Bluesky with own domain-handle and .well-known/atproto-did

TLDR: Be­ware that there must be no new­line at the end of the .well-known/at­proto-did file and that the con­tent type needs to be text/plain. echo -n to the res­cue in­stead of vim.

I re­cently re­ceived an in­vite to Bluesky and so far I’ve en­joyed the ex­pe­ri­ence. Early-day Twit­ter feel­ing. Can rec­om­mend to check it out if you get an in­vite.

One very in­trigu­ing thing is that Bluesky al­lows for your own do­main to be your han­dle. So I de­cided to go with @​martin.​dont-​panic.​cc.

The process is de­scribed in a blog post by Bluesky. There are two main op­tions to ver­ify your do­main own­er­ship, DNS TXT en­tries or an HTTPS re­quest to https://martin.dont-panic.cc/.well-known/atproto-did (in my case). Since every­one is doing DNS, I wanted to try out HTTPS/.well-known. (Of course, there needs to be a mar­tin.​dont-​panic.​cc DNS entry to get to the web-server, but no spe­cial TXT header for the ver­i­fi­ca­tion.)

I wanted to serve the file as a sta­tic file in the filesys­tem via nginx. So I set up the fol­low­ing sta­tic nginx con­fig­u­ra­tion:

server {
        listen 443 ssl;
        server_name martin.dont-panic.cc;

        root /var/www/cc/dont-panic/martin/;
        index index.html;
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }
        location = /.well-known/atproto-did {
                default_type text/plain;
        }
        # ... lots of SSL stuff omitted ...
}

So ba­si­cally this tells nginx to try to serve any ex­ist­ing file or fall-back to di­rec­tory or 404. It forces text/plain for the /.well-known/atproto-did file, since oth­er­wise it is serves as application/octet-stream which vi­o­lates the re­quire­ments.

Then I used vim to sim­ply cre­ate the file and val­i­dated that the con­tent of the file was ac­ces­si­ble cor­rectly via curl.

Looked good, so hit this ver­ify but­ton. And it failed. After a few re­tries, i de­cided that maybe it’s be­cause of the final new­line that end of the file?

New ap­proach (note the “-n“!):

echo -n "did:plc:njnt2ukwkoljfxnsqsbs5mdm" > /var/www/cc/dont-panic/martin/.well-known/atproto-did

One click on ver­ify later, Bluesky ac­cepted the han­dle as ver­i­fied and I could switch over from my pre­vi­ous user name.

So, look­ing for­ward to hear­ing from you ei­ther in the com­ments here or via Bluesky. Fol­low me! 😉

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.