maiion

joined 1 year ago
MODERATOR OF
 

A few weeks passed since my last update, but MaiionChat is now upgraded to Lemmy instance v0.18.3. The upgrade was quick and seamless in the virtual environment with a smaller test database. As expected, the upgrade for the live site was also quick. Aside from the server's CPU resources maxing out processing the much larger postgres database for only the first 3 minutes, everything else was also seamless. The server continues to run as usual, and utilizes slightly less memory compared to previous versions. Release information can be found here: https://github.com/LemmyNet/lemmy/releases/tag/0.18.3

For the sake of transparency, I would like to mention the customizations and additions I made to the instance leading to the v0.18.3 upgrade.

There was a time when this instance did not have picture previews or open graph images (og:image). This was a decision I made initially to prevent the server's space from running out. Aside from the occasional image links, the text only experience got old. Due to that, I enabled image previews on July 14th, and monitored the server usage until July 21st.

During that time, I found out that it took 3 days for the "pictrs" folder to match the size of the "postgres" database folder. At the rate the "pictrs" folder was growing, the server would have no more room after a few months. I did not want to disable picture previews, so I just made a bash script that deletes all pictures after 2 days and runs via cron schedule. If you go to any local community, and go to posts older than 2 days, you will see that most, if not all picture previews are gone.

Still on the topic of pictures, I noticed that activating picture previews added more traffic to this instance. Trying to take advantage of the opportunity, I did a little bit of promotion on another instance, and community subscriptions significantly increased despite the lack of comments on my post. However, my promotion introduced a few trolls who created accounts to deliberately break rule 4 and posted NSFW content. I decided to ban the accounts instead of purging them from the database like I did with the wave of bot accounts from a while ago. The NSFW content that were deliberately posted in the wrong communities were completely purged from the database.

On the topic of the database, I previously learned in an older post that the activity table consumes plenty of server space. What I did in that older post was manual. Since then, I have cleaned the database automatically with another bash script that runs via cron schedule. The bash script will clean the activity table of content older than 1 day every day. Upon setting this, I noticed that if you view the "All" feed and filter by "Active", most of the oldest content will be from 2 days ago. Before this, the "Active" filter had content as old as 1 week. Now, the "Active" filter seems to show the active content up to 2 days.

Please be aware that all these changes were made under v0.18.2

Lastly, since community subscriptions are increasing, I have made the bot, u/QualityControl, a moderator for all the communities. The source code of this bot can be found here: https://github.com/Dakkaron/SquareModBot. I have it filtering unwanted links to Reddit, and I will expand the filter as needed.

My apologies if any of these changes will potentially or have already caused inconveniences to lurkers and existing users.

Edit: Spelling & Grammar

 
Lemmy Community Community Link
c/Collapse [email protected]
c/Futurology [email protected]
c/Environment [email protected]
c/Nature [email protected]
c/Space [email protected]
c/News [email protected]
c/WorkReform [email protected]
c/Bitcoin [email protected]
c/Privacy [email protected]
c/OpenSource [email protected]
c/Technology [email protected]
c/Games [email protected]
c/Anime [email protected]
c/StarWars [email protected]
c/Music [email protected]
c/Movies [email protected]
c/Sports [email protected]
c/Television [email protected]
c/OddlySatisfying [email protected]
c/OddlyTerrifying [email protected]
c/MildlyInfuriating [email protected]
c/MildlyInteresting [email protected]
c/Maps [email protected]
c/Funny [email protected]
c/Books [email protected]
c/Infographics [email protected]
c/TodayILearned [email protected]
c/Memes [email protected]
c/Linux [email protected]
c/Windows [email protected]
c/Android [email protected]
c/Apple [email protected]
c/WallStreetBets [email protected]

Hello, I am the operator of a small Lemmy instance called MaiionChat. Apologies in advance, if this post does not meet the formatting requirements of this community and/or if the number of communities is too excessive or too redundant of other existing communities.

The first 5 communities on the table were created recently. All the communities on the table above have content. Every hour, new content is added automatically by a bot depending on time frame and the source’s availability. All these communities are places that welcome additional content and discussion from anyone from any instance (that aren't blocked).

From this Tor Project forum post, I recently learned that Reddit operates their own onion service. In response, I decided to do the same. This is the onion link to my Lemmy instance:

maiion33jgwybulqceh6a4mum2c4xuoh2rovvwvtcys565zlbc7litqd.onion

While you need the Tor Browser for the link above, you can still access my instance at: https://chat.maiion.com

If there are any communities/subreddits you want me to add, please comment them here or post it in [email protected], and I will see what I can do. Registration is open for anyone interested in viewing and communicating with other Lemmy communities over Tor. Please use a regular email address if you are going to register. Email addresses ending in .onion are not supported on this server.

Lastly, this is something noteworthy from the official Lemmy documentation.

Note that federation is not currently supported over the Tor network. An existing Lemmy instance is required. This procedure will proxy Lemmy though Tor, but federation tasks are still handled by HTTPS on the open internet.

Tor ("The Onion Router") is software designed to circumvent censorship and prevent bad actors from monitoring your activity on the internet by encrypting and distributing network traffic through a decentralized pool of relay servers run by volunteers all over the world.

A Tor hidden service is only accessible through the Tor network using the .onion top-level domain with the official Tor Browser, or any client capable of communicating over a SOCKS5 proxy. Hosting a service on the Tor network is a good way to promote digital privacy and internet freedom.

Source

 

[07/14/2023] Reverted back and running v0.18.2 with no problems for the past day. I simply deleted everything pertaining to v0.18.2 while on v0.18.2-rc.2, and then reinstalled v0.18.2. Everything now should be at the latest version at the time of writing this.


Original Title: [07/12/2023] Downgraded From v0.18.2 back to v0.18.2-rc.2

Out of the recent list of issues found in Lemmy's GitHub, this one stood out to me https://github.com/LemmyNet/lemmy/issues/3588 because it talks about federation problems with comments. For this instance, I noticed that we were not federating at all on v0.18.2 and that if I were to subscribe to a community, it would remain pending no matter how many times I refreshed the page. To figure out what happened, I immediately went to view the server's logs for Lemmy. It was 1.2GB when I first saw it and grew about 16MB every few minutes.

I immediately knew something was wrong. Before opening it, I compressed it and downloaded it off the server to view it on my local device. With more lines in the file than I could go through, the logs did indicate there were errors sending requests to every other instance and communities. There was no personally identifiable information in that log file, and I deleted it completely on both the server and on my local device.

Initially, I thought the problems were due to trying to set up Tor for the Lemmy instance, but the timing of the posts and the log files point to the approximate time I upgraded to v0.18.2. After downgrading to v0.18.2-rc.2, the seemingly static All page with local content was instantly filled with the latest content from other instances. After truncating the logs, it grew to only 7MB after almost an hour. I was also able to "join" the communities that were formerly in the pending state. I will keep this instance on Lemmy v0.18.2-rc.2 until I can learn more.

In the meantime, federation is restored and MaiionChat is accessible over the Tor Network! The link will be at the bottom of the homepage sidebar on https://chat.maiion.com


Edit: Grammar & Updates

2
MaiionChat's Lemmy instance is now accessible over the Tor Network! (maiion33jgwybulqceh6a4mum2c4xuoh2rovvwvtcys565zlbc7litqd.onion)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 

The URL is linked in this post. The link will also be on the homepage sidebar.

maiion33jgwybulqceh6a4mum2c4xuoh2rovvwvtcys565zlbc7litqd.onion

 

In light of the recent exploits, I decided to update this instance's security headers. I am in no way affiliated with the following site, but the grade of my instance's security headers can be viewed here: https://securityheaders.com/?q=https%3A%2F%2Fchat.maiion.com&hide=on&followRedirects=on - Feel free to check other Lemmy instances and sites.

Per this post there was nothing in the custom_emoji_keyword and custom_emoji postgresql tables for me to delete. The image is below.

What I did delete in the database were the contents of the activity table older than 2 days. According to the developers, the "activity table...is basically a duplicate of the data in the main tables, and not necessary. It needs to be periodically cleared of data older than maybe 2 weeks or a month". However, the developers "went with deleting activities older than 6 months".

In an effort to reduce server disk usage, I was able to reduce the 3GB activity table to just under 1GB.

Before

After

Lastly, I updated lemmy-ui to v0.18.2-rc.2 which should address the exploits that happened on other Lemmy instances. The release page can be found here: https://github.com/LemmyNet/lemmy-ui/releases/tag/0.18.2-rc.2

[–] [email protected] 3 points 1 year ago

Update

According to https://github.com/LemmyNet/lemmy-ui/issues/1895#issuecomment-1628318236 and https://github.com/LemmyNet/lemmy-ui/pull/1897, the attack vector afflicting lemmy (dot) world is from the use of custom emojis. MaiionChat does not use and never planned to use custom emojis.

Adding on, another big instance, lemmy (dot) fmhy (dot) ml seems to be down as of writing this. I did not dig around to see if it was voluntary like beehaw (dot) org. Without knowing if malicious intent was involved, I backed up the MaiionChat database onto an encrypted cold storage drive off site as a precautionary measure. Even if malicious intent was not involved, having backups/redundancy is good data practice.

[–] [email protected] 2 points 1 year ago

Adding lemmy.blahaj.zone to the temporary block list. After viewing the link, to their site, it seems the admins have taken their site down to investigate.

 

Update

As of this post, https://lemmy.world/post/1290412, it is clear that the lemmy.world is working behind the scenes to mitigate the attack on their site. In addition, lemmy.blahaj.zone was known to take down their site to investigate a hack. After weighing the risks, we decided to federate with them once again, but we will also remain cautious.


~~Until the lemmy.world admin team can give a statement or until the community fully understands what is going on, MaiionChat will temporarily block the largest Lemmy instance.~~

~~At the moment, I am busy with other priorities, but~~ from what I quickly gathered, please be careful clicking comments that might look like the ones in this post's image: https://chat.maiion.com/post/68406 as it may be linked to an exploit described here: https://lemmy.max-p.me/comment/100796


The MaiionPostBot remains functional for local instance content, but feel free to continue browsing the All feed. Despite these recent events, being on Lemmy is a more engaging experience.

 

Knowing that "Facebook Admits It Was Used to Incite Violence", "Facebook Spreads Fake News Faster Than Any Other Social Website", and that at least "10 Other Facebook Experiments On Users" were conducted, MaiionChat will block Threads due to the company's history violating MaiionChat's instance rules 3 and 5. We are here because we are trying to make and support something better.

In addition to the reasons above, privacy is very important to us here. We believe that Facebook/Meta, Instagram, and now Threads among other tech giants, have questionable privacy practices. In light of the permissions requested by Facebook discussed from this post and the personal data that may be collected by Threads, MaiionChat believes there is sufficient information available to deduce that Threads plans to violate instance rule 2. As far as this article is concerned, an "invasion of privacy" can be classified as a type of harassment.

On another point, we believe there is good reason to be concerned about the harms Embrace, extend, and extinguish could do to the Fediverse. Threads is currently on the Embrace stage:

“Soon, you’ll be able to follow and interact with people on other fediverse platforms, such as Mastodon. They can also find people on Threads using full usernames, such as @[email protected].” Mosseri also noted that the team building Threads wasn’t able to complete the work to support fediverse at launch. “We’re committed to building support for ActivityPub, the protocol behind Mastodon, into this app. We weren’t able to finish it for launch given a number of complications that come along with a decentralized network, but it’s coming,” he said. -Source

To conclude before this gets any longer, MaiionChat will join the list of Lemmy and Mastodon instances blocking Threads.


On a more personal note, I would like to thank the Lemmy developers and contributors for making all of this possible. I wish to report that this instance is now running on v0.18.1. Details of this release can be found here: https://github.com/LemmyNet/lemmy/releases. I would also like to apologize for the down time earlier this afternoon if it interfered with anyone using this instance.

 

07/05/2023

Original Title: Instance Is Now Upgraded to Lemmy Server Image v0.18.1-rc.9 & Lemmy UI Image v0.18.1-rc.10 Original Link: https://github.com/LemmyNet/lemmy/releases/tag/0.18.1-rc.9

After making sure that the new version runs in a virtual environment, I would like to inform the users of this instance that we are now upgraded to the latest images as of this time. The downtime during the transition was 45 seconds.

07/06/2023

Since switching to the release candidates (rc) of v0.18.1, Lemmy has had log in problems/errors on my offline localhost instance. After upgrading to the recently released Lemmy Server Image v0.18.1-rc.10, the issues seem to be fixed. While no errors appear on the live instance, I quickly decided to upgrade the site since being able to log in is a very important feature.

 

Registration for this instance is now fully open. In addition, the rate limit for registration is now at their default values. As a reminder, registration was temporarily closed due to spam/bot accounts. For more details, please refer to this post.

1
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
 

While initially delighted for receiving growth overnight, I found it strange that the users who were signing up were doing so every few seconds and minutes.

All the emails in question utilized the @gmail.com domain and began with common English names followed by a hyphen or underscore with a string of at least 15 random characters.

I highly doubt 309 people would want to use an email address with an extra long string appended to the end of it and share it with other people.

Fortunately, I was able to catch it before it grew into the thousands unlike with some other instances. All 309 accounts have been purged from the database, and the user counter should accurately reflect the correct number of users before this incident. As of writing this, there are only 2 registered users for this instance.

I wish the best for other instance admins who have to deal with more than 309 spam accounts with a legitimate audience. For anyone still reading, particularly admins, I recommend enabling the Require email verification AND Captcha options. I noticed almost immediately that the spam account bots stopped.

While nothing too unfortunate happened, I also wish to apologize on the chance someone had a legitimate account and was lurking here or on another instance.

06/21/2023

 

Port forwarding in general has added value if you are wanting to allow a friend or family to access a service running behind our VPN. This could be a legitimate website, a game server, or even access to your self-hosted server. Unfortunately port forwarding also allows avenues for abuse, which in some cases can result in a far worse experience for the majority of our users. Regrettably individuals have frequently used this feature to host undesirable content and malicious services from ports that are forwarded from our VPN servers. This has led to law enforcement contacting us, our IPs getting blacklisted, and hosting providers cancelling us. The result is that it affects the majority of our users negatively, because they cannot use our service without having services being blocked. The abuse vector of port forwarding has caught up with us, and today we announce the discontinuation of support for port forwarding. This means that if you are a user of forwarded ports, you will not be able to add or modify the ports you have in use. We have removed the ability to add port forwards on all accounts.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago)

I've recreated around 30 subreddits into communities with different icons and banners on my instance. Most of those communities remain empty, but I welcome anyone wanting to post content. You can check out some of the communities I created here. I don't know if some topics are of your interest.

To respect the rules of the lemmy.world instance and community, I want to disclose that my server is nowhere near as powerful as the specifications of the lemmy.world server indicated in this post. Nevertheless, I started my own instance because I wanted to do my part and support the decentralized nature of federated social networks. I also believe we do not truly know what will happen after July 1, and whether or not the more populated lemmy instances such as this one will get overloaded.

view more: next ›