Mastodon

https://post.lurk.org is a mastodon service. Mastodon is a federated microblogging software that speaks both ActivityPub and OStatus and can thus communicate with other microblogging softwares like GnuSocial, Pleroma, Pump.io etc.

admin resources

Useful pages from the mastodon documentation

• Installing Mastodon the guide is meant for Ubuntu 16.04 but it worked flawlessly on Debian Stretch
• Tuning mastodon performance TODO
• Mastodon admin commands from ruby terminal
• What and how to back up in Mastodon
• Updating to newer versions

Admin community / help

• Mastodon forum some discussions happen here
• Mastodon git issues some happen there

Installation

post.lurk.org followed the mastodon install almost literally since it was one-to-one applicable on debian stretch. Quite boring really.

This means that mastodon runs as the user mastodon. All the mastodon files live in:

/home/mastodon/live/

Differences are:

• When running the interactive set up during install, the smtp address is set as localhost and the postfix relay takes care of the rest.
• Mastodon-web runs on port 3001 instead of 3000, the changes to this are reflected in the systemd service files and in the nginx virtualhost config

Maintenance

It's a beast that gobbles up all the ram. Something to take into account.

For now I've added the mastodon user to a cgroup TODO

Mastodon can be (re)started by:

systemctl stop mastodon-*.service
systemctl start mastodon-web.service
systemctl start mastodon-sidekiq.service
systemctl start mastodon-streaming.service

Performance tweaks

Getting high scores on ssl comparison sites

instances.social automatically rates each fediverse instance using two different SSL testing sites:

• https://tls.imirhil.fr/https/post.lurk.org
• https://observatory.mozilla.org/analyze.html?host=post.lurk.org.

At the time of writing we got A and B (untweaked mastodon config). We are good boys and want to get A+ grades.

weak DH primes

The first is the weak Diffie-Hellman key primes described here and here.

Generate like so (this take a looong time):

cd /etc/ssl/certs
openssl dhparam -out dhparam.pem 4096

in the post.lurk.org nginx config we point to this new prime by adding this line:

ssl_dhparam /etc/ssl/certs/dhparam.pem;

Statistics

Via the public API one can see the amount activity per week:

https://post.lurk.org/api/v1/instance/activity

and the amount of instances in the federation a server is connected to:

https://post.lurk.org/api/v1/instance/peers