Dereckson @Dereckson@social.nasqueron.org

And we're up.

#maintenance

At 12:00 UTC / 14:00 CEST a kernel upgrade is planned on the server hosting the database and web front-end parts of the instance.

The instance won't be reacheable at this time, for a few minutes.

#maintenance

The CentOS 7 server used by this instance has been upgraded with last software, including new microcode patches for the CPU security issues.

There is also a Mastodon upgrade ready (2.4.0 → 2.4.2), but it's pending a long database migration.

#maintenance

Urban Tranquillity. Far away from the countryside, a quiet place means a closed metro station with a bing and the moon at the horizon.

Registrations are again open, as it appears all spam bots posted from the same IP ranges,.

So, from their IP addresses, I got the two AS they use, and from bgp.he.net, I get the associated known IP ranges (the route they accounce in various BGP sessions).

Nginx is configured not to send a reply when a request origin is one of those IP addresses.

We'll see if that works in the next 72 hours.

#maintenance

To get the mail addresses of spam bots accounts, you can try the following pgsql query:

SELECT DISTINCT ower(substring(email from position('@' in email) + 1)) AS domain FROM accounts INNER JOIN users ON users.account_id =accounts.id WHERE suspended = true OR silenced = true ORDER BY domain;

Of course, that only works if you've an instance with nice people. If not, you'll also get the mail domains used by reported regular users.

#mastodon #spambots

Open registrations have been temporarily closed.

Plan is to get some spambot control on the register page before reopening them.

You can still invite friends and acquaintances.

#maintenance

Done.

I updated the nginx configuration, so the front-end web server will serve straightforwardly more files, instead of deferring to the rails server.

If it's something you want to see or debug:

- files served by rails gets the header X-Served-By: rails

- streaming API replies contains the header X-Served-By: streaming

- If there isn't any header, it's directly served by nginx as static resource (was X-Served-By: nginx during tests this afternoon)

#maintenance

Updating Mastodon server to 2.4.0.

#maintenance

I've helped a student with HTML today.

Their high school teacher show them frames, images map, <font face>, <center>, <table> design with Netscape Navigator screenshots.

I think I've found a magical train to go back to 1997.

Reviewing https://github.com/nasqueron/operations/blob/master/roles/webserver-core/letsencrypt/files/letsencrypt-renew.timer and https://stevenwestmoreland.com/2017/11/renewing-certbot-certificates-using-a-systemd-timer.html to see how we can improve our Let's Encrypt renewal systemd unit.

#maintenance

Thanks @StuC for your donation.

Upgraded the instance to last master version.

Raised the amount of threads and database connections allowed from 5 to 15 for the web worker, so we can avoid the connection pool exhaustion we had these last days.

#maintenance

@TheKinrar Hi, I can't register at https://instances.social/admin

`curl https://social.nasqueron.org/api/v1/instance | jq .email` gives well a valid reply.

I got in the access logs a 200 for the API request:

`"GET /api/v1/instance HTTP/1.1" 200 1374 "-" "MastodonInstances/1.0.0 (https://instances.mastodon.xyz)`

social.nasqueron.org celebrates today its first anniversary.

Happy toots!

Mastodon upgraded to 2.3.3.

#maintenance

Fun Etherpad source code offers the following snippet to get the license.

// @license magnet:?xt=urn:btih:8e4f440f4c65981c5bf93c76d35135ba5064d8b7&dn=apache-2.0.txt