what is dis: alternative media proxy backend for pleroma/akkoma
you might want to separate the process of processing proxy and thumbnail processing right at the same time in order to reduce load and avoiding crashes due to one of the part is broken (which is rare).
however, the real reason here though is: apparently we have rather some problems with the existing mediaproxy (slow fetching, streaming & thumbnail processing), so we use libvips for image preview processing, and it's using webp for thumbnail preview by default to save more bandwidth to users.
while libvips itself has been used in pleroma backend, some backend/fork like akkoma is still relying on a command line convert imagemagick command.
on top of that, we also have:
- a really quick GIF->Animated WEBP processing (for preview only, the real thing remains unaltered)
- a really quick video thumbnail processing
requirements: you need a working go-bwhero backend, and a golang compiler.
go build -o mediaproxyoma .
set the two following variable names
BWHERO_HOSTfor bandwidth hero server address (example: "http://localhost:8080/")LISTENfor listen address (syntax: ":")
running:
env BWHERO_HOST=http://localhost:8080/ LISTEN=0.0.0.0:8888 ./mediaproxyoma
optional to set: USER_AGENT
or, spin the entire thing alongside go-bwhero via docker compose:
docker compose up
it will be on localhost:8080.
then, configure your reverse proxy to forward any request going to /proxy/* to be forwarded to http://localhost:8080/ instead.
by default, mediaproxyoma:
- has a default user agent linking to itself
- didn't check for signature
this is good for testing, but NOT for production server.
so, if you're planning to use this in production, you must configure the following environment variables:
USER_AGENTPLEROMA_SECRET_KEY_BASE
you can obtain PLEROMA_SECRET_KEY_BASE in your prod.secret.exs config:
import Config
config :pleroma, Pleroma.Web.Endpoint,
url: [host: "fedinet.waltuh.cyou", scheme: "https", port: 443],
http: [ip: {127.0.0.1}, port: 4000],
secret_key_base: "/xxxxxxxx/xxxxxxx",
# ^ TAKE THIS
live_view: [signing_salt: "XXXXXX"],
signing_salt: "XXXXXX"
then set it in environment variable:
env \
USER_AGENT="mediaproxyoma at fedinet.example.com; admin contact: mailto:admin@example.com" \
PLEROMA_SECRET_KEY_BASE="/xxxxxxxx/xxxxxxx" \
./mediaproxyoma
notice: you MUST KEEP THE SECRET KEY BASE SECRET.
we have the following optional environment variables:
OLD_MEDIA_HOSTOLD_MEDIA_PATHPREFIXNEW_MEDIA_HOSTNEW_MEDIA_SCHEMENEW_MEDIA_PATHPREFIX
say, you just have yourself migrated your media URL (and also it's files) from https://eu2.somestorage.com/xxx:fedi/ to https://media.waltuh.cyou/media/, where that new URL is actually reverse proxying on a varnish backend at http://127.0.0.1:6081 in the same machine/network as where your mediaproxyoma is running.
so, you need to run mediaproxyoma like this:
env \
BWHERO_HOST=http://127.0.0.1:8111 \
LISTEN=0.0.0.0:8080 \
OLD_MEDIA_HOST=eu2.somestorage.com \
OLD_MEDIA_PATHPREFIX=/xxx:fedi/ \
NEW_MEDIA_HOST=127.0.0.1:6081 \
NEW_MEDIA_SCHEME=http \
NEW_MEDIA_PATHPREFIX=/media/ \
./mediaproxyoma
The following example will make mediaproxyoma proxy anything that goes to https://eu2.somestorage.com/xxx:fedi/<filename> going to http://127.0.0.1:6081/media/<filename> instead. It's useful for say, making full use of varnish cache.
changing Allowed Origin for CORS: ALLOW_ORIGIN (default is *)