systemd is a godsend when you need service control while getting actual work done, at scale.
there are legitimate things to criticize but in general the rants are incompetent preaching to the uninformed.
fox
0 Post – 34 Comments
Joined 1 years ago
I'm going to continue running Debian as I did since 2003 or so.
i'd rather have a mesh of small-ish instances instead of several huge ones, that aside the more people the better.
yeah i too would appreciate keyword-based filters.
that's people in general. i've seen plenty posts here calling to ban 'bad' opinions or defederate instances that allow them.
unfortunately there's no images for 0.18.2-anything yet :(
it's alright, i run a personal server with closed registrations. looking for new communities is a bit glitchy, you might need to search a few times before it appears.
e: one thing i have to note is that docker-related documentation is somewhat inaccurate and, in my opinion, their setup is a bit overcomplicated.
replace the whole build: yaml block with image: dessalines/lemmy:0.17.1
also bump both versions from 0.17.1 to 0.17.4
every time i see this compose file my head hurts
- so much debugging enabled
- two networks for whatever reason
- bespoke logging setup instead of just using system default
- host mounted directories instead of docker volumes
- postgresql exposed for whatever reason
it's a development setup. devs really need to put a production enduser version of this out there.
- why use two networks, instead they shouldn't expose any internal ports if using reverse proxy container within compose (I'm using a separate external load balancer/reverse proxy, so I exposed lemmy & lemmy-backend only);
- stuff like hostname: shouldn't be needed because it usually matches service name;
- instead of using generic nginx container image with custom nginx.conf you need to place somewhere manually they should pre-build a container which would work OOTB with the compose setup, this would also solve current situation where nginx.conf and compose file are seemingly maintained separately because they don't match (i had to change one to match the other);
- a minor thing but i would appreciate environment-based setup instead of needing configuration files (lemmy.hjson) on the filesystem (my ansible-based container deploy system has provisions for this stuff, still its something that i'd rather not have to use...);
- in general compose setup feels like development environment because of all the debugging that is enabled, i think it also tries to build one of lemmy components instead of using an image by default;
it's all minor stuff, really, but it adds up and people who are not particularly savvy might give up on self-hosting lemmy because of if. so some polish and cleanup might be a good idea.
i know there's an ansible role too but i haven't looked through it. i have to do way too much ansible code review & refactoring at work. :)
Syncthing has never failed me.
100% this, it’s kind of weird that it’s not.
unless you depend on a third party, this is a nontrivial problem.
I don't like nextcloud very much but its calendar impelementation is more than good enough. I could use a separate caldav server but outside of nextcloud I couldn't find any functional web frontends. Nextcloud has both and it generally just works. Works just fine with android (calendar sync & todo).
nothing to suggest but i'm absolutely fascinated by your post, op. please post results.
i've lived through the fall of USSR so i consider modern communists incredibly naive but i wouldn't try denying them their freedom to express themselves.
as opposed to people who run around calling everyone they disagree with nazis just so that nobody would dare argue against them.
recent events with beehaw have shown that being on a large instance does not guarantee federation.
i'm all for roaming profiles even though i think the best option is hosting a personal or a friends-only instance - unless you're a colossal asshole nobody will defederate you, you're are not depending on anyone but yourself for your profile and subscriptions, etc etc. this obviously isn't for everyone but the barrier of entry is sufficiently low for people interested in tech and fediverse to do just that.
email has started as a fully distributed system but - for reasons too many to count here - ended up centralized over several huge providers, openly dictating rules to everyone else. i'd rather fediverse not followed this road.
looks very nice, thanks. would appreciate better documenting of SMTP options (login & password) and support for Authelia.
you're looking for zfs set sync=disabled which would bring performance back to acceptable levels. the alternative is using enterprise SSDs.
so it's an electron web app you could instead of in-browser web ui?
NNTP gate would be a cool thing to have, imagine posting via Gnus/Emacs like 20 years ago.
as far as i remember, processes run inside container as root (0:0) end up under your own UID.
everything else gets mapped to those weird UIDs.
very nice, updated with zero issues.
Beantastic.
ingress traffic to lemmy is obvious (CF -> reverse proxy, for example) but what about egress traffic i.e. federation requests? I kind of poked around lemmy backend / issue tracker but didn't find any way to setup a HTTP proxy for backend requests, so your real IP would be visible to any instance you contact, I think.
if you pass all outbound connections through vpn you'll be fine.
re: container logs issue, the proper fix is setting this once in daemon.json (which is what you did) and fixing this issue node-wide instead of adding custom logging into compose files, unless the situation requires it (we had an application which had to use gelf for, oh god) which isn't the case here. i just have an ansible role to deploy docker which configures logging, among other things.
agree that multiple networks may have a use but definitely not in this particular case.
I always see docker compose files like this as a starting point
same here, unfortunately not everyone has necessary expertise to do that, default setup linked on the project page shouldn't be this half-baked.
also, unless they fixed it already, 3 days ago compose file and nginx.conf had mismatching ports so it would just never work ootb.
thanks, I guess I missed it. gonna update ASAP just in case, even though I'm the only user of my instance.
i suggest pointing pictrs to (an external) S3 backend instead of using a pvc in your README example. minio is much easier to deploy than ceph.
S3 support is a good thing, thanks for mentioning it.
i'm hosting lemmy on a vds using an S3 storage hosted at home (over wireguard). :)
i've decided against hosting lemmy at home because there's no way to setup a proxy for outbound connections (or i couldn't find it) so any federation request your lemmy instance makes reveals your home IP to owners of that particular instance.
i think you're overcomplicating this a bit. a list of regexps in the user profile would work.
amazing work, really appreciate your writeup.
supposedly you pay for this software. might as well pay for RHEL too then.
I'm still not sure why would anyone expect privacy on a distributed public forum and how would this even work.