Never hurts. Could be a good opportunity to look around the threadiverse and see if you find anything interesting.
However, as it only affects the domain, I expect the Lemmy developers will manage to migrate user data to the new domain should lemmy.ml go down. So your account won't just disappear, but it might go down for a while. It might also affect communities hosted on .ml domains, as followers from other instances will not have the correct path any more.
Re-federation is probably possible. BUT! You're going to always have problems with older content. Case in point my federation error messages is at 2300. About half are failed requests on fmhy.ml.
So for re-federation what's needed:
1: Remote instances should unsubscribe all users from any fmhy groups. They're dead now. They can only announce that and hope they do. I reckon when their errors start ramping up (as I saw yesterday) they will be looking into why. Probably to help de-federate from the old URL
2: The fmhy instance should unsubscribe all users from all remote groups but keep a note of the groups while identifying as fmhy.ml. Then once on a configuration for the new domain re-subscribe to each one. The first step should hopefully stop them trying (and failing) to federate new events to the old URL. The second step should trigger federation with the new one.
3: They could be able to keep the DB. But I am not sure in what places the old domain might be stored in the DB and what would need fixing there. Also not sure if they'd need to regenerate keys. Not sure if they'll see the key was attached to the old domain and refuse to talk to the instance.
Now what's going to be a problem? Well ALL the existing content out there has references to users on the old domain. It's VERY hard to fix that. Like every instance would need to fix their database. Not worth it. But, whenever someone likes/unlikes or comments or whatever a post made from fmhy.ml then there's a good chance a remote instance will queue up a retrieval of:
1: User info about the poster/commentor/liker
2: Missing comments/posts for a like/comment event
And those will fail and error log. I don't think there's a way around that aside from editing the whole database on every instance. Again, IMO not worth it.
Would be a nice federation feature if, provided you could identify with the correct private key, announce a domain change which would automatically trigger the above in federated instances, or at the very least some kind of internal redirect for outgoing messages.
I can understand why refederation needs to be done manually, but I’m confused as to why transferring users and histories is a maybe. Web and database hosting are mutually exclusive from domain hosting/registration.
With ActivityPub all of the primary ids contain the domain of the hosting server. So if you lose your domain none of the other instances know that you’re the authority on those communities, posts, comments or users. So essentially federation breaks with all of the old data.
Freenom gives away domains, many of which are used by phishers and other bad actors. Meta is suing them for not being responsive to their complaints about this. And I guess the injury inflicted on their users by phishers.
My comment is purely about new servers being set up. It’s decentralized but there is a massive margin of users on certain servers. It’s always a non-zero chance of something going wrong, but the fediverse shouldn’t be without responsibility and efforts to improve. If it’s know that certain TLDs are likely to take back a domain, then don’t use them.
there’s a non-zero chance my house can be hit by the shockwave a meteorite
More like “there’s a non-zero chance that country-based TLDs are more risky”
One has real data behind it, one is a literal random basis
I’m assuming they’ve run afoul of something similar to the DMCA safe harbor provisions. Basically under the DMCA a hosting provider isn’t responsible for violations due to user submitted content as long as they’re responsive to notifications and remove the content quickly when notified.
Now that applies to copyright not domain names, but I’m assuming there’s some kind of similar law at play. Meta has said that Freenom has been ignoring complaints about domains registered with them that are being used for phishing attacks. It could also be a DMCA issue because I think it does have some anti-domainsquating provisions in it that prevent you from E.G. registering say cocacola.ml as you aren’t the holder of that trademark.
In theory depending on where Freenom is run out of they might be able to just ignore the lawsuit, but it’s probable that doing so will get them blocked by various ISPs and organizations.
Yes, but it is very quick and cheap to get a domain validated cert from a CA that is generally trusted by most web browsers, so once the bad actor has the domain, the should be able to trick most users, only maybe certificate pinning might help, but that is not widely used.
set up a base LDAP directory structure (OUs/Organizational Units, I only use 3 OUs: system, users and groups)
an admin user in the LDAP directory (mine is admin directly at the base of the LDAP directory)
(optional but recommended) a so-called bind user in the LDAP directory (unvprivileged account that can only list/read users/groups) (mine is bind under the system OU)
(optional) groups to map users to their roles (e.g. only users in access_jellyfin are allowed to login to jellyfin)
actual user accounts, member of one or more groups if needed
When you login to an application/service configured to use the LDAP authentication backend, it connects to the LDAP directory using the bind user credentials, and checks that the user exists (depending on how you configured the application either by name, uid, email…) , that the password you provided matches the hash stored in the LDAP directory, optionally that the user is part of the required groups. Then it allows or denies access.
There’s not much else to it:
you can also do without the bind account but I wouldn’t recommend it (either configure your applications to use the admin user in which case they have admin access to the LDAP directory… not good. Or allow anonymous read-only access to the LDAP directory - also not ideal).
slapd stores its configuration (admin user/password, log level…) inside the LDAP directory itself as attributes of a special entity (cn=config), so to access or modify it you have to use LDIF files and the ldapadd/ldapmodify commands, or use a convenient wrapper like the ansible modules tools used above.
once this is set up, you can forget LDIF files and use a web interface to manage contents of the LDAP directory.
OUs and groups are different and do not serve the same purpose, OUs are just hierarchical levels (like folders) inside your LDAP tree. groups can contain multiple users/users can have multiple groups so they’re like “labels” without a notion of hierarchy. You can do without OUs and stash everything at the top level of the directory, but it’s messy.
users (or other entities) have several attributes (common name, firstname, lastname, email, uid, password, description… it can contain anything really, it’s just a directory service)
LDAP is hierarchical by nature, so user with Common Name (CN) jane.doe in OU users in the directory for domain example.org has the Distinguished Name (DC) cn=jane.doe,ou=users,dc=example,dc=org. Think of it like /path/to/file.
to look for a particular object you use filters which are just a search syntax to match specific entities (object classes) (users are inetOrgPersons, groups are posixGroups…) and attributes (uid, cn, email, phonenumber…). Usually applications that support LDAP come with predefined filters to look for users in specific groups, etc.
I selfhost on a cheap VPS I found on LowEndBox. The security setup (not SimpleLogin) was more involved than SimpleLogin. Pretty easy to get working and I’ve had not a single issue in 1.5 years of selfhosting it. I pay $11/yr for the VPS compared to $30/yr for SimpleLogin.
With regard to your specific questions - I’ve only selfhosted for myself with one domain. You can add multiple users and domains though.
Yeah, I didn’t care for it while I was a reddit user. The guy literally doesn’t care if you post ‘fuck /u/spez’ randomly in a comment section. Why let the guy live rent free in your head when you can step away from his domain and influence and never bothered again?
Can't yet, just have to block individual communities. Kbin users can block domains, but that's not the same as blocking instances. For example, you can block imgur.com to avoid seeing posts that link to imgur.
I used a public instance of Piped for a while and thought about selfhosting it, but the installation process was incredibly hard, to the point of being obnoxious, and in the end, it didn’t even work. I liked the features I saw on the public instances and would like to revisit it some time. Until there I’m using Viewtube....
If you set it up correctly it defaults to a specific flag state if it can’t connect. I.e. always show the user the old treatment instead of the new if you can request the actual state of their enrollment.
They get blocked constantly and my old company just routed the requests through our domain so they’d stop getting blocked
It’s crazy how easy this recent drama has made leaving Reddit for me. Saw all the user-hostile changes and just deleted my Reddit apps and have only been visiting it via google searches on very domain-specific knowledge.
So I’ve been starting to look further into the Fediverse and using it a lot more than any other part of the internet at this point. I wanna know the reasons why people might prefer Lemmy or Mastodon, I have both but seem to lean towards Lemmy for some reason, but not sure why maybe it’s the simple design and you can find...
Oh I didn’t release there was that much difference between Kbin and Lemmy, I knew they were similar but I didn’t release they sort of work together a bit more.
More than that too. Different coding, better (subjectively) UI, you can block users, communities, domains, and (coming 'soon') instances, the stuff I mentioned, plus we can see upvotes/downvotes and who did them on threads and comments like admins on lemmy can. Not sure if lemmy has userstyles yet via tampermonkey and the like, but we got tons too to customize the UI and add extra features, there's even a Kbin Enhancement Suite now lol.
Only drawback is the dev(s) don't have an API yet, so no apps at this time. Several apps are ready to add kbin once the API is up tho, and the mobile kbin is real damn good so it's hard to complain on that 1 point. I made a Beehaw and Kbin account at the same time, haven't touched Beehaw in weeks lol.
most people i know use google by searching whatever question they have and including the word “reddit” at the end to find reddit threads since it currently has the most useful information....
I’ve been playing with googles search indexing and my personal instance. My instance is a subdomain named lemmy of my vanity URL I’ve kept for years. One thing I’ve noticed is that even though I run an instance with one user and one community, my personal website under the domain - which is static and lame - has risen from 50th to 23rd with certain search terms.
My point relative to the original question is that lemmy seems to be inherently interesting to googles crawlers and spiders and wtevs.
no kidding, that's the kind of thing that after the first few times it happens, someone from product should flag this and build in a system with redundant checks if you want to send mail to .ml, like:
The user has to have permission to send to .ml in the first place
Any individual .ml address they want to send to has to be whitelisted in a separate UI from email compose (possibly excluding replies)
Any time they send to .ml (or any external domain), the recipient box turns a different color, and there's a notice, CURRENTLY SENDING TO AN EXTERNAL DOMAIN
with a list of all external domains included eg you could also be sending to a contractor
and a count of the domains
Any .ml sent mail is auto delayed by a couple minutes and requires you to confirm you wanted to send it (again possibly excluding replies)
I would hope there's also some flags emails can have for whatever sensitive info levels, these should also come with automatic client-side and server-side validation that you're not sending them to someone who you shouldn't.
This is not an attempt to convert Lemmy users, nor is it a slight on Lemmy. I'm sure there are plenty of reasons why Lemmy works better for some, and I love the fact that we not only have multiple choices, but multiple choices that allow us to interact with each other regardless! It's amazing. Lemmy is great, no shade....
Yeah the current challenge with searching is if no one has subscribed to a magazine or user on another instance, you have to search the exact name@domain to get it to show up. Ideally Kbin instances would implement a user bot that subscribes to all the users and communities it can scrape from all federated instances until this search limitation is fixed.
The AI boom is screwing over Gen Z | ChatGPT is commandeering the mundane tasks that young employees have relied on to advance their careers.::ChatGPT is commandeering the tasks that young employees rely on to advance their careers. That’s going to crush Gen Z’s career path.
You clearly never worked in an expert knowledge area.
In any complex enough domain knowledge there are elements you can only ever learn from doing it for real, with real requirements and real users.
With my career spanning 4 countries I have yet to see somebody straight out of uni that could just drop-in and start working at mid-level, and that includes the trully gifted types who did that stuff at home for fun.
How many junior professionals have you hired (or at least interviewed as domain expert) and how many have you led in your career?!
I’ll refrain from pulling rank here (I could, but having lots of experience and professional seniority doesn’t mean I know everything and besides, let’s keep it serious) so I’m just wondering what kind of engineering area do you work in (if it’s not too much to ask) and what in your career has led you to believe that formal education is capable of bridging any training gap that might form if the junior-professional-stage dissapears?
In my professional area, software development, all I’ve seen so far is that there are elements of experience which formal education won’t teach and my own experience with professional education (training courses) is that they provide you with knowledge, maybe a few techniques, but not professional insight on things like choosing which elements are best for which situation.
This is not to say that education has no value (in fact, I believe it’s the opposite: even the seemingly “too theoretical to be useful” can very much turn out to be essential in solving something highly practical: for example, I’ve used immenselly obscure knowledge of microprocessor architectures in the design of high performance distributed software systems for investment banks, which was pretty unexpected when I learned that stuff in an EE Degree). My point is that things such a “scoping a job”, “selecting the better tool for the job” and even estimating risk and acceptability of it in using certain practices for certain parts of a job, aren’t at all taught in formal education and I can’t really see the pathway in the Business Process (the expression in a Requirements Analysis sense, rather than saying it’s all a business) of Education which will result in both formalizing the teaching of such things and in attracting those who can teach it with knowledge.
Maybe the Education System can find a way of doing it, but we can hardly bet that it will and will do so before any problems from an AI-induced junior-level training gap materialises (i.e. there won’t be any pressure for it before things are blowing up because of a lack of mid-level and above professionals, by which time it there will be at least a decade of problems already in the pipeline).
I’ve actually mentored several junior and mid-level developers and have mainly made them aware of potential pitfalls they couldn’t see (often considerations which were outside the nitty gritty details of programming and yet had massive impact on what needed to be programmed), additional implications of certain choices which they weren’t at all aware of and pointed to them the judgment flaws that lead them to dead-ends, but they still need to actually have real situations with real consequences to, at an emotional-level, interiorise the value of certain practices that at first sight seem counterproductive otherwise they either don’t do it unless forced to (and we need programmers, not code monkeys that need constant surveillance) or do it as a mindless habit, hence also when not appropriate.
Maybe what you think of as “junior” is a code-monkey, which is what I think of as “people who shouldn’t even be in the profession” so you’re picturing the kind of teaching that’s the transmission of “do it like this” recipes that a typical code monkey nowadays finds via Google, whilst I’m picturing developers to whom you can say “here’s a small problem part of a big thing, come up with a way to solve it”, which is a set of practices that’s way harder to teach even in the practical classes on an Educational environment because it’s a synthetic environment with were projects have simulated needs and the consequences of one’s mistakes are way lower.
PS: Mind you, you did put me thinking about how we could teach this stuff in a formal educational context, but I really don’t have an answer for that as even one-to-one mentoring is limited if you’re not dealing with real projects, with real world users (and their real world needs and demands) and implications and real lifecycles (which are measured in years, not “one semester”). I mean, you can have learning placements in real companies, but that’s just working at a junior-level but with a different job title and without paying people a salary.
Hubzilla is a "social content management system", so-to-speak. It's actually an absolute feature monster.
It's kind of a derivative of Friendica by Friendica's own developer who also created the protocols that each one of them is based on (DFRN for Friendica, Zot for Hubzilla). It inherited several features from Friendica: Post length is virtually unlimited. Text formatting is supported through BBcode which includes embedding of images and other media within the text, and which has been enhanced further on Hubzilla. Both have supported public groups/forums from the beginning, as well as a public calendar.
Friendica had organisation of contacts in groups before Diaspora*'s aspects (which some think were the first of their kind), let alone Google+'s circles (which everyone else thinks were the first of their kind), but Hubzilla expanded them with privacy features. Generally, Hubzilla has one of the most advanced access/permission control systems in the Fediverse.
Both have built-in file hosting which is also used for embedded images and other media. Instead of your pictures being stored "somewhere", you always know where they are because you've put them there.
Friendica mostly became famous for the many services and protocols it federated with. Diaspora*, OStatus, e-mail, RSS (in both directions), WordPress (with no plug-in in WordPress), Tumblr, Libertree, Twitter (!), even Facebook (!!!) for a few months before Facebook changed its TOS. Hubzilla took most of these connectors over.
Now comes some of what Hubzilla has on top, some of which is optional and has to be activated by the user:
WebDAV access for the file space
private CardDAV address book (I'm not kidding)
an additional system of private CalDAV calendars (yes, separate from the calendar inherited from Friendica)
long-form article writing using BBcode (and I'm not talking about posts, this is fully separate and a nice way of showing formatted text with embedded pictures to Mastodon users)
a wiki system based on BBcode and Markdown + a bit of HTML, allowing for multiple wikis (I'm still not kidding)
a simple webpage engine based on BBcode, Markdown and HTML
That's why Hubzilla is a "social CMS". You can do everything with it and then some, just pick what you need. The official Hubzilla website itself is a Hubzilla channel.
Speaking of which: One major organisational difference between Hubzilla and almost the entire rest of the Fediverse is that your content is not stored in your account. Hubzilla (when it was still young, in development and named Red Matrix) introduced a system of "channels". That's where your content goes.
When you register your first account, you automatically create a channel along with it. The channel is your home, your online identity. The account is only necessary to access the channel. You can have multiple channels on the same account, i.e. multiple fully separate identities with one login, and you can switch between them while logged in. Of course, on top of that, Hubzilla still has Friendica's feature of multiple profiles per channel (per account on Friendica) so that you can show the same identity to different connections in different ways and with different details.
The channel system became necessary for the introduction of another one of Hubzilla's killer features: nomadic identity. This goes way beyond account migration. Essentially, you can have the same channel on multiple hubs. Not independent, disconnected copies, but the exact same channel with the exact same content and even the exact same identity.
It works this way: When you register an account on another hub, and you already have a channel, you can choose to clone that channel to the new hub. Not only does this create an identical copy of your channel with everything in it. It also links the original ("primary instance") and the copy ("clone") together and makes sure they always stay in sync. So whatever happens to change on one instance is mirrored to the other one in near-real-time.
You can basically have as many clones as you want to have. If one instance goes down, the others continue to work. And if you have multiple channels, you can mirror them to separate hubs; you don't have to have all of them on the same hubs.
The ID is derived from the hub which the primary instance is on and includes its domain name. The primary hub can be switched if necessary, for example if your original primary hub will or has shut down. This will also change your ID accordingly. One downside is that you have to re-connect all your non-nomadic bidirectional connections (Mastodon, Lemmy, Diaspora*, Friendica etc.).
Last but not least, another nice feature introduced by Hubzilla is a single sign-on system called OpenWebAuth. When you're logged into any hub on which you have an account, and you visit any other Hubzilla hub or other website that supports OpenWebAuth, your login credentials are recognised, and you're treated like logged into that site, only that you obviously don't have all features you'd have with a local account. So you can post directly onto the "walls" of other Hubzilla channels, regardless of on which hubs they reside, but you can't create a channel without an account. Mastodon is said to plan to introduce OpenWebAuth, too.
There's another Fediverse project with nomadic identity, by the same developer yet again. The result of of a long and somewhat convoluted series of forks from Red Matrix which persisted beyond Hubzilla's stable release as an experimental platform.
The project itself is deliberately, intentionally nameless (!) and brandless. But since the code repository needed a name, it was named Streams. So the project is commonly being referred to as (streams), but most instances don't identify as that; they tend to have individual identifications and logos because these can be customised.
In comparison with Hubzilla, (streams) is cut down a lot, offering only Friendica-level "basics" and external federation only with ActivityPub which, on the other hand, is greatly improved.
The original idea behind (streams) is no longer to have a jack-of-all-trades that has all kinds of features imaginable and unimaginable readily built in for admins and then users to activate. This part of Hubzilla's concept made it rather unfit for specialised hubs because the hub admin first had to remove what was unnecessary.
(streams), on the other hand, is fairly bare-bone, and the idea is that creative admins capable of coding can and shall develop their own additions on top of it, ideally also share them. At the same time, (streams) gained some interesting new features such as additional Markdown and HTML support in posts.
Since (streams) is based on a newer version of Zot, now named Nomad, it federates with Hubzilla quite well, and both understand the other's nomadic features. It's even possible to mirror a Hubzilla channel to (streams) (minus the features that (streams) lacks, of course), but not the other way around.
You can’t really go wrong with any of those. They are both very solid options. Having said that, if I had to recommend one, I’d go with Adguard, because:
The interface is better. Most notably the query log interface. Searching the logs with some long time span makes Pihole spike in memory usage and is super slow. (there’s no server-side pagination)
Custom filters are more powerful thanks to modifiers, which AFAIK Pihole does not support. Some of it can be configured via dnsmasq (without user friendly interface), some I had not found any solution for. Good example is dnstype modifier, which I sometimes use to block AAAA responses for sites, that have set AAAA records, but the service actually does not work over IPv6. So I can disable IPv6 for certain domains if I need to. (or other way around, force IPv6 only)
Some of the above might have changed, I haven’t used Pihole for about a year.
lemmy.fmhy.ml is gone [update from the team] (very.bignutty.xyz)
An update:...
Welp that answers a lot of why all .ml are down (i.imgur.com)
very.bignutty.xyz/notes/9hf13it1ced3b2za
What Self-Hosted Single Sign-On (SSO) do you use?
I have a lot of different services which I self host for me and my family like:...
SimpleLogin
Hi Lemmings, Has anyone here self hosted a SimpleLogin instance? Would you recommend it compared to paying for their service?...
We should start calling u/spez by his real name. Because most people won’t know who he is if he shows up somewhere else in future.
Admittedly there is a lot of content, though. (lemmy.zip)
Just installed Viewtube. What's your favorite alternative youtube frontend ?
I used a public instance of Piped for a while and thought about selfhosting it, but the installation process was incredibly hard, to the point of being obnoxious, and in the end, it didn’t even work. I liked the features I saw on the public instances and would like to revisit it some time. Until there I’m using Viewtube....
Ally (bank)mobile app fails without connection to graph.facebook.com (lemmy.world)
Not sure if this is a good place for this post or not, but here goes....
Reddit Tries to Get Users to Pay by Making App Icon Ugly (9to5mac.com)
Mastodon or Lemmy
So I’ve been starting to look further into the Fediverse and using it a lot more than any other part of the internet at this point. I wanna know the reasons why people might prefer Lemmy or Mastodon, I have both but seem to lean towards Lemmy for some reason, but not sure why maybe it’s the simple design and you can find...
Guide to Self-Hosting Lemmy with Individual Containers & Existing NGINX Instance.
Problem Statement...
How can we improve Lemmy’s SEO so we can google “(question) lemmy” instead of relying on “(question) reddit”
most people i know use google by searching whatever question they have and including the word “reddit” at the end to find reddit threads since it currently has the most useful information....
An email typo has reportedly sent millions of US military messages to Mali (www.engadget.com)
‘This risk is real and could be exploited by adversaries of the US,’ warned the Dutch whistleblower who discovered them.
YSK that a lot of common questions/complaints about Lemmy are presently answered by kbin (kbin.social)
This is not an attempt to convert Lemmy users, nor is it a slight on Lemmy. I'm sure there are plenty of reasons why Lemmy works better for some, and I love the fact that we not only have multiple choices, but multiple choices that allow us to interact with each other regardless! It's amazing. Lemmy is great, no shade....
The AI boom is screwing over Gen Z | ChatGPT is commandeering the mundane tasks that young employees have relied on to advance their careers. (www.businessinsider.com)
The AI boom is screwing over Gen Z | ChatGPT is commandeering the mundane tasks that young employees have relied on to advance their careers.::ChatGPT is commandeering the tasks that young employees rely on to advance their careers. That’s going to crush Gen Z’s career path.
error loading post text
error loading post text
Pihole vs AdGuard Home
Hey, not sure if this is the right community, but looking for some information....