I like your music by the way (Hoggatah)!
Yeah my self hosting story started in 2003 and involves moving all of those things to many different servers, etc. I had problems with hacking when I used WordPress, the server has been taken over 2 times. Once I stopped that those problems stopped too. And because I have only 1 person instances I don't get much attention of angry people.
The depricated PHP version is my biggest problem until now, I used a lib written in PHP 4 which are now incompatible with PHP 8 and I can't easily rewrite it to make it compatible. So this one is still running on PHP 7, but I will need to do something about it in the future. The best would be to export everything into static HTML but that's also not quite straight forward.
First, I'd have to get them talking to each other. I am not an expert at Docker, and I just do the most basic stuff with it.
And second, I think they'll need to be reachable from the web, so I'd want to host them somewhere out in the cloud, and not on my home network. NearlyFreeSpeech doesn't offer Docker hosting yet (that I know of) so that means paying more for somewhere else for it...
And at that point I decided I didn't care enough about the benefits to deal with all the downsides, and just signed up on a Lemmy instance. It was actually the second instance, because the first one had stability issues. I then realized I didn't like how that instance was being run, and signed up on third, which I've been happy with and it's been relatively stable. At least, when it had problems, so did most other big Lemmy instances.
Feel like there must be an xkcd comic on this, but it doesn't leap to mind yet.
Or maybe this one:
Or possibly the last panel of this one:
Or this one…
…Or this one:
I think genuinely containerizing inside an ordinary container, without --privileged, would mean taking extreme compromises like bocker or proot.
What's the state of the art here?
I kept having issues, like I tried to stop the container and it left all the extra containers it made running. They also had different network settings than the ones I set on the parent container. I don’t remember the exact issue but I had to manually adjust the network that it made- because it just made its own and ignored the one I assigned the parent container too.
It was the easiest way to get Nextcloud running but I immediately stopped it. I don’t want Nextcloud able to tamper with my other docker containers. I want it contained.
I haven’t yet had a chance to figure out how to get their containers running normally.
Now that you say that, it seems obvious that it must exist, and I just missed it.
We need to figure out a way to share a single id across apps. Could be as simple as having a single URL as your user ID profile, and listing multiple public keys which are used by your various apps. The keys can be rotated as necessary since your URL is still the final authority on control over your identity.
Mastodon instances basically _work great_ with each other, and with Friendica and Calckey too, since they have the same Twitter-like structure. Lemmy and Kbin - and all instances thereof - can chat with each other without issue too, since they have the communities + threads structure in common.
But trying to get Mastodon and Lemmy to talk to each other is 1. surprisingly possible, and 2. kind of annoying, since they speak the same protocol but have different structures of communication. And never mind other ActivityPub applications like BookWyrm or WriteFreely or PeerTube.
Lemmy has the concept of "communities" - subreddits, basically. On Mastodon, you can follow a Lemmy user and see their posts+comments exactly as you'd expect. And you can follow a community too! To Mastodon's point of view, the community is a single user that "boosts" (re-tweets) every post and every comment made within. So following a moderately active community from Mastodon will absolutely flood your feed with 100% of the community's user activity.
Meanwhile, Lemmy doesn't do direct messages or use hashtags as a first-class feature. So if a Mastodon user tries to DM a Lemmy user, or a Lemmy user wants to follow a hashtag, they're out of luck.
And again, there are other Fediverse apps with even different models than these. Gitea, Forgejo, and GitLab are going to adapt ActivityPub to all federate with each other - this is a huge win, of course - but would we expect someone to make or review a pull request from their BookWyrm account?
And as soon as you introduce this, pay for the many becomes profit for the few, and inevitably markets, trading, and rent-seeking cartels form who swiftly capture the natural value confluence points of the system, reversing any decentralizing tendencies it may have, and collapsing it back towards centralization in order to consolidate and protect their advantaged position.
Naturally you will find lots of bitcoin people using and developing clients (hence the Lightning integration on most clients) but apparently it has been picking the interest of other groups. There seems to be a thriving Japanese community.
I personally think initiatives like activiypod and vocata are interesting and would solve it well. They focus on being standard Activitypub implementations that others can subscribe to.
In comparison, platforms like Twitter and Reddit still feel freer. But overall, the best solution is to use your own website for everything. But too much censure really stifles social media.
You can host your own fediverse services and won't have to worry about being censored
It's legal to be an anti-Semite, but a Jewish instance doesn't want any of that nonsense. It's legal to be a white supremacist, but a server for black people doesn't want to deal with that trash. On the fediverse, instead of having a one-size-fits-all policy like "all legal speech is allowed" or "no anti-trans content is allowed", each group of users can choose for themselves who they want to talk to.
That's the opposite of censorship. I own a Mastodon instance and I've disconnected quite a few despicable servers, because that's what my users ask me to do. Users who thing I'm too strict or too lenient can move to another server more aligned with their own desires. I'm not denying those other groups the right to publish whatever disagreeable content they wish to. I'm just saying we don't want it here on our server.
Incidentally, that's sort of the weirdest part of signing up for Lemmy. I can't be the only one who got to the "Pick an instance!" step and got kinda paralyzed. I'm a programmer, should I sign up to a programmer-centric instance? But I also have hobbies, political views, favorite forms & genres of media... Should those take priority? And by picking one of them, what curation or censorship am I going to be subject to?
I appreciate the fact that Lemmy isn't under the thumb of one monolith, and that I can bounce from once instance to another if the first isn't working out. But I also like the 'big-tent' feeling of Reddit, where I can sub to all kinds of subreddits, even if the two groups don't get along at all.
There's a shared covenant and there's shared block lists, both of which heavily influence what the norm is on the larger Mastodon network. Perhaps an even larger dynamic are activist-type admins that have an extremely low tolerance for content countering their political beliefs and will blackmail other admins into enforcing a block of a user or entire instance.
None of this is a shocking revelation as a large portion of older Mastodon users are known for their excessive safety-ism. It's a perpetual conflict on the network versus those that want to be more forgiving and pragmatic.
Anyway, the bottom line is that mainstream Mastodon is a left to far-left network, and content is moderated as such. The idea "just pick another server" doesn't really apply.
I also think mainstream Mastodon is only left to far-left in the median, because far-right instances tend to be more of a pain in the ass to be around than far-left ones, and thus get themselves banned more often. If there were far-left instances running around posting memes "joking" that we should kill minorities, I'm confident they'd also get disconnected quickly.
Put another way, I don't recall ever disconnecting with an instance because of its users' opinions, unless those opinions were utterly vile to the point that I'm completely unwilling to hear "their side of the argument". Most blocks are due to bad behavior, not unsavory thought.
Indeed, right to far-right doesn't stand a chance there so they get blocked. They effectively move to a darkweb situation where you never see their content unless you're really trying hard to look for it.
What remains, mainstream Mastodon, is moderated to the left, if not far-left. Or perhaps it's a very vocal far-left minority silencing the rest. It's of course not universal across the entire network, but roughly the vibe of the network.
I still see the spectrum like:
(far left nuts) (left) (middle) (right) (far right nuts + poor behavior)
I far the far left opinions as annoying as the far right. I disagree with both of those extremes. However, in general, the far left tends to be annoying but reasonably well behaved and self-policing. We've had many more mod reports about far left individuals than far left servers. On the far right, it's more common to get a whole cluster of misbehaving idiots in one poorly moderated place, resulting in an entire instance getting blocked.
In my opinion, based on my experiences in the Fediverse, if the network as a whole is shifted to the left, it's because the far right is more likely to get itself kicked out because of their behavior. It's like taking a Gaussian curve and lopping off 2 stddevs above the mean; the new mean is farther to the left, but only because it lacks the pull from the extreme right.
To each their own, but I learned that I rather have a little "too much" speech instead of this.
For example: If I have a mastodon.social account, how does that work with pixelfed.social or tube.jenna.net? Do I use my mastodon.social account to sign up to those other services? Or to follow users on those other services? How do the clients handle the fact that they are different services?
This works because while pixelfed and mastodon and tube.jenna.net display things differently, the things they are displaying are in fact very very similar. Posts by users, consisting of maybe a video, maybe an image, maybe a reference to a post they're replying to, and some text. Ultimately it will be up to the individual implementation what to do with posts that are different enough that they can't figure out a reasonable way to display them.
Not sure what you mean by this—it definitely comes up a lot in practice. The top story on HN right now is an example of this in practice—it's a post from social.hackerspace.pl, which has been shared to all of the users followers on different servers. You can take a quick look at the list of reblogs on that post to see how many different servers users use: https://social.hackerspace.pl/@q3k/111528162462505087/reblog... I count 17 different servers in the first 20 users listed. Many of these are deployments of Mastodon or Akkoma, but they're all completely separate servers talking to each other over ActivityPub
> For example: If I have a mastodon.social account, how does that work with pixelfed.social or tube.jenna.net?
You can use your account and client on mastodon.social to follow accounts on tube.jenna.net and pixelfed.social. These accounts are displayed inside of the mastodon.social UI. You don't "sign up" for those instances in any way, they're just an integrated part of your following feed.
> How do the clients handle the fact that they are different services?
There is no special logic needed from clients. For Mastodon specifically, the local server that you're following from will handle the logic of translating the ActivityPub JSON sent by other services into the more limited "Mastodon API" format that clients expect. This has pros and cons—it means that clients are able to handle a more limited and predictable set of posts, but it also means that some remote content gets "squished" down into that format, just like e.g. viewing a blog inside of an RSS reader. Other clients generally use their own similar domain-specific API format
>it also means that some remote content gets "squished" down into that format
this is true but it's usually content going the other way: FROM a Mastodon instance TO something like WriteFreely that isn't a Twitter clone
> FROM a Mastodon instance TO something like WriteFreely that isn't a Twitter clone
I understand that it may appear like that from a user perspective, but from a protocol perspective the ActivityPub representation is strictly more generic and extensible. Both directions (from mastodon and too mastodon) are very, very lossy. All mainstream servers (except maybe pleroma derivatives) do this kind of "squishing", which is a sad reality of client design and not what the ActivityPub spec was intended for
I understand what you mean by "the Mastodon API" but I think we're talking past each other; this does not seem like a client design problem but a protocol problem.
I would like to contend that the ActivityPub spec is too vague and thus clients are forced to do this "squishing" in order to find a portion of the spec that is sufficiently well-defined as to actually be practical for a specific use-case like a federating Twitter clone.
As far as I can tell, there's an echo of this lack of definition in the ActivityPub (and actually more specifically, in the ActivityStreams) specification if you do a tour of the ecosystem of implementations, you'll find that almost all of them are in dynamically typed high-level languages like Ruby (Mastodon). Implementations in languages like Go where JSON deserialization must be defined per-type have a very hard time with ActivityStreams and you'll find that Go implementations of ActivityPub like go-fed are much more narrowly scoped in their functionality in order to avoid this problem.
I have wasted many, many hours on ActivityPub, and I am extremely sad to make this comment, because I understand why it was invented.. but I'm not sure it's really good enough to achieve its goals.
My feeling is that nobody has given a serious AP C2S client implementation (where the narrowing / "squishing" happens on the client side, as defined by the spec, and the server-side is agnostic) a serious effort. It increases client complexity, yes, and there needs to be extensions to the AP spec to make it work, but I think there are a lot of benefits to it that haven't yet been fully explored.
I don't think the future of ActivityPub is locked-down implementations like Go that have super strict type safety rules. That's just at odds with what real decentralized protocols have proven to work (HTML, HTTP, SMTP, MIME—all have "open ended" extension mechanisms). I think a pluggable client infrastructure that allows multiple different "types" of clients to share the same agnostic backend server is a much stronger path forward for future development.
In a world where those would be used, "apps" would just subscribe to the activities that interest them, and you would be one user that adds apps to your system. You'd be able to have something closer to google suite, where your calendar app can display notes from your note app, or your notes app could display shared notes, comments etc.
Today though, most of the big activitypub players decided to implement their own activitypub server and don't really follow the protocol to the letter, so unfortunately it's not as interoperable as it could be. You also need to have an account for each service, which is unfortunate.
caveat: This only works as long as your instance hasn't de-federated those instances.
Following pixelfed accounts from Mastodon is actually fairly straightforward. You simply see them as a tweetlike message with an image attached. One caveat there is that Mastodon does not allow for as many attached images as pixelfed, and I believe will simply drop any images after a certain point (I want to say max size is 4).
Following a peertube account or channel (you can do either) will show a post whenever new videos are uploaded. You can find the OP on mastodon at https://mastodon.social/@jeena@tube.jeena.net. One neat bit of functionality is that if you put all of your peertube follows into a single list, you've basically got a chronological subscribed page (a la youtube). Also take note that comments can be left on either the peertube site or from within mastodon.
/s, kinda. Peertube may help
What does the storage/CPU look like? That amounts to the CPU time for three cores, roughly, but it could be spent on waiting (eg: I/O)
Apologies if this is covered in the post, if so -- tell me to kick dirt. I've been posting while I should be working! The plan was to check it out later (promise!)
I started with the cheapest one, the CX11 but it was just not able to run all the services the load would go up to the hundreds and the server would just block itself. The CX31 has 2 CPUs and 8GB ram which seems to work well with the load I have for now.
My only mild disappointment is he seems to feel that Mastodon is free of censorship. I've never installed or reviewed configuring Mastodon because my understanding is the someone, somewhere, can somehow interfere with what a user sees in a feed.
Anyone familiar with this? Is it just default install configuration that leads to this behavior?
This means you tradeoff someone administrating the server and moderating content (shared instances often have a TOS) for full freedom. i.e. If you self host you have full, manual control for better or worse.
It's like email. If you have a server and I have a server we can talk. If one of us uses someone else's server then that server can censor us.
I'm not sure exactly how Mastodon/Pleroma crawl remote homeservers once they're discovered, but I saw a lot of objectionable content on the "Known Network" view from users I did not follow and that I did not want on my machine, nor did I want to wade through and delete things.
I uninstalled.
- Your "home" TL with people you follow, and the stuff they post/repost/etc.
- The "local" TL with the users on your server.
- The "federated" TL that's the union of all the people that users on your server follow. Like if you and I are the only 2 people on that instance, and you follow {A, B, C}, and I follow {B, C, D}, then the federated TL will have posts from {A, B, C, D}.
That's it. There's no proactive reaching out and pulling in content from the rest of the fediverse. The one other possibility would be if you configured your instance to use a "relay" of content from other instances you wouldn't normally connect to, which is something optional you have to add.
Each site has different rules and cultures. It's convenient to sign up at someone elses site, but you give up some control. Want to live by your own rules? Put up your own website and participate in the social web that way!
I run my own GoToSocial website, which is a Go project that is much simpler to install and maintain than Mastodon. Hit the sweetspot for me, at least.
This is done more then you think. Probably the most known one is thepiratebay for example
The pirate bay is blocked by law in Norway by the ISPs DNS servers, but is trivial to get around. It is a very soft kind of censorship, which is the beauty of the Internet.
For a small instance with only a handful of friend and family accounts that effort (spam, abuse, legal stuff) will take less than 1h per month. On a large instance that can become a full persons job.
Source: I'm running my own fediverse instance since 2011 (using Friendica, predates Mastodon) - as well as my own mail server.
I've also seen the signup page of other instances having dozens of categories of prohibited posts.
Providing a read-only, static version of the services, particularly toots and blog posts, while the origin is unreachable is straightforward and inexpensive.
Somewhat related, the Solar Protocol [0] does something like this to host websites across an array of solar-powered servers across the globe. http://solarprotocol.net/
For me in the Netherlands, maybe 2 years ago my power cut out for an hour IIRC. Pretty reliable, good enough for my website to be just as available.
Point being: is it worth the effort to have a backup in that circumstance?
Why don't more people self host / host everything themselves these days in the age of privacy?
How can we make more people self host their data rather than giving it to corporations?
A start might be to tell people to use extensions that are adblockers and to disable javascript on websites and even use and setup pi-holes to take back their data and privacy.
There must be more that can be done here but it is a start!
Because it's a pain in the ass and people don't care enough to. People don't want the fediverse, they want an app. They don't want to know about cloud and infra primitives, they want their photos in their phone and for them to be safe and shareable. They want their iMessages and WhatsApp to JustWork(TM).
> How can we make more people self host their data rather than giving it to corporations?
You cannot. Make non profits to manage this infra. Wikipedia, Lets Encrypt, etc. Hacker News is a benevolent dictatorship funded by a VC fund and run by someone passionate about the work. Incorporate a 501c3, spin up a deposit account, and start sourcing donations and funding to pay for infra and people.
This is not a doomer comment. Enable the power admins and passionate folks to deliver a great experience to normies with as little effort as possible. Literally how Wikipedia functions: datacenter, paid admins, passionate volunteers curating bytes.
(Would be cool if Cloudflare supported one click deploy of Fediverse tools into their edge cloud; scale when you need, get your data out of R2 and databases on demand so you're not locked in; having to pay for infra is inevitable, that is to be solved for)
It seems that I enjoy the pain with many other people on r/selfhosted. I will call that pleasure I feel, The Pleasure of Pain.
I think that was what the web was about since the beginning and lasted for a good couple of years before targeted ads and "data became the new oil".
Edit: I replied before the GP edited the comment.
If you're not participating in https://lemmy.world/c/selfhosted from your selfhosted Lemmy/Kbin/Mastodon/etc... instance, I question your commitment.
- power's out at your house. You should have bought a UPS.
- internet's out at your house. You should have a router with a backup connection.
- security exploit in the wild. You should have configured automatic updates.
- update repo changed URLs. You need to change the config.
- you enabled open signups, and now strangers are distributing MP3s from your images directory. You need to kill those accounts and change the config.
- you let your cousin have an account, and now he's in a flamewar with half of Australia (which he thinks is Austria, and also he believes is ruled by the Illuminati). You need to shut that down and talk to other admins about getting off of their blocklists...
- Your ISP is [ISPs are, to your 2nd point] actively hostile to running "servers" from your connection, so you must either pay a ridiculous premium for that privilege, or jump through hoops to evade their intentional breakage.
- Your other cousin does something illegal (sells drugs, posts revenge porn, threatens a public official) using your host and now the police are knocking down your door in the middle of the night and dragging you in for questioning. Even if you avoid charges, your neighbors eye you suspiciously from then on.
Everything is a possible point of failure. Of those there are those you can control and those you can not. Just adding in a DNS resolver ups the number of possible points of failure by 2. Mix in a proxy server with TLS rewriting. Add in a few more. Add in your docker source of containers is gone more failure. That on top of your usual 'computers are broken in weird ways' most of the time.
Outsourcing that to a 3rd party is tempting, very tempting. But you are also sacrificing other things to do so. So you have to balance those two opposing forces. Sometimes picking up the phone and saying to someone on the other end 'fix it' and they fix it is useful. Other times you digging thru hundreds of forums (or chatgpt these days) and figuring out what is wrong is interesting too and has its uses.
That most people just sign up for something and just want it to work. I totally get.
Lets Encrypt serves nearly 192M websites with 13 full time staff and an annual budget of approximately $3.35M, for example.
I'm not worried about who owns my data, but I do want to have a stable identity. The first Mastodon server I signed up with mysteriously disappeared after a couple of weeks, so I decided I was better off paying a small monthly fee to put it on my own domain.
Here's my pitch...
Sell a productized version of a server that has everything you need to run all of your data-sharing needs already set up with a nice front end that can be operated by a remote control from an HDMI-connected TV. Using that front end, the user connects to the local network, establishes mobile app companions, enters in any global details for accounts they want to maintain, and manages all the configuration options for the server.
The server would host all of the things a household would want to maintain, using open source projects for transparency and maintainability. That would include things like peertube and mastadon for publishing content and media, but it would also include home automation software, as well as personal media software like owncloud as a way to replace google drive content and plex to manage personal media playback.
Basically, a little server that uses open-source software to emulate every modern cloud-based service, on a household scale so that you can run it cheaply enough to be affordable ($60-$70 bucks?), layered in encryption and firewalls for privacy and federated to other home servers (and everywhere else) using the fediverse, while also adding in anything you would want a home-management or home media server to do.
I call it an "accent server". Like an "accent table". I would make it stylish enough to display, but discreet enough to tuck out of sight.
And, personally, I see this kind of thing coming around either way. It's just a matter of whether or not one company puts together all of this software and starts offering it as a walled garden, or if it bumbles itself together out of CLI utility chaining, and enough reddit posts circling around the same setup questions.
That assumption is based on the idea that most people seem to want what this would provide; it's just that not even particularly tech-minded people want to go through the steps of setting each of all of these things up. And it's only when you have 3 or 4 of the services or features working in tandem that they add up enough to make a change in lifestyle (which is what we're attempting) tempting enough.
So if you could put together a "buy it once, plug it in, set it up, forget about it" kind of offering, I think you would get a ton of people that would buy it, and then once it was just a thing in your house that you could start adding custom plugins to (as easy as installing an app), then you would get a ton of adoption. The hard part is marketing; you have to really explain it fully to make anyone understand what it is you're trying to offer.
- The raw idea seems easy.
- The initial implementation seems like it should be of moderate difficulty, but is actually very challenging to get even close to right.
- The long term maintenance is a nightmare, but don't worry, you won't survive long enough to worry about that.
- The infrastructure and policy implications of getting and keeping it connected to everyone else are intractable. (See https://news.ycombinator.com/item?id=38531969 for some tip-of-the-iceberg examples.)
And yeah, none of that even touches on marketing.
I will say that, for the most part, these companies try a kind of "lock you in to our product which uses open source" scheme that could never possibly work. And, further, that no one has ever implemented the kind of system that I have in mind that I've seen. But that's not because it's unique or complex, just that it isn't a good path to a minimum viable product, so it isn't a good way to spin up a company quickly.
But yeah; aside from burning through cash in order to build enough coverage (maybe a year of dev just on this; no product dev yet) for a product that you will never actually profit from, I don't see how anyone could bring something like this to market.
All of that aside, a product that can sustain a company is not the only way to have a product exist. Modular productization and loss leading are a couple of ways to envision this. But I'm betting some kind of fractional componentization starts happening that makes this kind of stuff more maintainable. YMMV, though!
I might also self-host if residential ISPs didn't treat home servers as an aberration.
But I wonder how it works after a few weeks when it's not being HN'd and the author isn't seeding it.
Honestly, the peer tube method of storing media is actually kinda nice. Not everything needs to live forever, and it brings back a semblance of privacy.
On the other hand of this, larger companies can pin smaller videos on other instances while supplementing with their own ad supported videos.
I am not sure if we have fediverse, or if we have isolated siloses.
I am asking if that is the case.
This is not 100% accurate. Who the collective members of a server follow affects the content shown in searches and feeds to some degree.
For example, compare https://hachyderm.io/tags/cybertruck to https://mastodon.social/tags/cybertruck
As you can see, the bigger server 50% more posts, 40% more participants, 25% more posts today.
As you surf your "local server", you don't get "everything" from the Fediverse. If you care about that, you likely want to join the "biggest" server you can.
Personally I don't care too much about this. There's more content added to the Fediverse than I have time to consume, and so seeing a slice based on who I currently follow and the server I utilize is plenty for me.
But it also makes sense if it bothers people who don't want to miss out on some zeitgeist.
A very small one has a large likelihood to disappear. Each instance has different moderation rules. On a small instance, you don't even see entire threads and lots of other stuff does not sync properly.
Even further: a user on a mastodon instance can see & interact with posts on Lemmy (the Reddit alternative), pics on Pixelfed (=Instagram), videos on Peertube (=Youtube), and content from a long list of other services, all from their single mastodon instance.
(There are exceptions, e.g. you could run a siloed internal company mastodon, and notably server administrators are able to block other servers entirely - but as a user you can always choose a server that federates as widely as you'd like, and if you self-host you're unlikely to block or be blocked by anybody)
_In general_ you may assume probably yes. Caveats are if one of the users instances blocks the other one's instances (in practice, rare) or if one or both instances doesn't federate at all (Truth Social and Gab are the big examples of this).
The user identity is an issue on the fediverse and it is know by the creators of ActivityPub. There are plans to create a way for global identities which will solve many of these issues.
I also don’t see what we gain from all the extra complexity.
Basically a set of message types that every implementor has a way of displaying
I think the way we ended up in this situation is that there are quite a few types of messages in the AP protocol, and up until recently the up and coming ones were seeing pretty limited use. Without another service to test against, I can understand why a lot of fediverse developers have opted to kick that can down the road. That said, we are definitely in the era of determining the defacto use case for each of these message abstractions, and I suspect that will be a slow process and involve a lot of back and forth between projects.
In this case, it sounds like the devs specifically targeted Safari to not be supported. You could try to get around this with a user agent spoof, though.
(If you don't want us to assume what your browser is, you should say what your browser is.)