Another +1 for Cloudflare. They’re selling the domain at their wholesale rate, which is generally cheaper than everywhere else. There’s also many DDNS clients as well as an API to allow you to roll your own (which is what I did).
chiisana
joined 1 year ago
If pre-built media server solutions doesn’t work for your use case, then you’d need to create a custom site.
For the most part, ISPs tends to care more about:
- Covering their butt legally — if they don’t know you’re engaging in anything like piracy, then it’s not really their concern; and
- Ensuring their network stability — if you’re within your contractual usage limits and not using disproportionate amount of traffic causing other customers problem, then your network security is your problem.
As such, as long as the intended sharing audience are limited to only people you trust, and you put the content behind authentication w/ encryption (I.E. https), no one other than the intended recipient would know what you’re sending over the wire. That is as long as none of your users leak their credentials/report you for the content you’re sharing… which, a media server solution wouldn’t protect you from either.
So let me get this straight… Bob does something no one else does — edit messages on somewhere no one else goes, adding significant content to something no one sees — and then Bob wants to spam the world about the update with notification? Why would the world care when everyone else expect Bob to post an actual update?
Also, in this context, this wouldn’t be a bug, but rather a feature request … a feature that no one is asking for, and doesn’t make the software better except to those that doesn’t follow social norms yet still demands to get into others’ inboxes.
Instead, the appropriate behaviour is to not allow Bob to make edits after sometime (which many softwares have such feature for), and/or make edit logs visible (also a common feature), such that people who doesn’t follow expected norms cannot create mass confusion by doing things no one else does, against the grains of expected norms.
Most discussion forums doesn’t do this; Reddit doesn’t do this; I don’t see why Lemmy should do this. Best practice is to post a new reply, and that’s kind of how things have been since pretty much early 2000s if not earlier.
I finally just deployed it as a test. So far so good. Was able to setup a WebAuthN only flow, so passwordless as I hoped, but the flow isn’t as smooth as FusionAuth’s social flow. Authentik seems to have each stage as an individual page, so lots of full page refreshes as opposed to just click redirect redirect and done. I’ll be toying around a bit more and see which one I end up settling with.
Last I checked, which was honestly two or more years prior, CloudFlare doesn’t handle second level sub domains (I.E. a.b.domain.ext) properly… when I tried it, I could make the DNS records, it did resolve, but the certificates didn’t work. I don’t know if that has since changed.
In the most polite way possible: The community is not yours. The content you so badly want to extract quickly, for better or for worse, belongs to the communities on the other instances, and while your users can easily join and contribute there, that's not what should be the sole value/reason people join your instance.
Lemmy (and the Fediverse at larger) is intended such that like minded people can congregate and discuss on subjects that are pertinent to their interest. The right way should be to subscribe to content you intend to read, bring like minded people who are interested in similar contents you read to share your instance, and then grow organically from there.
There is no way to “speed up” federation. Lemme doesn’t backfill comments, nor posts, and will only receive new content if at least one user on your instance subscribed to a specific community. This is because the federation process (beyond the initial search) is not a pull model in which your server requests information from other instances and stores it; but rather it operates on a push model in which you tell larger instances that you’d want new information (by means of having at least one user on your instance subscribe to the community) and they push that to you. Once that subscription is made, only new contents created afterwards are pushed to you, as fast as the other instance could. This as you can imagine puts a lot of stress on the larger servers as they’d need to update every interaction to thousands upon thousands of subscribed instances. “Seeding” content en mass (making dummy accounts to subscribe to everything) makes it worse because now the other instances are pushing entire community’s new updates to the new instance where no one ever touches it.
Instead. It’s probably best to just subscribe to a small handful of communities that you actually care about and intend to read, so only content you will consume gets pushed to you. Then invite like minded people to join and gradually, they too will add more that they’d actually read, so your instance isn’t just sucking the resources out of the fediverse at large but not actually using it.
I’m skipping over Authelia. Social federation is important for me because I do not want to deal with password (see also the WebAuthN bit). Last thing I want is trying to maintain and keep up-to-date a separate service that’s supposed to keep my other services secure, but becoming a single point of failure for my password(s) (so same goes with no self hosting password manager).
Do you mind touching on the integration issues you mentioned? What was the problem, and what were the side effect as result of it?
How is Authentik? Do you like it? Are their feature set currently available to all? I’m using FusionAuth and really like the setup/workflow, but they’re keeping WebAuthN behind paywall and I’d rather not pay so much for just myself and my family.
Yeah I think the closest thing I’m aware of is Plex and album/track mood on smart playlist, and even then that’s kind of janky (ie: cannot shout into smart assistants to creat one on the fly). Music is so cheap now, even the free Amazon Music I get from Prime serves my needs, so I don’t even bother with it.
This is the broader direction. I lament the days where everyone can just use shared hosting and never worry about infrastructure, but everything seems to be moving towards larger and larger stacks… and to abstract as much of that away as possible so people can focus on the apps, docker/Kubernetes is playing a larger and larger role.
Which is also why you’re seeing more and more CLI/scripting — so infrastructure pieces that get in the way of development/apps can be abstracted away and managed in a repeatable fashion between deployments. As you start to work with more and more moving pieces, it is generally a good idea to expand your area of expertise beyond just GUI and move into the more scriptable side, so you can gain more control over your stack more effectively.