this post was submitted on 17 Aug 2023
50 points (86.8% liked)
Fediverse
28352 readers
458 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Second this. And other instances would still be accessible. Even more so since lemmy.world (along with probably some others) is starting censorship, which wouldn't affect you, since you decide what you can see.
I'd love to self host one for everyone but not allow communities. The idea would be that I federate with everyone no matter what and leave a what the user wants to sub to up to them. No censorship at all.
Not having communities would mean I don't have to worry about what I host and have other instances defederate with me. Plus, I have no interest in being mod, dealing with DCMA,user reports, etc.
You can disable communities on your instance as an admin, but you would need to disable uploading.
Would that allow someone to still post/upload on other communities? Honestly haven't looked into this at all. Was going to in a couple weeks when I have time to actually sit down and test
Yep. My instance just has me on it and posting elsewhere works without issue. Anything I upload goes to my instance and federates out. It's really quite great not having to worry about the instance drama when big ones defederate from each other. I also turned off NSFW so I don't have to worry about any of that content (legal or otherwise) even hitting my server.
Here's an image of me making this comment via Sync for Lemmy
Edit: I have community creation locked down to admins, which everything disables them on my instance.
I did the same thing for the same reason. Admin approval for everything and I'm the only admin. Basically a personal instance for me and my friends if they're too lazy to host but want to try Lemmy.
Exactly. I went one step further and decided not to use my admin account as my main. I don't run around as root on servers so I try not to do that with apps. It's easier with Lemmy because once it's set up all the admin tasks hit my email.
I also wanted to avoid that vulnerability that hit Lemmy World a few weeks ago that was only possible because the server admin got their jwt stolen, which wouldn't have been so impactful if they weren't on the admin account.
I didn't read the story about how exactly he lost the jwt, but is it still as big of an issue since 2fa was introduced?
I guess existing jwt hashes will bypass 2fa, but I'm not super worried since my instance has 3 users.
2fa was in at the time. IIRC the jwt was granted after 2fa so it didn't matter.
You've got a point though, small instances aren't gonna be nearly as useful as a giant one to threat actors. Assuming you don't give them a reason to go after you specifically they wouldn't have a reason to target such a tiny server.
Still though, I don't need that shiny A next to my name so I'm good with how I have it set up.
You could really mess with people and use admin@ctrlaltelite.xyz but not have it as the admin account. hah. You host it at home or out "in the cloud"? Curious what others do.
I have a couple VPSes for my Tailscale exit nodes and one as an ingress/proxy for my selfhosted stuff at home. They're all super cheap and have unmetered* network connections. Kubernetes on some PIs and Lenovo tinys support all my services at home.
I have this one on a Hetzner server that runs me like $6/mo. I'm not comfortable with the federated nature of things potentially putting CSAM or other illegal content on disk in my home.
I use tailscale so I can still hit my internal (at home) git repos and all that. The rest of my stuff is all hosted on an old gaming PC I turned into a Proxmox host that sits in my spare bedroom. Of those services, I only expose like 3 things to the outside world. Nextcloud being the main one. I don't route it through my VPS, just proxy it through cloudflare.
I assume lemmy doesn't clean up images after X days/years? it would be pointless if it does... I'm a datahoarder but paying storage costs to host this stuff doesn't fit in the budget. I guess I have a lot of things to consider. Thanks!
Yeah I haven't found anything for cleanup maintenance. Right now with just me my disk usage is increasing ~300MB per day. I'm debating purging stuff older than 30 days or something. The only stuff where my server is the source of truth is my profile and communities on my instance.
We'll see though, this is just a fun little side thing I'm not taking too seriously.
You've made 32 comments. 300MB a day must be mostly cache content from other instances that you're viewing. I don't see any reason to keep that past 30 days. I might even say 14 days.
I have a couple hours today. I've set up an instance pretty easily. Resources with just me doesn't seem bad at all. Your other comment about illegal uploads is what's holding me back from making a public one. Not only do I not want to be a mod, I don't want to see that shit. I have a hard enough time seeing the thumbnail of some lemmyNSFW before I can block it.
I love that tailscale/wireguard doesn't reply to UDP packets without the key. I only have the one UDP port open at my house. All my hosts are on tailscale. Sadily Matrix and Lemmy need to be public public.
The growth is happening mostly in the pictrs and db containers. I know pictrs is optional if you're not uploading pics yourself, but I didn't want to limit myself on that. I haven't dived into where the db growth is happening yet either. Right now my hurdle is there doesn't seem to be any baked in maintenance tools, so it's all going to be me editing the database directly. I'm okay with doing it but need to figure out how to not purge content I have saved via Lemmy.
As far as NSFW stuff, there's a check box for the instance settings for enabling NSFW instance wide. I have it unchecked and haven't seen a single NSFW post browsing through my instance. It does require things to be marked as such though. I'll probably go the extra step and defederate the porn instances just to add another layer.
Please let me know if you find anything useful for maintaining the instance.
Commenting because I'm also interested
Yes it works
When I finally look into it I'll make sure to let you know. Are you going to selfhist yourself or just want to use it if I actually set it up? Maybe you can help me host it. Lol
If you let me know how to help you, then I'm in. I have a raspberry pi 4 and some external hard drives. That's it. But I also have some money and would rather help you than host a lonely instance, Mr skankhunt
I'll have to read about local laws and if I can get in trouble for what the users do/upload. I have no interest in dealing with legal shit... If I'm safe then I'll have to see how much people charge for storage these days. I don't really want to run it from my house and I don't have a lot of disposable income to run it out in the internet somewhere.
If a user from your instance posts to a community and wants to upload a file, that file will be saved to your instance. Not the instance in which the community is. Keep that in mind.
Your instance will be mirroring (essentially storing a copy of) content from instances it federates with. Depending on your local laws you might be held liable for this.
Yeah, Thank you for this.
It sounds like I'll also have to store any images my users upload. I'm all for free speech and being anonymous online so I'll avoid logs and the like but I guess I'll have to read Canadian law to see if I want to risk running an instance or not. I cant afford a lawyer, nor do I want to deal with anything that goes along with that.
The GDPR is also a whole other beast that could suckerpunch any instance at any point.