Categories
Apps Culture Tips & How To's Winnipeg

Running a Mastodon server

I ran a mastodon server over at winnipegsocial.online for about two months. I took it down last over this past weekend.

When the mastodon exodus started to bubble up I thought I’d jump in feet first and find out what it takes to run a server.

Overall, it was just about as easy as I expected. But at the end of the day, almost nobody used it and it was costing me a lot of money for what was had become my own personal mastodon web client.

Setup & Upkeep

I’d say the complexity of setting up a mastodon server is right around “running ubuntu on the desktop and installing a package that’s not present in the package manager” complex.

It’s almost point-and-click, with a couple of additional steps.

DigitalOcean and friends all seem to have 1-click installers to get the web server portion system.

In addition the the webserver that’s runs the Mastodon application itself, you’ll also need a CDN to host media and a service to send mail.

FWIW, I chose DigitalOcean’s “spaces” mainly for the convenience of having only 1 bill. I chose SendGrid for mail, due to their generous free tier.

If you’re interested in setting up a Mastodon server and you’ve ever messed with Linux, I’d say “give it a shot.” DigitalOcean’s guide covers pretty much everything you need to know.

There was literally zero day-to-day maintenance. And no need to moderate anything.

Cost

US$35/mo. ($5 of that is storage, no backup, no mail cost)

I originally spun up my mastodon server on DigitalOcean’s cheapest 1GB RAM server plan. The webserver and all its systems actually ran really well.

However, when it came to upgrading from Mastodon v3 to v4 I repeatedly ran into problems. Eventually realizing that NPM was exhausting my system memory, so I had to upgrade to a 2GB server in order to complete the upgrade.

I shut it down

When I asked my twitter followers how many people were interested in joining a Winnipeg-based Mastodon server mid-November, 25 out of 36 people responded positively.

After two months of operation, the server had fewer than 30 users and I was the only users who’d posted more than a handful of toots. It just didn’t make sense to continue to pay to use my own instance when I could just as easily hop onto another one.


At the end of this experiment, I don’t think I understand the purpose of location or theme-based Mastodon servers. Sure the Mastodon server has a “Local” UI that displays posts from users you follow on the local instance. But I guess I don’t really see the purpose? They’ll show up in your freed regardless 🤷‍♂️

In terms of Mastodon as a Twitter alternative, I have many thoughts. But that’s a blog post for another blog time.

Anyways, for now you can find me @[email protected].

Categories
Culture Tips & How To's

How To: Work From Home, Be Productive and Stay Sane

I just spent a few minutes looking through my draft posts for inspiration to restart blogging.

I came across the oldest draft in my queue, dated November 11, 2009.

I missed 11/11 1:11 by 6 minutes!

The post read as follows:


I’ve worked from home for 6 of the past 8 years in a variety of workspaces. Initially I worked in my parents basement, I briefly worked in my mother-in-law’s dinning room and for the past 2 years I’ve worked in the common space of a 2 bedroom apartment, with a toddler. Over this period I’ve maintained a 35 – 50 hour work week and managed to stay sane (and reasonably productive). Now that I’ve had my own dedicated works space for a couple of weeks I’ve had some time to reflect on a few of the ways I’ve been able to make it work.

  1. Good Employer
  2. Keep A ToDo List
  3. Don’t Answer The Phone
  4. Set “Business Hours”
  5. Don’t Follow Them
  6. Be Distracted

Reflecting on this now that we’ve all been covidworkingfromhome for the past 18 months (or is it 32?) and have just started a permanent remote positions, I’d say that list of advice still rings true.

1. Good Employer

Simply put: you need an employer who trusts you to work from home. One who understand that things might come up throughout the day and doesn’t have a problem with that.

If you’re having trouble finding an employer like this in 2021, imagine how rare it was 12 years ago.

During COVID, even bad employers didn’t have a choice but to begrudgingly let their employees work from home. Good employers will differentiate themselves from by ones by allowing their employees to continue working from home into 2022 and beyond.

2. Keep a To Do List

What I really meant by this was “be organized and focused.”

I still prefer physical to do lists. I like crossing things off with a pen and crumpling up the list at the end of the day.

Organizational tools and apps have really matured and keeping a physical to do list is not really necessary.

Don’t forget to include personal/home things on your to do list. Writing everything down is a great way to keep yourself from getting distracted.

3. Don’t Answer the Phone

“The phone” is much less of a thing in 2021.

Better advice would be “don’t read text messages, or non-work DMs”.

4. Set “Business Hours”

Over my years working from home this has come to be the main key to success.

Setting business hours adds the structure that I need to stay focused. It also sets expectations with my family. They’ll know not to interrupt or distract me between 8 – 5 unless it’s urgent.

Having an office door that you can closes helps, but it’s really not as crucial in my experience.

5. Don’t Follow Them & 6. Be Distracted

These two rules are really the same thing “allow yourself to be distracted.”

I’ve found that giving myself permission to break the rules has been the key to staying “sane.”

Take a long lunch, grab a coffee, go to the store.

Just don’t stray too far, too often.


In 2021, I would only add two additional pieces of advice to this list.

7. Wear Pants

Get dressed for work.

I’ve found that it really puts me in the mindset to get to work.

This has been a rule I’ve always followed, I don’t know why I didn’t add it to my original list.

8. Have an Amazing Partner (or I guess, live alone?)

I couldn’t have made it this far without an understanding wife.

Categories
Tips & How To's

How to: Set Up A Personal VPN

Skill Level, Novice: To set this up you’ll want to be mildly comfortable with the command-line. But you won’t necessarily need know (or care) about the technologies involved.


Way back in 2010, firesheep scared my pants off. I was traveling for work when it dropped and I became acutely aware of just how vulnerable my data was on huge airport wifi. In the 8 years since then  https everywhere has become a reality and the threat of bad actors sniffing your web traffic is nearly a thing of the past.

But I’m still paranoid. And today I finally did something about it.

Enter Streisand

Streisand is an open-source project with the goal of defeating censorship. The best way to defeat local censorship is secure, undetectable VPN connection (usually in a foreign country). The goal of defeating censorship aligns nicely with the goal of hardening your internet connection.

Streisand is essentially an installer for a set VPN tools which you’ll install on a cloud hosted server that you control. The project presently supports Amazon EC2, Azure, DigitalOcean, Google Compute Engine, Linode, and Rackspace. You simply run a few commands, select a few options (the defaults are totally fine) and Streisand does the rest.

If you’ve ever run apt-get or setup homebrew on MacOS you should have no problem setting this up. Streisand’s installation instructions well written and easy to follow (jump right to the instruction here).

Much to my surprise — unlike many of these types of command-line driven projects — I ran into absolutely zero issues during the install.

It gets even easier.

If that doesn’t sound easy enough — get this — Streisand copies over an HTML document with an incredibly easy to use guide, per-filled with all the configuration settings your need for your server. It’s dead simple to share this with anybody you choose.

Bonus points: Auto-Connect on public WiFi.

The last time I used the TunnelBear app, I noticed an advanced setting to auto-connect to all wifi except for a whitelist of trusted network. So that if you’re on your secure home, work or other trusted wifi network, you don’t waste VPN bandwidth or take the potential performance hit.

Unfortunately, iOS doesn’t support settings like this natively.

In order to accomplish this, you have to create a custom .mobileconfig file. These files are huge XML documents that you probably shouldn’t write by hand.

Save yourself a headache, use this iOS VPN autoconnect generator (props @klinquist).

Costs

I am hosting my Streisand VPN on Linode, my goto host for the past serveral years. Their lowest tier server is more than power enough to host a VPN. And they generously include 1TB of service. For US$5/mo.

The $5/mo price-point is competitive with many of the popular VPN services. Except, since you’re self-hosting, you are not limited to 1 user. You can freely hand out the streisand connection to friends and family.

Conclusion

One of the most powerful aspects of the internet and open source software is the ability to take control of everything yourself. As somehow with this skills to do this myself, I am going to start to make a concerted effort to take control of more things myself and be less dependant on untrustworthy third-parties.

Running my own VPN is just one small step.


I wrote a short follow-up post you might enjoy:

DIY Internet: More on personal VPNs

Categories
Tips & How To's Web Development WordPress

How to Keep Your New WordPress Site Running Smoothly

So you just launched a WordPress site for your business, everything is up and running. Pages load quickly, SEO is better than ever, you paid your development team. Now you’re all set for the next few year, right?

In an ideal world, this would be true. Unfortunately, the Internet is a dangerous place and software is not perfect. With WordPress presently powering 1/4 of the Internet, it is a huge target for hackers and internet miscreants. Left untouched, your site is almost guaranteed to become infected by malware at some point in the future.

Click “Update!”

Clicking that “update” button in the WordPress admin is the single most important thing any WordPress site owner can do. In Windows or macOS these types of security updates can seem like a pain, annoying nag messages that you always dismiss immediately. While these updates are important for desktop computers, in reality, your desktop machine is typically removed from outside attackers by 1 or 2 levels of routers. Your website on the other hand has to be accessible to the broader internet in order for the public to have access to it.

One fact that might be overlooked if you’re unfamiliar with software development is that the vast majority of security patches are in response to a reported issue. What this means is that, potential attackers already have the information to create mass exploitation tools by the time you see the update notification in WordPress.

To put it another way: In my time working with WordPress, I’ve never see a compromised WordPress site that is totally up to date with all updates.

Is It Safe?

One concern that causes many computer users to put off software updates is the fear that something will break. While this fear is not totally unfounded, most software updates are safe, most of the time. When dealing with WordPress updates, you’re looking at new code from different sources. Core updates come from the WordPress open source project, these updates are all vetted by professional developers. Plugin updates are submitted by the plugin author. The experience level of these authors varies widely, they could be hobbyists working on the weekend or large teams of professional developers.

So is it safe?

Minor WordPress Core updates are safe. The minor updates are the updates where the main version number (ie. 4) does not change. The WordPress team takes great care to ensure that updates do not break anything.

Major WordPress updates are probably safe. Again, the WordPress team has a great track record of building in backwards compatibility. So, your site probably won’t break. However there are two caveats. 1) Major features in the WordPress admin will likely look and/or act differently; 2) Some plugins may stop working.

Plugin updates should be safe, but it depends. With a few notable exceptions, most well written plugins will update without issue.The same rule of thumb about major and minor updates apply to plugin updates, a major version update is more likely to break something. A good WordPress site developer will only install plugins that they’ve individually vetted, I never install plugins for my clients that I do not trust.

Be Proactive

A number of plugins and security solutions have started to become available for WordPress over the past few years. They are essentially virus scanners and firewalls for WordPress. By setting these up, you should be able to fend off additional threats or at the very least disable malware if it happens to make it onto your site. A Google search will reveal many good options. My current go to plugin is Wordfence security, I install it on all new sites. I like it because it works well out of the box and it typically does a better job finding malware than the other plugins I’ve tried.

Conclusions

As developers, I think we often do a bad job communicating the importance of ongoing maintenance and security. After all, it’s a little embarrassing to have to concede that this great product you just spent weeks of time and a good chunk of money on, is a giant bullseye for internet miscreants. It can seem like a slimy up-sell to suggest a maintenance contract.

In reality, if you’re comfortable reading and digesting release notes, you should be able to handle keeping WordPress up to date. If you’re less of a tech-DIY person, you may want to get in touch with a developer.

One more thing: Backups

Backups are always a good last resort. I didn’t mention them in this post because backups are typically a poor malware recovery solution. Two main reasons: 1) The type of malware that affects WordPress rarely corrupts content; 2) it can be difficult to pinpoint when a malware infection started, so you won’t know which backup to restore to.

Categories
Tips & How To's WordPress

Using Jetpack’s Photon CDN to host images in custom WordPress themes

Photon is a great free image CDN that you can use with any self-hosted WordPress install via Automattic’s Jetpack suite of plugins. Photon uses wordpress.com’s infrastructure to host your site’s images on one of the fastest CDN globally.

I highly recommend enabling it on every WordPress install. If your site is on cheap shared hosting, it will dramatically improve page load times. If you’re hosting a huge news site, it’ll save you loads of money.

By default, Photon automagically serves any images embedded in or attached to a WordPress post or page. Including feature images, galleries, third-party sliders. Due to the nature of WordPress hooks and filters, it’s not possible for photon to grab images stored in post meta fields, or any images that are part of theme template files.

I’ve written a gist that exposes Photon’s CDN wrapper as a simple function you can call in templates:

Relevant Jetpack documentation.