Lemmy

2172 readers
51 users here now

Everything about Lemmy; bugs, gripes, praises, and advocacy.

For discussion about the lemmy.ml instance, go to [email protected].

founded 4 years ago
MODERATORS
201
 
 

I can see downvotes on comments, but on posts there's only a total score. Can you please make the UI consistent by either giving posts both up and down votes visibility, which would be my preferred course of action, or make comments have only a total value shown like posts? It's a pet peeve of mine, I mainly just want to see post downvotes. I don't use any apps, just a raw (no plugins or else) desktop experience.

202
 
 

I have a lot of communities blocked. Sometimes when I would block, they wouldn't get blocked, so I'd have to block again. I assume it could be just server temporarily blacking out, but I was wondering if it could be actually related to the community blocks I have. I don't use any apps, just the browser version with the blocks being saved into my account.

I'm asking, because I noticed .ml going down lately and my block list has only grown. I feel like it's a very far reach to think the block list of a user could be responsible, but I assume other people also block (although I assume far, far less) and depending on how it's processed, maybe it could actually play a part?

I cannot live without the blocks, so please don't take them away. I'll appreciate if someone could clarify if it's programmed in a way which could be affecting the server itself.

203
 
 

cross-posted from: https://lemmit.online/post/1047028 - because ironically this will not reach instances where Lemmit is blocked.

A few months ago, I launched the Lemmit instance and bot (@[email protected]). Primarily, this was to help me stay up to date with some of the content I'd leave behind on Reddi. Additionally, I wanted to give back to the community, so I made it possible for anyone to request the archiving of subreddits to the Lemmit instance.

However, this came with some unintended consequences. Notably, the most subscribed community on the instance has been [email protected]. Even though it should have been obvious that there is no way to communicate with the Original Poster, given they're on Reddit.

The pushback against the bot and the instance has increased over time. A recent post, This bot is bad for Lemmy, highlighted these concerns. I've also received similar feedback from admins of major Lemmy Instances and through direct PMs.

As a response, last week I stopped accepting requests for archiving new subreddits. This weekend, I went a step further by discontinuing the archiving of a large amount of "interactive subreddits"—communities primarily centered around Q&A or communication with the Original Poster. This includes subs like [email protected] and [email protected], as well as niche and support communities. Such discussions are better hosted on Reddit or Lemmy's equivalent spaces.

I've also adjusted the post karma thresholds to curb spam posts. While this probably won't appease everyone, it should reduce the bot's posting frequency.

Perhaps this might prompt some admins to rethink their choice to defederate from the Lemmit instance, or the banning of the bot. I'm not expecting anyone to, and won't take it personally if you don't, but I wanted to give the community this update nonetheless.

In [email protected] there's a sticky post of all the Actively archived communities on the server (including NSFW ones, since that is not public without logging in), as well as the list of communities for which archiving is now disabled.

Cheers!

204
 
 

In case this is an app issue, i'm on eternity. Unlikely to be an instance issue i've noticed this several times on my alt too.

205
 
 

As the title says... I moved my lemmy instance from one host to a new host. The domain remains the same.

Initially, I just started up a new lemmy instance and repointed the domain, as I'm the only user I care about on my instance at the moment.

I have incoming federated content, which seems to be fine. But if I respond to a message or post a new message on a federated community, it never shows up outside my server.

Thinking there may be some sort of AP ID that is unique to my install, I copied over the entire Postgres database to my new instance and restored from there. Everything came up as expected and everything works, but the same problem remains.

I'm not sure how to even diagnose what's going on.

Can anyone tell me what might be happening and how to fix it? Everything seems to be working just fine as it should, content is coming in... but if I post anything, nothing seems to go out to the wider Fediverse.

I'm ok with blowing everything out and starting from scratch, but that didn't seem to work, either. Everything comes in just fine, even if I send myself a PM from another instance, it shows up immediately. Replying to that PM, though, and nothing goes out.

I don't quite know what to do.

206
209
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

Here is our regular update that explains what we have been working on for the past two weeks. This should allow average users to keep up with development, without reading Github comments or knowing how to program.

We are slowly getting closer to the 0.19 release, although there is still a lot of work left. Client developers should read this post with information about breaking changes to update their projects.

Edit: You can test the latest 0.19 code on voyager.lemmy.ml, or by installing 0.19.0-beta.8 on your server. Be sure to report any bugs on Github.

@nutomic has closed over 100 issues, most of them duplicates, invalid or already resolved ones. He also made numerous pull requests to fix minor bugs and implement small enhancements. This includes a bug fix for federation of admin actions which was released as 0.18.5. He is also changing the way HTML escaping is handled to avoid broken texts.

@dessalines is working on redesigning the join-lemmy.org website, adding the apps and instances pages. Also worked on rewriting the Docker images to use Debian as base instead of Alpine. Additionally he is adding support for new backend features to lemmy-ui (scaled search and cursor-based pagination).

@SleeplessOne1917 has implemented support for new block instance feature, finished implementing the remote follow feature, and updated 2-Factor-Auth to account for a backend rework. He also implemented some bug fixes. He has also been working on adding authentication to lemmy-ui-leptos.

Support development

@dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. Recurring donations are ideal because they allow for long-term planning. But also one-time donations of any amount help us.

207
 
 

I feel like I've formed some sort of faithfulness towards dbzer0 and have a bias towards subs and users of my instance. Anybody else in the same boat?

208
 
 

I've wanted a badge that shows the instance uptime and couldn't find any, so I created one. It's available at https://uptime.lemmings.world/{your-domain}.svg and gets its data from fediverse.observer.

Examples:

The documentation is available at https://uptime.lemmings.world. Feel free to use it for your instance if you wish to.

209
 
 

My previous account was on compuverse.uk, tho since about 1 week I cannot access the instance at all. I suppose either the hosting service destroyed it. The maintainer disappeared Or there are bigger issues about cloudflare routing or server issues.

There was a point where it was taking way too long to load, and then nothing. It is in accessible for me. I cannot access it through a vpn either.

210
 
 

Familiar faces resurfacing is nice and only possible on a smaller sized platform. Or clicking someones profile only to see a post I previously saw or commemted on.

211
 
 

I don't mean the recent selling API rights at absurd costs but when they went from open sourcish to closed.

212
 
 
213
 
 

cross-posted from: https://infosec.pub/post/2802322

This feature is long overdue, Lemmy is getting distracting, especially with worthless replies.

214
 
 

cross-posted from: https://lemmy.world/post/1208548

Ran a search & didn't see a thread on this, although there may be a Git issue raised on the subject. Nevertheless, I think it would be nice to have a setting from the profile & per post/comment to mute notifications for replies to posts or comments, as desired.

On Reddit there was no such account-level option so far as I'm aware, so you basically had to make it a habit to disable reply notifications on every, single, post & comment if you didn't want to see your inbox/notifications lit up.

I know this may be a little counter-intuitive, but after awhile I honestly don't want to see that someone randomly replied to one of my comments or posts from who knows how long ago. In the cases that I might, though, I'd leave the notifications on, of course.

215
 
 

I believe that the addition of an edit history would be a massive boon to the usefulness of Lemmy on the whole. A common problem with forums is the relatively low level of trust that users can have in another's content. When one has the ability to edit their posts, and comments this invites the possibility of misleading the reader -- for example, one can create a comment, then, after gaining likes, and comments, reword the comment to either destroy the usefulness of the thread on the whole, or mislead a future reader. The addition of an edit history would solve this issue.

Lemmy already tracks that a post was edited (I point your attention to the little pencil icon that you see in a posts header in the browser version of the lemmy-ui). What I am describing is the expansion of this feature. The format that I have envisioned is something very similar to what Element does. For example:

What this image is depicting is a visual of what parts of the post were changed at the time that it was edited, and a complete history of every edit made to the post -- sort of like a "git diff".

I would love to hear the feedback of all Lemmings on this idea for a feature -- concerns, suggestions, praise, criticisms, or anything else!


This post is the result of the current (2023-10-03T07:37Z) status of this GitHub post. It was closed by a maintainer/dev of the Lemmy repo. I personally don't think that the issue got enough attention, or input, so I am posting it here in an attempt to open it up to a potentially wider audience.

216
14
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

cross-posted from: https://sh.itjust.works/post/6400327

In case anyone is wondering, it's rqd2.

The definition of paraphilia is "a condition characterized by abnormal sexual desires, typically involving extreme or dangerous activities.", which can inclde pedophilia.

Don't be fooled by their rules, one of their biggest communities is a "MAP" community where they openly discuss pedophilia. They're likely larping as LGBTQ+ to make them look bad.

It has recieved 4 censures from fediseer due to the content contained on that instance

Not a good look for Lemmy to be promoting any instance like that.

You can see for yourself here

Update: A pull request was sent to remove the sus instance. It should no longer show up soon

217
 
 

Right now, unless someone is linked to an instance directly, the first point of entry is usually join-lemmy.org, and let's face it, it's completely uninviting.

The first few screenshots give off a Rust nerd vibe, and you have a "join a server" button shown to you before you even get to see some short explanation of how the Fediverse works.

In contrast, https://matrix.org/ and https://joinmastodon.org/ (which btw also has this "join a server" shown too early problem, but they kind of go around it by linking a default instance) feel much more welcoming.

Maybe we could have a contest to make join-lemmy.org better? Not just the layout, the wording is also way too technical for the most part and deserves to be reviewed by people with more of a marketing mindset.

We could also have a similar one to make a short introductory video, like what was done by Framasoft (a French non-profit) in this video: https://peertube.fr/w/9dRFC6Ya11NCVeYKn8ZhiD (or probably just reuse that video if there's not enough interest in making a similar Lemmy-focused one?)

Would be really cool to have creative people contribute that way to Lemmy without necessarily coding!

218
 
 

Because of the time it takes for mods to moderate content on Lemmy, the"new" sort's been prone to abuse.

Could a "delayed new" sort, where the newest content x hours ago is shown be introduced to help suppress this problem?

219
 
 

cross-posted from: https://lemmy.ml/post/5712030

What is Lemmy?

Lemmy is a self-hosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company. This means that there is no advertising, tracking, or secret algorithms. Content is organized into communities, so it is easy to subscribe to topics that you are interested in, and ignore others. Voting is used to bring the most interesting items to the top.

Major Changes

This release fixes a problem with federation of moderation actions performed by admin accounts. Specifically there is an check when receiving remote federation actions, which is incorrectly rejecting them in some cases. The problem is fixed by this release.

There are no other changes, and no updated lemmy-ui version.

Support development

@dessalines and @nutomic are working full-time on Lemmy to integrate community contributions, fix bugs, optimize performance and much more. This work is funded exclusively through donations.

If you like using Lemmy, and want to make sure that we will always be available to work full time building it, consider donating to support its development. No one likes recurring donations, but they’ve proven to be the only way that open-source software like Lemmy can stay independent and alive.

Upgrade instructions

Follow the upgrade instructions for ansible or docker. There are no config or API changes with this release.

If you need help with the upgrade, you can ask in our support forum or on the Matrix Chat.

Changes

Lemmy

  • Fix federation of admin actions (#3988)
220
 
 

We are getting closer to the next major release. This version will have many breaking changes, so we are listing them here for app and client developers to adjust their projects.

As we prepare for the release of Lemmy 0.19.0, we'd like to provide any app or client developers ample time to upgrade their apps, as well as discover any problems, before we do the release. This will be at least 4 weeks from now (but likely longer).

Server admins can also upgrade to the latest release candidates for testing. Be aware that they are still unstable and shouldn't be used in production. As with any upgrade it is important to have working backups in place.

It should be possible for clients to support both Lemmy 0.18 and 0.19 without major workarounds. If backwards compatibility is causing you trouble, comment below and we will help to find a solution.

To test, you can point your app to the following test instance running a release candidate of 0.19.0: https://voyager.lemmy.ml

A diff of API changes is here: lemmy-js-client API changes from 0.18.3 -> 0.19.0-rc's

Note for developers not using typescript or rust:

If you'd like to auto-generate an API client for your language, you can try out @MV-GH's lemmy_openapi_spec, or (if in kotlin), use Jerboa's script here.

Major Changes

Authentication

Previous Lemmy versions used to take authentication as query/post parameters. This is insecure and unnecessarily complicated. With 0.19, the jwt token can be passed either as cookie with name auth, or as header in the form Authorization: Bearer .

A major advantage is that this allows us to send proper cache-control headers, with responses to unauthenticated users being cacheable. It also prevents token leaks in web server logs. The login and registration endpoints attempt to set the cookie automatically. If that is supported on your platform, you don't have to worry about the authentication token at all.

In order for your client to be compatible with both Lemmy 0.18 and 0.19, you should send auth in both ways. Meaning with each API call, send the old auth query/post parameter, as well as the new header or cookie.

A few PRs detailing these changes:

Users can block instances

Users can now block instances, so that their communities are hidden from listings. This is done via POST /api/v3/site/block with parameters int instance_id, bool block.

https://github.com/LemmyNet/lemmy/pull/3869

New sort options

A new scaled sort option has been added. This sort is identical to the Hot sort, but also takes into account the number of each community's active monthly users, and so helps to boost posts from less active communities to the top.

https://github.com/LemmyNet/lemmy/pull/3907

2FA / TOTP Rework

Two-Factor-Authentication is now enabled in a two-step process to avoid locking yourself out. Now a secret needs to be generated first with POST /api/v3/user/totp/generate (no parameters). The generated token needs to be added by the user to an authenticator app.

Once this is completed, 2FA can be enabled with POST /api/v3/user/totp/update. This takes a string parameter totp_token (generated by authenticator app), and boolean enabled. 2FA can be disabled again with the same update endpoint. Additionally, the 2FA algorithm has been changed to SHA1 for better compatibility.

The update disables 2FA for all accounts, so that users who are locked out can use their accounts again, and to ease the transition to the SHA1 algorithm.

https://github.com/LemmyNet/lemmy/pull/3959

Timestamps now include timezone

Previous Lemmy versions used timestamps without any timezone internally. This caused problems when federating with other software that uses timezones.

Going forward, all timestamps in the API are switching from timestamps without time zone (2023-09-27T12:29:59.113132) to ISO8601 timestamps (e.g. 2023-10-29T15:10:51.557399+01:00 or Z suffix). In order to be compatible with both 0.18 and 0.19, parse the timestamp as ISO8601 and add a Z suffix if it fails (for older versions).

https://github.com/LemmyNet/lemmy/pull/3496

Cursor based pagination

0.19 adds support for cursor based pagination on the /api/v3/post/list endpoint. This is more efficient for the database. Instead of a query parameter ?page=3, listing responses now include a field "next_page": "Pa46c" which needs to be passed as ?page_cursor=Pa46c. The existing pagination method is still supported for backwards compatibility, but will be removed in the next version.

https://github.com/LemmyNet/lemmy/pull/3872

New endpoints for export/import of user settings data

Users can now export their profile settings data (including subscriptions and blocklists) via GET /api/v3/user/export. The returned JSON data should not be parsed by clients, but directly downloaded as a file. Backups can be imported via POST /api/v3/user/import.

https://github.com/LemmyNet/lemmy/pull/3976

Make remove content optional during account deletion

When a user deletes their own account using POST /api/v3/user/delete_account, there is a new parameter called delete_content. If it is true, all posts, comments and other content created by the user are deleted (this is the previous default behaviour). If it is false, only the user profile will be marked as deleted.

https://github.com/LemmyNet/lemmy/pull/3817

Outgoing Federation Queue

The federation queue has been rewritten to be much more performant and reliable. This is irrelevant for client developers, but admins should look out for potential federation problems. If you run multiple Lemmy backends for horizontal scaling, be sure to read the updated documentation and set the new configuration parameters. The Troubleshooting section has information about how to find out the state of the federation queues.

https://github.com/LemmyNet/lemmy/pull/3605

221
 
 

or maybe some other terminology would be better? lots of people get confused when you ask them to choose an instance, sometimes I think even the word "proxy", "host", or "hub" is simpler

the specific terms aren't my point, just a discussion to see if we can come up with a better name

222
26
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 
 

https://join-lemmy.org/docs/users/03-votes-and-ranking.html

"New Comments: Bumps posts to the top when they are created or receive a new reply, analogous to the sorting of traditional forums"

I feel like this is underutilized and can be really good for keeping old discussions alive and reused. It brings us back to the old school forums ways. On Reddit you see the same questions being asked over and over again every month or so (especially like on r/movies), if they had the New Comments sorting method then they wouldn't have to do that. And if you could subscribe to a post to get notifications about new comments that would be even better.

Now I'm also thinking Lemmy could have a Mixed sorting option to combine some of the main sorting methods, so you could see posts from Active, Hot, Top 6 hours, and New Comments all mixed together.

223
 
 

Red line is default, and the blue line is # of votes multiplied by 1000. x is rank, y is time. z = number of votes and has a slider to change the value.

224
 
 

publicação cruzada de: https://lemmy.world/post/5837469

Since I moved my server to ipv6 only federation broke. I'm guessing this server is acessible trough the cloudflare proxy, but the underlying server is unable to connect to mine

225
 
 

I have created a selfhosted instance from scratch a couple of days ago and everything seems to be working well, however, 3rd party apps (Memmy, Voyager) complain that my profile at "/u/[email protected]" does not exist ...

I tried replicating this in the webinterface and indeed, while "/u/michael" displays the profile as expected, "/u/[email protected]" gives a "couldnt_find_that_username_or_email" error. Perhaps I am missing the obvious (see log and config below), but this seems to be working on other instances (and is expected by the apps mentioned above) and any pointers would be greatly appreciated!

Log output:

Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.313311Z  WARN Error encountered while processing the incoming HTTP request: lemmy_server::root_span_builder: couldnt_find_that_username_or_email: expected value at line 2 column 5
Sep 23 09:48:16 lemy lemmy_server[58804]:    0: lemmy_apub::fetcher::resolve_actor_identifier
Sep 23 09:48:16 lemy lemmy_server[58804]:              at crates/apub/src/fetcher/mod.rs:21
Sep 23 09:48:16 lemy lemmy_server[58804]:    1: lemmy_apub::api::read_person::read_person
Sep 23 09:48:16 lemy lemmy_server[58804]:            with data=Query(GetPersonDetails { person_id: None, username: Some("[email protected]"), sort: Some(New), page: Some(1), limit: Some(20), community_id: None, saved_only: None, auth: Some(Sensitive) })
Sep 23 09:48:16 lemy lemmy_server[58804]:              at crates/apub/src/api/read_person.rs:17
Sep 23 09:48:16 lemy lemmy_server[58804]:    2: lemmy_server::root_span_builder::HTTP request
Sep 23 09:48:16 lemy lemmy_server[58804]:            with http.method=GET http.scheme="http" http.host=leuker.me http.target=/api/v3/user otel.kind="server" request_id=b95e4f8d-5f30-4549-8e99-e0cd1e036046 http.status_code=400 otel.status_code="OK"
Sep 23 09:48:16 lemy lemmy_server[58804]:              at src/root_span_builder.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]:    3: tokio::task::runtime.spawn
Sep 23 09:48:16 lemy lemmy_server[58804]:            with kind=local task.name= task.id=4701 loc.file="/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/service.rs" loc.line=74 loc.col=17
Sep 23 09:48:16 lemy lemmy_server[58804]:              at /home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]:    4: tokio::task::runtime.spawn
Sep 23 09:48:16 lemy lemmy_server[58804]:            with kind=local task.name= task.id=26 loc.file="/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs" loc.line=367 loc.col=29
Sep 23 09:48:16 lemy lemmy_server[58804]:              at /home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]:    5: tokio::task::runtime.spawn
Sep 23 09:48:16 lemy lemmy_server[58804]:            with kind=block_on task.name= task.id=25 loc.file="/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs" loc.line=402 loc.col=32
Sep 23 09:48:16 lemy lemmy_server[58804]:              at /home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs:16
Sep 23 09:48:16 lemy lemmy_server[58804]: LemmyError { message: Some("couldnt_find_that_username_or_email"), inner: expected value at line 2 column 5, context: SpanTrace [{ target: "lemmy_apub::fetcher", name: "resolve_actor_identifier", file: "crates/apub/src/fetcher/mod.rs", line: 21 }, { target: "lemmy_apub::api::read_person", name: "read_person", fields: "\u{1b}[3mdata\u{1b}[0m\u{1b}[2m=\u{1b}[0mQuery(GetPersonDetails { person_id: None, username: Some(\"[email protected]\"), sort: Some(New), page: Some(1), limit: Some(20), community_id: None, saved_only: None, auth: Some(Sensitive) })", file: "crates/apub/src/api/read_person.rs", line: 17 }, { target: "lemmy_server::root_span_builder", name: "HTTP request", fields: "\u{1b}[3mhttp.method\u{1b}[0m\u{1b}[2m=\u{1b}[0mGET \u{1b}[3mhttp.scheme\u{1b}[0m\u{1b}[2m=\u{1b}[0m\"http\" \u{1b}[3mhttp.host\u{1b}[0m\u{1b}[2m=\u{1b}[0mleuker.me \u{1b}[3mhttp.target\u{1b}[0m\u{1b}[2m=\u{1b}[0m/api/v3/user \u{1b}[3motel.kind\u{1b}[0m\u{1b}[2m=\u{1b}[0m\"server\" \u{1b}[3mrequest_id\u{1b}[0m\u{1b}[2m=\u{1b}[0mb95e4f8d-5f30-4549-8e99-e0cd1e036046 \u{1b}[3mhttp.status_code\u{1b}[0m\u{1b}[2m=\u{1b}[0m400 \u{1b}[3motel.status_code\u{1b}[0m\u{1b}[2m=\u{1b}[0m\"OK\"", file: "src/root_span_builder.rs", line: 16 }, { target: "tokio::task", name: "runtime.spawn", fields: "kind=local task.name= task.id=4701 loc.file=\"/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/service.rs\" loc.line=74 loc.col=17", file: "/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs", line: 16 }, { target: "tokio::task", name: "runtime.spawn", fields: "kind=local task.name= task.id=26 loc.file=\"/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs\" loc.line=367 loc.col=29", file: "/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs", line: 16 }, { target: "tokio::task", name: "runtime.spawn", fields: "kind=block_on task.name= task.id=25 loc.file=\"/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/actix-server-2.1.1/src/worker.rs\" loc.line=402 loc.col=32", file: "/home/rust/.cargo/registry/src/index.crates.io-6f17d22bba15001f/tokio-1.29.1/src/util/trace.rs", line: 16 }] }
Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.313380Z  INFO actix_web::middleware::logger: 10.200.106.2 'GET /api/v3/user?username=michael%40leuker.me&sort=New&page=1&limit=20&auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjIsImlzcyI6ImxldWtlci5tZSIsImlhdCI6MTY5NTQ2MTU2NX0.dgg4VoY7rhG2JivMv3JxVKOHESKj_ELeXfAQS3R8ce4 HTTP/1.1' 400 47 '-' 'node-fetch/1.0 (+https://github.com/bitinn/node-fetch)' 0.042611
Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.547471Z  INFO actix_web::middleware::logger: 10.200.106.2 'GET /api/v3/user/unread_count?auth=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOjIsImlzcyI6ImxldWtlci5tZSIsImlhdCI6MTY5NTQ2MTU2NX0.dgg4VoY7rhG2JivMv3JxVKOHESKj_ELeXfAQS3R8ce4 HTTP/1.1' 200 47 'https://leuker.me/u/[email protected]' 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36' 0.003553
Sep 23 09:48:16 lemy lemmy_server[58804]: 2023-09-23T09:48:16.595166Z  INFO actix_web::middleware::logger: 10.200.106.2 'GET /api/v3/site HTTP/1.1' 200 10527 '-' 'node-fetch/1.0 (+https://github.com/bitinn/node-fetch)' 0.011685

nginx config:

server {                                                                                                                                                                                                        
    listen 443      ssl http2;                                                                                                                                                                                  
    listen [::]:443 ssl http2;                                                                                                                                                                                  
    server_name leuker.me;                                                                                                                                                                                      
                                                                                                                                                                                                                
    ssl_certificate /etc/ssl/letsencrypt/lemy.leuker.me/fullchain.pem;                                                                                                                                          
    ssl_certificate_key /etc/ssl/letsencrypt/lemy.leuker.me/key.pem;                                                                                                                                            
    ssl_dhparam /etc/ssl/dhparams.pem;                                                                                                                                                                          
                                                                                                                                                                                                                
    ssl_protocols TLSv1.2 TLSv1.3;                                                                                                                                                                              
    ssl_prefer_server_ciphers on;                                                                                                                                                                               
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';                                                                                                                            
    ssl_session_timeout  10m;                                                                                                                                                                                   
    ssl_session_cache shared:SSL:10m;                                                                                                                                                                           
    ssl_session_tickets on;                                                                                                                                                                                     
    ssl_stapling on;                                                                                                                                                                                            
    ssl_stapling_verify on;                                                                                                                                                                                     
                                                                                                                                                                                                                
    # Upload limit, relevant for pictrs                                                                                                                                                                         
    client_max_body_size 20M;                                                                                                                                                                                   
                                                                                                                                                                                                                
    # Enable compression for JS/CSS/HTML bundle, for improved client load times.                                                                                                                                
    # It might be nice to compress JSON, but leaving that out to protect against potential                                                                                                                      
    # compression+encryption information leak attacks like BREACH.                                                                                                                                              
    gzip on;                                                                                                                                                                                                    
    gzip_types text/css application/javascript image/svg+xml;                                                                                                                                                   
    gzip_vary on;                                                                                                                                                                                               
                                                                                                                                                                                                                
    # Various content security headers                                                                                                                                                                          
    add_header Referrer-Policy "same-origin";                                                                                                                                                                   
    add_header X-Content-Type-Options "nosniff";                                                                                                                                                                
    add_header X-Frame-Options "DENY";                                                                                                                                                                          
    add_header X-XSS-Protection "1; mode=block";

    ## Frontend                                                                                                                                                                                                 
    location / {                                                                                                                                                                                                
        set $proxpass "http://127.0.0.1:1234";                                                                                                                                                                  
                                                                                                                                                                                                                
        if ($http_accept = "application/activity+json") {                                                                                                                                                       
          set $proxpass "http://127.0.0.1:8536";                                                                                                                                                                
        }                                                                                                                                                                                                       
        if ($http_accept = "application/ld+json; profile=\"https://www.w3.org/ns/activitystreams\"") {                                                                                                          
          set $proxpass "http://127.0.0.1:8536";                                                                                                                                                                
        }                                                                                                                                                                                                       
        if ($request_method = POST) {                                                                                                                                                                           
          set $proxpass "http://127.0.0.1:8536";                                                                                                                                                                
        }                                                                                                                                                                                                       
        proxy_pass $proxpass;                                                                                                                                                                                   
                                                                                                                                                                                                                
        rewrite ^(.+)/+$ $1 permanent;                                                                                                                                                                          
                                                                                                                                                                                                                
        # Send actual client IP upstream                                                                                                                                                                        
        proxy_set_header X-Real-IP $remote_addr;                                                                                                                                                                
        proxy_set_header Host $host;                                                                                                                                                                            
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                                                                                                                                            
    }                                                                                                                                                                                                           
                                                                                                                                                                                                                
    ## Backend                                                                                                                                                                                                  
    location ~ ^/(api|pictrs|feeds|nodeinfo) {                                                                                                                                                                  
      proxy_pass http://127.0.0.1:8536;                                                                                                                                                                         
      proxy_http_version 1.1;                                                                                                                                                                                   
      proxy_set_header Upgrade $http_upgrade;                                                                                                                                                                   
      proxy_set_header Connection "upgrade";                                                                                                                                                                    
                                                                                                                                                                                                                
      # Send actual client IP upstream                                                                                                                                                                          
      proxy_set_header X-Real-IP $remote_addr;                                                                                                                                                                  
      proxy_set_header Host $host;                                                                                                                                                                              
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;                                                                                                                                              
    }
}

lemmy config:

{                                                                                                                                                                                                                                                                                                                                                                                                                       
database: {                                                                                                                                                                                                     
    user: "user"                                                                                                                                                                                                
    password: "password"                                                                                                                                                        
    host: "host"                                                                                                                                                                                        
    port: 5432                                                                                                                                                                                              
    database: "database"                                                                                                                                                                                            
  }                                                                                                                                                                                                             
                                                                                                                                                                                                                
  pictrs: {                                                                                                                                                                                                     
    url: "http://127.0.0.1:8080/"                                                                                                                                                                               
  }                                                                                                                                                                                                             
                                                                                                                                                                                                                
  email: {                                                                                                                                                                                                      
    smtp_server: "10.200.111.2:25"                                                                                                                                                                              
    smtp_from_address: "[email protected]"                                                                                                                                                                        
    tls_type: "none"                                                                                                                                                                                            
  }                                                                                                                                                                                                             
                                                                                                                                                                                                                
  hostname: "leuker.me"                                                                                                                                                                                         
  bind: "127.0.0.1"                                                                                                                                                                                             
  port: 8536                                                                                                                                                                                                    
  tls_enabled: true                                                                                                                                                                                                                                                                                                                                                                                                       
} 
view more: ‹ prev next ›