-      ? AutoEncrypt.https.createServer({ domains: [DOMAIN] }, app)
-      : https.createServer(sslOptions, app)
+    let server
+    if (process.env.NODE_ENV === 'production') {
+      if (PROXY_MODE) {
+        server = http.createServer(app)
+        try {
+          // boolean or number
+          app.set('trust proxy', JSON.parse(PROXY_MODE))
+        } catch (ignore) {
+          // string
+          app.set('trust proxy', PROXY_MODE)
+        }
+      } else {
+        server = AutoEncrypt.https.createServer({ domains: [DOMAIN] }, app)
+      }
+    } else {
+      server = https.createServer(sslOptions, app)
+    }
     server.listen(PORT_HTTPS, function () {
       console.log('Guppe server listening on port ' + PORT_HTTPS)
     })