librelist archives

« back to archive

Running Friendica in a subdomain - with domain-based user IDs

Running Friendica in a subdomain - with domain-based user IDs

2013-04-01 @ 23:51
Hi there,

I am trying to run Friendica in a subdomain to a domain I control, but 
with user IDs built upon the domain, not the subdomain.

In other words, Friendica runs under:

But I want such user IDs to work:

There is a problem with Diaspora in such a scenario. This mail is 
long, and a tl;dr is provided at the bottom.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

I don't really care about subdomain-based user IDs 
(, they can be disabled, or they can work, 
irrelevant to me.

Why do I want this? Because users on our server already have several 
services accessible with the same user ID and password: e-mail, 
XMPP/Jabber, all user Making such an ID work also 
with our Friendica instance makes a lot of sense to us.

The quick and dirty approach I took is redirecting to This works well 
for Friendica instances, as far as I can tell -- please correct me if 
I'm wrong, but apparently Friendica does not really care about the ID once it gets the address.

That means that if both and point to the same address, it's completely 
irrelevant which form one uses to subscribe.

Which is great news. :)

However! I also tested that with Diaspora, and here be dragons. If I 
use the address, everything works great -- 
connecting, posting, commenting, etc.

If I use the form, Diaspora is able to figure out the 
proper profile link (, 
connecting works and posts created on Diaspora are properly federated 
to Friendica.

Unfortunately, no posts nor comments created by the Friendica user are 
federated to Diaspora.


Diaspora caches the form -- compare:

The first account was connected to with the short form; the second 
with the long one. Both forms work for both accounts, but for 
Diaspora, the first one will *always* only have the short form, the 
second will *always* only have the long form.

Now, because of this -- and I am guessing here, as I have not seen 
Friendica's post push -- when Friendica pushes new content to 
Diaspora, it identifies the author somehow. Probably by the long form 
(as that's the "natural" form for the Friendica server); Diaspora sees instead of, and 
discards pushed data as invalid.

How to fix it?

I see several possible courses of action. First of all, here's how 
Diaspora connects to accounts (I'm sure most of you already know this, 
just a reminder):

Now, that means that at some point, when connecting with that is actually a, 
Diaspora will request this page:

The response will contain:
 <XRD xmlns="">

The easiest solution would seem to be to change Subject to always show 
the canonical (i.e. long) version of the ID:

This will fail due to this line in code:

Diaspora will think it's a different user than requested, and the 
connection will fail.

This is also the reason why a simple redirect from:
...will not work here.

Changing <Alias> to the canonical/long version will not work, as 
Diaspora ignores this field.

I am in contact with Diaspora devs, maybe I can push some changes 
there, but maybe not -- hence this e-mail.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Friendica installed in, but we want IDs to be 
(also) Redirecting: great for other Friendicas.

Due to the way Diaspora handles remote accounts and webfinger however, 
connecting works, but Friendica posts are not pushed to Diaspora.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Due to all of the above, the only road I see that Friendica can take 
to make such a config work is to have an admin config option "user ID 
canonical domain name" that, regardless how account data is queried or 
where the user ID shows up, it always contains just a single version 
(in this example, it would be

What do you guys think? Does that make sense?