Difference between revisions of "Mastodon"
| Line 41: | Line 41: | ||
systemctl start mastodon-sidekiq.service | systemctl start mastodon-sidekiq.service | ||
systemctl start mastodon-streaming.service | systemctl start mastodon-streaming.service | ||
| + | |||
| + | |||
| + | == Performance tweaks == | ||
| + | |||
| + | === Getting high scores on ssl comparison sites === | ||
| + | |||
| + | [https://instances.social instances.social] automatically rates each fediverse instance using two different SSL testing sites: | ||
| + | * [https://tls.imirhil.fr/https/post.lurk.org https://tls.imirhil.fr/https/post.lurk.org] | ||
| + | * [https://observatory.mozilla.org/analyze.html?host=post.lurk.org https://observatory.mozilla.org/analyze.html?host=post.lurk.org]. | ||
| + | |||
| + | At the time of writing we got A and B (untweaked mastodon config). We are good boys and want to get A+ grades. | ||
| + | |||
| + | ==== weak DH primes ==== | ||
| + | The first is the weak Diffie-Hellman key primes described [https://weakdh.org/sysadmin.html here] and [https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html#Forward_Secrecy_&_Diffie_Hellman_Ephemeral_Parameters here]. | ||
| + | |||
| + | Generate like so (this take a looong time): | ||
| + | cd /etc/ssl/certs | ||
| + | openssl dhparam -out dhparam.pem 4096 | ||
| + | |||
| + | in the post.lurk.org nginx config we point to this new prime by adding this line: | ||
| + | ssl_dhparam /etc/ssl/certs/dhparam.pem; | ||
== Statistics == | == Statistics == | ||
Revision as of 07:29, 9 May 2018
https://post.lurk.org is a mastodon service. Mastodon is a federated microblogging software that speaks both ActivityPub and OStatus and can thus communicate with other microblogging softwares like GnuSocial, Pleroma, Pump.io etc.
Contents
admin resources
Useful pages from the mastodon documentation
- Installing Mastodon the guide is meant for Ubuntu 16.04 but it worked flawlessly on Debian Stretch
- Tuning mastodon performance TODO
- Mastodon admin commands from ruby terminal
- What and how to back up in Mastodon
- Updating to newer versions
Admin community / help
- Mastodon forum some discussions happen here
- Mastodon git issues some happen there
Installation
post.lurk.org followed the mastodon install almost literally since it was one-to-one applicable on debian stretch. Quite boring really.
This means that mastodon runs as the user mastodon. All the mastodon files live in:
/home/mastodon/live/
Differences are:
- When running the interactive set up during install, the smtp address is set as localhost and the postfix relay takes care of the rest.
- Mastodon-web runs on port 3001 instead of 3000, the changes to this are reflected in the systemd service files and in the nginx virtualhost config
Maintenance
It's a beast that gobbles up all the ram. Something to take into account.
For now I've added the mastodon user to a cgroup TODO
Mastodon can be (re)started by:
systemctl stop mastodon-*.service systemctl start mastodon-web.service systemctl start mastodon-sidekiq.service systemctl start mastodon-streaming.service
Performance tweaks
Getting high scores on ssl comparison sites
instances.social automatically rates each fediverse instance using two different SSL testing sites:
- https://tls.imirhil.fr/https/post.lurk.org
- https://observatory.mozilla.org/analyze.html?host=post.lurk.org.
At the time of writing we got A and B (untweaked mastodon config). We are good boys and want to get A+ grades.
weak DH primes
The first is the weak Diffie-Hellman key primes described here and here.
Generate like so (this take a looong time):
cd /etc/ssl/certs openssl dhparam -out dhparam.pem 4096
in the post.lurk.org nginx config we point to this new prime by adding this line:
ssl_dhparam /etc/ssl/certs/dhparam.pem;
Statistics
Via the public API one can see the amount activity per week:
https://post.lurk.org/api/v1/instance/activity
and the amount of instances in the federation a server is connected to:
