Add AP inbox diagnostics: surface signature errors and request logging
All checks were successful
Deploy Indiekit Server / deploy (push) Successful in 1m20s
All checks were successful
Deploy Indiekit Server / deploy (push) Successful in 1m20s
- patch-ap-inbox-delivery-debug: two fixes for diagnosing missing inbound AP interactions (likes, boosts, replies not appearing in notifications) Fix A (federation-setup.js): change ["fedify","federation","inbox"] log category from lowestLevel "fatal" → "error" so HTTP Signature verification failures are now visible in server logs instead of being silently swallowed. The original "fatal" level was hiding real delivery rejections (401s) that cause remote servers to stop retrying. Fix B (federation-bridge.js): add a pre-signature-check console.info for every inbox POST when AP_DEBUG=1 or AP_LOG_LEVEL=debug. Confirms whether remote servers are reaching our inbox at all (nginx/routing check). - memory/project_activitypub.md: document full inbound activity pipeline, _publicationUrl dependency, body buffering, and how to use new diagnostics Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Sven
@@ -105,6 +105,43 @@ would fail `findTimelineItemById` → `inReplyTo = null` → no `in-reply-to` in
|
||||
|
||||
The `"reply"` post type in `indiekit.config.mjs` has no `discovery` field — standard PTD spec applies.
|
||||
|
||||
## Inbound AP Activity Pipeline
|
||||
|
||||
Activities from remote servers follow this path:
|
||||
|
||||
```
|
||||
Remote server → nginx → Express (body buffered in createFedifyMiddleware)
|
||||
→ Fedify signature check (uses req._rawBody for digest)
|
||||
→ Fedify Redis message queue (if Redis configured)
|
||||
→ Fedify queue worker → inbox listener (inbox-listeners.js)
|
||||
→ enqueueActivity() → ap_inbox_queue (MongoDB)
|
||||
→ startInboxProcessor() (1s poll) → routeToHandler()
|
||||
→ handleLike / handleAnnounce / handleCreate
|
||||
→ addNotification() → ap_notifications
|
||||
```
|
||||
|
||||
**Critical: `collections._publicationUrl`** is set in `index.js` (`_publicationUrl: this._publicationUrl`)
|
||||
AND by `patch-ap-inbox-publication-url` in `federation-setup.js`. Both set `"https://blog.giersig.eu/"`.
|
||||
|
||||
Notification conditions gate on `pubUrl && objectId.startsWith(pubUrl)`:
|
||||
- `handleLike`: only notifies for likes of our own content
|
||||
- `handleAnnounce` PATH 1: only notifies for boosts of our content
|
||||
- `handleCreate`: only notifies for replies to our posts (`inReplyTo.startsWith(pubUrl)`)
|
||||
|
||||
**Body buffering** (`createFedifyMiddleware`): `application/activity+json` bodies are buffered
|
||||
into `req._rawBody` before `express.json()` (which only handles `application/json`) touches them.
|
||||
`fromExpressRequest` passes `req._rawBody` verbatim to the Fedify `Request` object so the
|
||||
HTTP Signature Digest check passes.
|
||||
|
||||
**Fedify inbox log suppression**: `["fedify","federation","inbox"]` was hardcoded to `"fatal"`
|
||||
(`patch-ap-inbox-delivery-debug` fixes this to `"error"` so real failures are visible).
|
||||
|
||||
**Diagnosing inbox delivery issues:**
|
||||
- Set `AP_DEBUG=1` → logs `[AP-inbox] POST /activitypub/users/svemagie/inbox ct=... body=...B`
|
||||
BEFORE Fedify's signature check. If this doesn't appear, activities aren't reaching our server.
|
||||
- With inbox log level now `"error"`: signature failures show as Fedify error logs.
|
||||
- Queue processing failures: `[inbox-queue] Failed processing ...` — always logged.
|
||||
|
||||
## detectProtocol() in Microsub Reader
|
||||
|
||||
`detectProtocol(url)` in `reader.js` classifies URLs for syndication auto-selection:
|
||||
|
||||
Reference in New Issue
Block a user