From d92f2c121f95f8d8beadc3a727b8a02376c46d3c Mon Sep 17 00:00:00 2001
From: strawberry <strawberry@puppygock.gay>
Date: Sun, 27 Oct 2024 12:19:45 -0400
Subject: [PATCH] document nginx needing request_uri

Signed-off-by: strawberry <strawberry@puppygock.gay>
---
 docs/deploying/generic.md | 12 ++++++++----
 src/api/router/auth.rs    |  4 ++--
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/docs/deploying/generic.md b/docs/deploying/generic.md
index 1e44ab54..31dc1845 100644
--- a/docs/deploying/generic.md
+++ b/docs/deploying/generic.md
@@ -119,12 +119,16 @@ is the recommended reverse proxy for new users and is very trivial to use
 (handles TLS, reverse proxy headers, etc transparently with proper defaults).
 
 Lighttpd is not supported as it seems to mess with the `X-Matrix` Authorization
-header, making federation non-functional. If using Apache, you need to use
-`nocanon` in your `ProxyPass` directive to prevent this (note that Apache
-isn't very good as a general reverse proxy).
+header, making federation non-functional. If a workaround is found, feel free to share to get it added to the documentation here.
+
+If using Apache, you need to use `nocanon` in your `ProxyPass` directive to prevent this (note that Apache isn't very good as a general reverse proxy and we discourage the usage of it if you can).
+
+If using Nginx, you need to give conduwuit the request URI using `$request_uri`, or like so:
+- `proxy_pass http://127.0.0.1:6167$request_uri;`
+- `proxy_pass http://127.0.0.1:6167;`
 
 Nginx users may need to set `proxy_buffering off;` if there are issues with
-uploading media like images.
+uploading media like images. This is due to Nginx storing the entire POST content in-memory (`/tmp`) and running out of memory if on low memory hardware.
 
 You will need to reverse proxy everything under following routes:
 - `/_matrix/` - core Matrix C-S and S-S APIs
diff --git a/src/api/router/auth.rs b/src/api/router/auth.rs
index 6b1bb1a9..31e71f2f 100644
--- a/src/api/router/auth.rs
+++ b/src/api/router/auth.rs
@@ -247,8 +247,8 @@ async fn auth_server(services: &Services, request: &mut Request, body: Option<&C
 		debug_error!("Failed to verify federation request from {origin}: {e}");
 		if request.parts.uri.to_string().contains('@') {
 			warn!(
-				"Request uri contained '@' character. Make sure your reverse proxy gives Conduit the raw uri (apache: \
-				 use nocanon)"
+				"Request uri contained '@' character. Make sure your reverse proxy gives conduwuit the raw uri \
+				 (apache: use nocanon)"
 			);
 		}