Images don't federate *from* other instances

Hi all. I have the opposite of @AxelTerizaki’s problem with federated images. On all images from local users display, but image uploads from federated users don’t. Avatars are fine, it’s just the uploads. However, this is only on the web instance: if I’m looking using a mobile app they display. So it seems likely it’s something to do with my nginx settings rather than file permissions etc (???) I’m using the Docker image on a Digital Ocean droplet, with the recommended nginx setup. I tried @AxelTerizaki’s idea of removing the HTTP2 directive, but it didn’t seem to make any difference. Anyone have any ideas? Any advice gratefully received.

Seems like it’s probably related to this, but I don’t seem to be able to fix the permissions: Error 404 when load resource on packs folder · Issue #3584 · tootsuite/mastodon · GitHub

can you follow bokuyami21’s troubleshooting steps? checking with a browser console, logs, etc. etc.?


Yep, similar results in console, I’m getting 404 errors.

In the web logs I’m seeing a lot of X-Accel-Mapping header missing. Looks like there are a few old issues in GitHub about this, but I can’t see anything that will help me yet. This is only affecting images coming from other instances, and only in the web interface. Looks like it’s definitely a nginx thing, just not sure how to resolve it.

Without some concrete information like configuration, log extracts etc. we can only guess. Sorry.

Yep, of course. I think it’s some kind of CORS problem, I’m still poking around. If I find the answer I’ll post it here in case anyone else has the same issue.


So the problem here is that images from federated instances are not displaying in the web. The do display in Tooter, but not Amaroq. If you right-click and ‘open link in new…’ then the image displays in the new tab/window, because it loads from the original storage (i.e. the federated instance). If you right-click and ‘view image’, it doesn’t load, because it’s trying to load from

  • I am running v2.4.0rc3 out of a Docker image.
  • I used the Docker instructions from the tootsuite GitHub repo including making a non-root user, and my nginx file is exactly the same as the one in the Production guide (except for the domain URL).
  • I did chown -R 991:991 public to give the Docker user ownership over the public files.
  • I’m not seeing any errors other than 404s in the nginx logs - there’s nothing in the error log, just some 404s in the access.log
  • In the docker logs, there are some line saying X-Accel-Mapping header missing.

The substantive problem seems to be that images from federated instances are not being saved to /live/public/system. They are being saved to /mastodon/public/system, but nginx doesn’t look there. So nginx 404s because there’s no file where it’s looking. I don’t know enough about the Mastodon code to understand why there two directories that seem to be duplicates of each other, but this seems to be the issue: for some reason external files aren’t being saved to the /live directory.

991 is the owner of both /live/public and /mastodon/public, and the parent directory has read and execute rights for all users.

Great, just check where mastodon/public is used/configured and that’s it. Something in the docker?

Thanks for your suggestions saper. Turns out the answer was, as usual, “I’m an idiot” :grin:

For reasons I can’t remember, I had changed the docker-compose.yml file so that this line:

- ./public/system:/mastodon/public/system
was replaced with this line:
- /home/mastodon/live/public/system:/mastodon/public/system

I have a vague memory I was having issues with image uploads becasue of incorrectly set permissions, I probably changed it when I was trying to fix that. Anyway, changing it back to the original ./public... line seems to have done the trick.

That is why I always ask for logs and configuration files instead of an explaining narrative. It is much easier to spot an error there.

Glad it worked! :bellhop_bell: