is anyone successfully running a #Pixelfed instance? I've installed one yesterday but federation doesn't work. I cannot follow my Pixelfed account from Friendica, Mastodon and Pleroma. The contact request stays in 'waiting for approval' mode and there's no indication on Pixelfed that someone is trying to follow me.
Also, I don't know how to find and follow a remote user from another instance on Pixelfed itself.
The config of Pixelfed seems to be ok. When I probe my Pixelfed account from Friendica the result looks good, too. I'm lost.
Issue on Github: https://github.com/pixelfed/pixelfed/issues/1158
Installed via composer
Apache2 2.4.29 PHP-FPM
MariaDB 10.3.14 (with support for json fields)
libpam-google-authenticator. See e.g. this article for a description on how to set it up.
If you already have public key authentication set up, this module seems not to add the 2nd factor as the 2nd factor is only used to harden the response authentication (entering a password).
!The Lazy Admin Club
If I've installed something using make install (in this case libmodsecurity) and I wish to update at a later date... do I need to do a make uninstall first? And then download the latest source files and go through the process again? Or can I just do another make install - will it just overwrite and update any files previously installed? What's best practice?
#linux #makeinstall #ubuntu #modsecurity
JM O likes this.
Imagine this scenario:
I have a php driven website (eg wordpresss). The webserver runs as user www-root and a php-fpm pool is set up that runs under user:group site1:site1.
Does www-data still need access to the files or can I set my file permissions for the website directory based purely on user site1?
I'm going to be moving to a dedicated server in the next month or so and am currently planning my setup with regards to PHP-FPM.
As I'll be running various PHP driven sites, I thought it best from a security point of view to use FPM pools properly this time, and having a seperate owner for each website.
This still leaves the potential security issue of the opcache and apcu cache being shared by all sites as it's controlled by the PHP master process.
I've read that the solution is to have multiple PHP master processes - one for each site, which means that each site will have it's own seperate opcache and apcu cache. I'm just wondering if this is still the correct approach as the articles I can find advising this all tend to be a few years old.
Those that are using FPM and are hosting multiple sites, have any of you taken this approach?
This is an example of one of the articles I've been reading:
#php7 #php #fpm #opcache
The moral of the story, my dear fellow admins, always redirect your cron jobs' stdout to somewhere, preferably a log or
With that in mind, all that remains to be said: Have a Happy Holiday!
!The Lazy Admin Club
I'm using two-factor authentication for remote SSH access.
This also means accessing the SSH server from the local network requires two-factor authentication.
Is there a way to exude specific users from two-factor authentication and than grant them only local access?
At the moment all users seem to require two-factor authentication, regardless whether they have set a second validation level.
!The Lazy Admin Club
When looking at my Munin monitoring I see something strange:
All four disks (sda to sdd) are members of the same RAID10 setup, but for some unknown reasons sda has twice as high disk utilization than the other three disks. The same also counts for disk I/O stats:
Does someone has an idea what might cause this?
#debian #server #linux #raid #raid10 #lvm #xen
Jetzt die #Frage: Gibt es empfehlenswerte #Tutorials #HowTo s zu dem Thema #Icinga2? Speziell wenn es um das überwachen von #Servern #Dienste #Netzwerke geht.
Wäre um #Tipps echt dankbar.
!The Lazy Admin Club #Admin #Server #Frage #Schwarminteligenz #followerpower
Hallo Leute, am Wochenende hatte ich meinem Webserver PHP7.2 spendiert und die gesamte Konfig angepasst.
Heute habe ich nun
fpmund damit http2 eingeschaltet.
Weil ich gerade dabei war, habe ich die Konfig von LetsEncrypt auch gleich auf RSA=4096 hochgeschraubt.
Das SSL-Lab vergab dafür ein A+ und friendica.a-zwenkau.de sowie hubzilla.a-zwenkau.de sausen nun gefühlt doppelt so schnell
I have a working Prosody server but nobody using it is able to send files using the conversations client. I'm guessing that it's because I haven't set up the necessary modules. Does anyone know of a clear guide on the net to setting this up? I'm struggling to find anything.
#serveradmin #prosody #xmpp