I have a Lenovo ThinkPad T430 that is by now almost 10 years old, it runs perfectly on Linux and is a fantastic choice even today. It's built like a tank and that Intel i5 powering it is immortal. DDR3 RAM is dirt cheap now and it takes up to 16Gb, you can swap its HDD to a SATA SSD (if not done already) and batteries for it are still cheap and plentiful.
If you're looking for something affordable for software dev, I can't think of a better choice for $200-$300
https://www.lenovo.com/lt/lt/laptops/thinkpad/t-series/t430/
They really built this one right, they don't make them like this anymore.
This is a Lemmy-ui bug, not related to CDN/cache.
I had submitted a bug report for it some time ago but it's not that urgent in the great scheme of things so they didn't get around to it yet: https://github.com/LemmyNet/lemmy-ui/issues/1865
(the report speaks about this happening after you log in, but it's the same thing).
This is insanely bad. I don' t know how they can recover from something this catastrophic.
CloudNordic is a market leading Cloud Computing and Enterprise Hosting distributor and wholesaler, offering Software as a Service to Resellers and End Customers.
CloudNordic offers Resellers a complete Cloud Computing platform and portfolio, including Virtual Servers, Hosted Exchange, Hosted SharePoint, IASO Backup, Shared Web Hosting, Domains and SSL certificate encryption.
So they likely have business customers that lost all of their e-mails, business files, servers, etc. Now that is a bad day at the office.
Awesome project and the tool looks great - nice work!
There was an existing tool which was similar: https://federation-checker.vercel.app/
Yours is definitely nicer.
A couple of days ago a newcomer started a new community called "Controversial ideas" and began posting content.
I originally took it at face value, however it quickly became apparent that the "controversial ideas" were all just different angles of trying to normalize relationships between adults and under-age teenagers, under the guise of pseudo-intellectual debate on age of consent laws, brain development, etc.
A bit of digging made it clear that this was an individual with an agenda. He had started similar communities on several other instances using different usernames, all with the same objective and approach. His multitude of other social media accounts told a similar story and included real hot takes such as this one:
This individual has been banned and the community removed.
I don't know how much clearer I can make it that this kind of shit isn't and will never be tolerated here.
Seeing as this was the second pedophile that tried to set up shop here in the past month, I've become a bit concerned that there may be something about our previous mascot that is giving off the wrong impression. Maybe the mouse is too childish? Maybe it looks too young? I really don't know, but I've decided to change it just in case.
Our new mascot is much more aggressive, hopefully it sends the right message. I welcome your feedback on it.
This post keeps track of all instances that Lemdit is no longer federated with and the reason why they were blocked.
The Lemdit ethos sets out our stance on federation, notably: >Defederating from other instances is an absolute last resort and we will only do so under the following circumstances: > > - If their content has the potential to get us into legal trouble > - If they are acting as an attack vector towards us
---
10 July 2023
burggit.moe / lemmy.burger.rodeo - Defederated due to legal concerns. They host loli porn (cartoon porn depicting underage characters).
---
01 August 2023
lemmy.comfysnug.space - Defederated due to legal concerns. They host loli porn (cartoon porn depicting underage characters).
---
08 August 2023
detroitriotcity.com - Defederated due to legal concerns. I don't even know where to start with this one, they appear to host a suite of things that are illegal, among which loli porn (cartoon porn depicting underage characters).
---
Defederation explained
All Fediverse instances talk to each other. When you search for a community, for example, you will get results from any instance that has a community that matches your search terms.
If you subscribe to a community from another instance, then all content posted to that community will automatically be "federated" (shared) with our instance. In practical terms, this means our server downloads and stores a copy of that content so that it can display it to you and everybody else on our instance. This is the content you see when you click on "All" from the menu at the top:
To "defederate" is to ban an instance from sharing content with us. This means that when you search for content, you will not get any results from them. There is no ability to subscribe to their communities and anything they post on their instance will not be shared with our server.
I consider this to be an extreme measure, which is why we reserve it for servers that purposefully allow content that is illegal in our country of jurisdiction (New Zealand). Not doing so would put us at risk, since our server can potentially store a copy of content that is illegal.
Lemmy 0.18.4 was released today and Lemdit has been updated to it.
You may have noticed a 5 minute outage earlier while this was happening.
This release is mostly a bug fix, which is welcomed news. You can find the full release notes here: https://github.com/LemmyNet/lemmy/blob/main/RELEASES.md
As always, please let me know if you encounter any weird behavior.
Hey, thanks for your feedback. I like your idea of labeling Cloudflared services, reporting is indeed a bit tricky for those especially if they use "Always online" to serve cached copies while the instance is down. I have some ideas on how to combat that, but labeling them also makes sense.
I can add tags against services - I have done this for ani.social as a proof of concept, I think it works but I welcome feedback. Sorting through the entire list is a bit daunting and will take me a while, but I'll get there.
Manually adjusting availability is a can of worms that I don't want to open, I'd rather we try to find other ways to level the playing field.
> An alternative web client for Lemmy with the UI of Xylo
The Lemdit Photon instance can be accessed at https://p.lemdit.com
You can find more info on Photon here: https://github.com/Xyphyn/photon
Yes it was changed some time ago: https://github.com/LemmyNet/joinlemmy-site/pull/170
I think you're one "active user" short of being back on there:
I believe you need 5 to be listed.
I've updated the post to include clickable URLs. Lesson learnt that I shouldn't rely on clients to treat domain names as links.
Thanks for your feedback. I like your idea, I'll have a look into what I can do to make it happen.
Absolutely!
Uptime Kuma Github: https://github.com/louislam/uptime-kuma
Note that I am not the creator of Uptime Kuma, https://github.com/louislam gets all the credit there.
It's just a play on words: Le(mmy) + Stat(us) or Le Stat(us)
I think it's short and easy to remember, the fact that it's also the name of a famous vampire is just a bonus.
Https HEAD requests - I find it yields accurate results for Lemmy and it's extremely light on bandwidth.
Hey thanks for your feedback. I've made them all URLs now.
Search and sort are tricky as it's not something Uptime Kuma status pages can do, I'll look into what can be done there.
Of all the ones to miss!
Thanks for pointing it out, I've added it now.
cross-posted from: https://lemdit.com/post/408034
I like keeping across what is happening with other Lemmy instances so lestat.org was born out of this curiosity.
URL: https://lestat.org
It's similar to lemmy-status.org but with a few notable differences:
- Lestat is running Uptime Kuma
- Lestat monitors all instances listed on join-lemmy.org
- Lestat has a public Discord server where it automatically feeds notifications: https://discord.gg/R8zY7fM5Z8
Criteria for adding instances to Lestat
I will add any instance to Lestat based on these prerequisites:
- The instance is listed on join-lemmy.org
- The instance doesn't host anything illegal in New Zealand
Free services for admins
If you are an instance admin, I can set you up with the following:
- Automatic e-mail notifications when the status of your instance changes (e.g. it goes up or down).
- An uptime badge for your instance in this style: !
Send me a message if you'd like any of the above.
I hope you find Lestat useful!
Edit: Added clickable URL and expanded on free admin services to include badges.
I like keeping across what is happening with other Lemmy instances so lestat.org was born out of this curiosity.
It's similar to lemmy-status.org but with a few notable differences:
- Lestat is running Uptime Kuma
- Lestat monitors all instances listed on join-lemmy.org
- Lestat has a public Discord server where it automatically feeds notifications: https://discord.gg/R8zY7fM5Z8
Criteria for adding instances to Lestat
I will add any instance to Lestat based on these prerequisites:
- The instance is listed on join-lemmy.org
- The instance doesn't host anything illegal in New Zealand
Notification service for admins
If you are an instance admin and want to get automatic e-mail notifications from Lestat when your instance goes down, message me and I will set this up for you.
I hope you find Lestat useful!
It was brought to my attention that lemmy.comfysnug.space also hosts "loli porn". This content is illegal in New Zealand as well as many other countries.
Needless to say they have been defederated and all their communities purged from our server.
I'm mostly posting this in the spirit of transparency as I don't think this affects anyone here.
Please let me know if you do come across another similar instance, there are simply too many of them out there for me to check proactively.
I sincerely hope that this was the last of them, but if there are more, I also don't think it's worth me making an announcement every time we defederate one. I may instead create a generic defederation post where we keep tabs on who we defederated and why, but I welcome your feedback.
As a reminder, the Lemdit ethos sets out our stance on federation, notably: >Defederating from other instances is an absolute last resort and we will only do so under the following circumstances: > > - If their content has the potential to get us into legal trouble > - If they are acting as an attack vector towards us
>Alexandrite is a beautiful desktop-first alternative web UI for Lemmy.
The Lemdit Alexandrite instance can be accessed at https://a.lemdit.com
You can find more info on Alexandrite here: https://github.com/sheodox/alexandrite
Have you thought of self-hosting mailcow? https://github.com/mailcow/mailcow-dockerized
It's very easy to set up and fairly straightforward to maintain, if you have a static IP and it's not impossible to get a PTR record then I highly recommend it. Yes you're self hosting your own mail server but mailcow vastly simplifies this.
Alternatively plonking it on the right VPS can also work.
There are no requirements, and they wouldn't be enforceable even if somebody tried. The admin of instance1 has no way of knowing that you already have an account on instance2. Your identifiable details (IP address, e-mail address) are private to the instance that you sign up with and it would be a violation of privacy (and inherently scummy) for those to be shared between instances - they're not.
You can be anonymous on the fediverse, just like the Internet in general used to be before Facebook.
That's entirely up to you, it can be the same username if you want. Speaking as an instance admin, there is no problem with users creating multiple accounts across instances, even if they're the same username.
Spam would be creating as many usernames as you can on any given instance (e.g. trying to register 100 users on lemmy.world because reasons) - there's obviously a problem with that. Creating you@instance1, you@instance2 and you@instanceN is perfectly fine.
You may have noticed that Lemdit was down for about 2 hours earlier (if you did notice, then I hope the status page kept you informed).
Below is a summary of what was done:
- Host software updates (some things required a restart).
- Host hardware upgrades - larger SSD installed and Lemdit migrated to it. This was not done out of necessity, but for future proofing.
- VM image back-ups - this is a separate activity to the nightly DB backups
- Lemmy upgraded to 0.18.3 - this version comes with significant DB improvements and required a DB migration.
Overall it took longer than I hoped it would, but I think it was all worthwhile.
Please let me know if you notice any weird behavior from Lemdit.
We had an outage, Lemdit fell over while I was asleep so bad timing. It looks like it was down for about 4 hours.
I'll look into what caused it, I have a script that tries to automatically recover Lemdit from the usual crash, but something else happened here.
Anyway if you tried to access it and couldn't - sorry! It's back now.
Edit:
I believe this was caused by cache depleting all available RAM (impressive considering we've got 128 GB allocated). This isn't normally supposed to cause an issue as cache is meant to be cleared to make room for app usage, but in practice it can be problematic and it's likely what got everything to fall over.
I've got a cron job in place that will clear cache daily now so this won't happen again.
Here's a graph if you're curious, the outage occurred ~3:30AM, the drop you see is me restarting the VM:
> A familiar desktop experience for Lemmy
The Lemdit Mlmym instance can be accessed at https://old.lemdit.com
You can find more info on Mlmym here: https://github.com/rystaf/mlmym
I'm curious to get your thoughts on Lemmy. What is your impression so far? Are you enjoying it? What would you like to see different?
If you're using Lemdit, then I'm really interested to get your feedback on what your experience is like. Is there anything we can improve? Any other suggestions or ideas?
Security has been a hot topic for Lemmy recently and privacy is something that we all care about. Here's how we're set up to handle both.
Security
As a self-hosted Lemmy instance, we're actually in a slightly better position than many:
- The server is not remotely accessible from outside the local network (it doesn't need to be).
- The Lemmy admin interface is not remotely accessible from outside the local network (even if my Lemmy account ends up compromised through some exploit, the potential harm from that is greatly reduced).
We also have more generic network security measures in place:
- The server sits behind a hardware firewall.
- The Lemmy instance sits behind a reverse proxy.
- Internal networks are segregated from each other.
- IP whitelisting is used for all internal remote access.
Nothing on the Internet is unhackable and we're no exception. However, we're too small to be an attractive target and we're sufficiently hardened to avoid being a target of opportunity.
Privacy
Being self-hosted has a number of advantages here too. Lemdit does not use any 3rd party web services whatsoever:
- No cloud hosting of any kind
- No external e-mail service
- No CDN
- No DoS protection
- No analytics
- No ads
- You name it, we don't have it.
Privacy is important to me personally and all the trade-offs I have made have been in favour of privacy.
Lemdit runs an unmodified version of Lemmy available from its official GitHub repository.
What Lemdit knows about you:
- Standard NGINX access logs are kept for 2 weeks (IP address, time stamps, etc).
- The Lemmy database contains the e-mail address that you signed up with.
- The mail server has a record of e-mails that were sent to you by Lemdit.
This data is not available to anyone else and only legal/law enforcement action could compel us to share it.
Legal
Due to the nature of federated services, all of your engagement (your profile; posts; comments; messages; votes) on this platform should be considered public. We highly recommended that you do not share any information on Lemdit, or the Lemmy platform, that could in any way personally identify you.
Internet regulations are increasingly complex and country specific. To navigate this complexity, we rely on TermsFeed to define our Terms and Conditions, as well as our Privacy Policy. This post tries to describe some of the key points in plain English, but does not act as a substitute for these documents.
I'm not a lawyer nor do I have the time to try and prettend I'm one, so while I dislike long documents written in Legalese, that's what we have in place for now.
Version history
--- 15 July 2023
- Initial release --- 19 July 2023
- Added Version history for transparency
We now have a Status page that monitors Lemdit services, as well as a backup Discord server:
- Status: https://status.lemdit.com/
- Discord: https://discord.gg/7Y2CgAEG5q
The purpose of these is to keep you informed on what is going on with Lemdit and give you a way to contact me should anything go wrong.
lemdit.com / *.lemdit.com will automatically redirect to the Status page in the following scenarios:
- Planned outage (server maintenance, updates, etc)
- Unplanned outage caused by software or hardware failure
lemdit.com / *.lemdit.com will be unreachable in the following scenarios:
- Unplanned outage caused by connectivity or prolonged power failure
I get automatically notified of any outage and will keep you up to date via the Status page and/or Discord.
The Status page also sends automatic notifications to the Discord server when services go down or when they recover.
If Lemdit has gone offline and I'm nowhere to be found for a few days (think vlemmy.net), then you can assume something happened to me.
Version history
--- 15 July 2023
- Initial release --- 22 July 2023
- Added Version history for transparency
- Updated the status page URL
- Added mention of automatic Discord notifications
- Minor wording tweaks
> Voyager is an Apollo-like open source web client for Lemmy. It’s a mobile-first app, but works great on desktop devices, too.
The Lemdit Voyager instance can be accessed at https://m.lemdit.com
As a webapp, Voyager is easy to install on your phone through your browser controls.
You can find more info on Voyager here: https://github.com/aeharding/voyager
It feels like I've been spamming these updates recently, but it has been an eventful week for Lemmy and it's worth being on the version that has the least holes in it.
Unless there is a compelling security concern or they fix the broken theme appearance, I'm going to start limiting these updates to once a week going forward.
---
I’m about to perform this update in the next 10 minutes, all things going well there should be no downtime/instability.
The DB is backed up, I’ll post an update here once everything’s done.
I’m about to perform this update in the next 10 minutes, all things going well there should be no downtime/instability.
Also updating to the latest pict-rs v0.4.0 release.
This is an important update as it addresses the Lemmy exploit found yesterday, as well as some other bugs.
The DB is backed up, I’ll post an update here once everything’s done.
As you know, the Lemdit ethos sets out our stance on federation, notably: >Defederating from other instances is an absolute last resort and we will only do so under the following circumstances: > > - If their content has the potential to get us into legal trouble > - If they are acting as an attack vector towards us
burggit.moe is unfortunately the first instance whose content has the potential to get us into legal trouble, since they are "NSFW & Loli/Shota/Cub friendly". This type of cartoon child porn is illegal in New Zealand and many other countries.
I have become more aware of them in the wake of vlemmy.net going offline, since burggit.moe were the only instance that Vlemmy defederated before their disappearance a day later: https://lemm.ee/post/794588
To my knowledge burggit.moe is the only instance that supports this kind of content, so hopefully they will remain the exception. I hope you can understand my decision. Please let me know if you have any questions or concerns.
What happened?
A Lemmy exploit has been used in the wild earlier to attack several instances, among which lemmy.world:
- https://lemdit.com/post/44993
- https://lemdit.com/post/44963
What we did about it:
At the time it was believed that the exploit had something to do with the sidebar, so I temporarily restricted new applications and disabled the ability for users to create their own communities:
- https://lemdit.com/post/45241
We have meanwhile learned that this vulnerability is present on any instance that has custom emojis defined, and is exploitable everywhere Markdown is available (posts, comments, private messages, the sidebar, etc).
As of now there is no official patch for it, however a manual fix is described in this thread:
- https://github.com/LemmyNet/lemmy-ui/issues/1895
I have applied this fix to Lemdit to be safe, noting that we never had custom emojis enabled so we were never really at risk. 10 comments with the malicious code had federated to us (and were removed through my application of the fix), however you would've still been safe viewing these comments from Lemdit.
We're now back to having open registration and the ability for users to create communities without admin intervention.
What this means for you as a Lemdit member
I want to reassure you that we were not impacted by this exploit. As previously mentioned, the exploit was specifically linked to custom emojis and we never had those defined/enabled. Even though comments containing the malicious code would've federated to us, the code would not have worked here.
As a conscequence of applying the manual fix, all existing login sessions have been reset so you will have to log back into your Lemdit account.
I expect that a new Lemmy version will be released soon to properly address this vulnerability - I will be patching us to it as soon as it's available.
Let me know if you have any questions or concerns.
