this post was submitted on 17 Aug 2023
50 points (86.8% liked)
Fediverse
28352 readers
664 users here now
A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).
If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!
Rules
- Posts must be on topic.
- Be respectful of others.
- Cite the sources used for graphs and other statistics.
- Follow the general Lemmy.world rules.
Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Yep. My instance just has me on it and posting elsewhere works without issue. Anything I upload goes to my instance and federates out. It's really quite great not having to worry about the instance drama when big ones defederate from each other. I also turned off NSFW so I don't have to worry about any of that content (legal or otherwise) even hitting my server.
Here's an image of me making this comment via Sync for Lemmy
Edit: I have community creation locked down to admins, which everything disables them on my instance.
I did the same thing for the same reason. Admin approval for everything and I'm the only admin. Basically a personal instance for me and my friends if they're too lazy to host but want to try Lemmy.
Exactly. I went one step further and decided not to use my admin account as my main. I don't run around as root on servers so I try not to do that with apps. It's easier with Lemmy because once it's set up all the admin tasks hit my email.
I also wanted to avoid that vulnerability that hit Lemmy World a few weeks ago that was only possible because the server admin got their jwt stolen, which wouldn't have been so impactful if they weren't on the admin account.
I didn't read the story about how exactly he lost the jwt, but is it still as big of an issue since 2fa was introduced?
I guess existing jwt hashes will bypass 2fa, but I'm not super worried since my instance has 3 users.
2fa was in at the time. IIRC the jwt was granted after 2fa so it didn't matter.
You've got a point though, small instances aren't gonna be nearly as useful as a giant one to threat actors. Assuming you don't give them a reason to go after you specifically they wouldn't have a reason to target such a tiny server.
Still though, I don't need that shiny A next to my name so I'm good with how I have it set up.
You could really mess with people and use admin@ctrlaltelite.xyz but not have it as the admin account. hah. You host it at home or out "in the cloud"? Curious what others do.
I have a couple VPSes for my Tailscale exit nodes and one as an ingress/proxy for my selfhosted stuff at home. They're all super cheap and have unmetered* network connections. Kubernetes on some PIs and Lenovo tinys support all my services at home.
I have this one on a Hetzner server that runs me like $6/mo. I'm not comfortable with the federated nature of things potentially putting CSAM or other illegal content on disk in my home.
I use tailscale so I can still hit my internal (at home) git repos and all that. The rest of my stuff is all hosted on an old gaming PC I turned into a Proxmox host that sits in my spare bedroom. Of those services, I only expose like 3 things to the outside world. Nextcloud being the main one. I don't route it through my VPS, just proxy it through cloudflare.