Counterpoint: Good?

The fediverse has no global identity system. Just like how temporary email addresses protect YOU from spam, disallowing them protects volunteer-run services like Mastodon, Piefed, Lemmy et al from spam (and trolls, etc).

I do not approve any registration applications from throwaway email providers. Also, volunteer-run services are much less likely to use your email address for nefarious purposes. Data breaches are another thing, but TBH, most of the spam I get is from spammers just spraying out to anything that’s formatted like an email address. Not sure about Mastodon, but Lemmy and Piefed do not reveal your email address to anyone (admin can only see it during singup and in the database). At least in Lemmy, the passwords are hashed, but the standard advice to use a unique password per service applies so that in the event of a data breach, the email+password combo will only compromise that single service.

I guess the moral of the story is to save the tinfoil hats for BigTech™ and show the Fediverse people, who are trying to do better, that you’re here with good intentions. As an admin, I’ve seen more spam, trolls, and n’eer-do-wells signup with throwaway emails than people who are here because they want to be here, and to a severe enough degree that I will no longer accept registrations using such services.

Then you really should list all of the secondary functions you plan to add to it, make sure they understand what those are, and agree to each of them: full disclosure.

If you do something on it that could get them in trouble, it’s their ass on the line, not yours.

Are you friends okay with you doing that? I would not be, especially if my so-called friend didn’t disclose the secondary operations of the device that’s in my home, on my internet connection, under my name.

Oh, yeah, that goes without saying. Report anyone whose behavior warrants it. I’m just mainly reminding people that blocking can be a way to take control of your experience. It took me a while to fully appreciate the block button and get over my FOMO (in the earlier days of Lemmy, blocking even a few people would cut down the amount of content drastically; thankfully that’s no longer the case).

Semi-specific (but still intentionally vague) example for “block” candidates are some accounts that even the mods are like “Look, I don’t like them either, but they’re not breaking any rules”. But, in general, just don’t be afraid to block what or whoever stresses you out.

The point of my post is protecting one’s own mental health. I’m not here to police the Fediverse. Report people if it’s warranted, block if they’re a source of stress or make the place unenjoyable.

That’s like the “install uBlock Origin” first step as far as I’m concerned lol.

I think it’s less about having strong opinions and more with how those are expressed. But either way, you’re here with a good attitude, and that’s appreciated.

Good to know, and yeah, kind of matches what I’ve observed. I tend to permaban outright trolls, but yeah, they usually spin up a new account and never come back to that, so it’s probably overkill. I guess I just don’t like leaving the door open for them to come back…just in case lol.

True. If it’s report-worthy, absolutely. But there are certainly accounts that aren’t violating any rules but can still be a source of stress. Those are often the “rules lawyer” type who knows exactly how to stay right on the line without crossing it.

Counterpoint is that if that person is finally banned, they’re 9 times out of 10 just going to spin up a new alt and start back up with the same shtick. If everyone just blocks them, they’re just shouting into the wind wondering why no one’s taking their bait. I dislike how Reddit had “shadow bans”, but I can see how they would be effective when used surgically.

Last post to their announcement community said there was scheduled maintenance:

Guessing maybe that went Tango Uniform? It was edited 17 hours ago, and while there’s no revision history, it looks like they tagged it “Ongoing” so perhaps there’s a process taking longer than expected.

Tesseract did that a couple releases ago. All images in DMs are disabled by default and you have to hit a switch to show them (like how email clients work when you have images disabled.). Not sure if others have done similar, but that feature was a direct result of this (before it took a dark turn).

I use SnappyMail. It’s a fork of Rainloop that’s actually maintained.

https://github.com/the-djmaze/snappymail

And unlike Rainloop, the Sieve filter editor actually works.

Because the Electoral College has worked out so well for us here in the US. /s

As someone who’s actual real life votes have been watered down all my life, I really don’t want to apply that logic elsewhere.

Why not just make new account’s votes only count for 3/5 of a vote and send those in aggregate? /s

The real solution is to be aware of unmoderated / malicious instances. Vote manipulation is something I actively watch for, and I didn’t even see this campaign because I’d already defederated from both of the identified instances as they were already frequent sources of spam. After looking into them, neither seemed actively moderated and both had open signups. Doesn’t take a rocket surgeon to figure out how that’s going to end up.

It seems only the first Lemmy community URL gets crossposted (I was able to post to when it was the first Lemmy URL).

I hope to god that’s intentional on Lemmy’s side as a spam-prevention measure.

I have a single Nginx setup which is the frontend for all my web services. So I only need to deploy it there (and to its HA partner). My renewal script just scp’s it to the secondary and does an nginx -s reload on both.

I do generate separate certs/keys for my non-web servers, but there’s only two of those.

You could also, if you wanted, just generate one cert and distribute it and its key to everything with a script or other automation tool (Ansible is what I used to use).

Is there a way I can get Let’s Encrypt to dole out a wildcard certificate

Yep. Just specify the domains yourdomain.com and *.yourdomain.com in the certbot request. Wildcard domains require the DNS-based challenge, but you’ve said you’re already good there. You don’t technically need the apex domain (yourdomain.com) but I always add it since I do have services running there.

Any subdomains under the wildcard can use internal DNS or internal IPs on the public DNS (I do the former, but the latter works too).

I used to run an internal CA, and it wasn’t too hard to setup a CA and distribute my root cert. Except on mobile devices. On Android it was easy, but there was a persistent warning that my network traffic could be intercepted (which is true when there’s a custom root cert installed), but it since it was my cert, it got annoying seeing that all the time. Not sure if Apple devices can even do that, but regardless, it wasn’t practical for friends who wanted to use my self-hosted services to install a custom cert when they were over.

Is there EV support?

Looks like it, yeah:

The UI still shows Fuel, but it seems like you can enter the kWh and it should calculate. Maybe plug some values into the demo to be sure. If you do, let us know!

I use Fireflyiii for my money and budgeting.

I don’t see why not. I haven’t stood it up yet, but I’ve played with the demo. It does have a section for parts/repairs/upgrades.

Give the demo a try, and let us know.

Yeah, building a simpler version of something like that was on my ever-growing “to do” list but came across this today. Probably going to deploy it this evening or maybe this weekend (whichever day it’s supposed to rain lol).