this post was submitted on 17 Aug 2023
57 points (87.0% liked)

Fediverse

28480 readers
707 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to [email protected]!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration), Search Lemmy

founded 2 years ago
MODERATORS
 

Are there any paid services for either Lemmy or Mastodon? Something where, given it is a subscription service, you would expect them to stick around long-term?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (1 children)

Exactly. I went one step further and decided not to use my admin account as my main. I don't run around as root on servers so I try not to do that with apps. It's easier with Lemmy because once it's set up all the admin tasks hit my email.

I also wanted to avoid that vulnerability that hit Lemmy World a few weeks ago that was only possible because the server admin got their jwt stolen, which wouldn't have been so impactful if they weren't on the admin account.

[–] [email protected] 1 points 1 year ago (1 children)

I didn't read the story about how exactly he lost the jwt, but is it still as big of an issue since 2fa was introduced?

I guess existing jwt hashes will bypass 2fa, but I'm not super worried since my instance has 3 users.

[–] [email protected] 1 points 1 year ago (1 children)

2fa was in at the time. IIRC the jwt was granted after 2fa so it didn't matter.

You've got a point though, small instances aren't gonna be nearly as useful as a giant one to threat actors. Assuming you don't give them a reason to go after you specifically they wouldn't have a reason to target such a tiny server.

Still though, I don't need that shiny A next to my name so I'm good with how I have it set up.

[–] [email protected] 1 points 1 year ago (1 children)

You could really mess with people and use [email protected] but not have it as the admin account. hah. You host it at home or out "in the cloud"? Curious what others do.

I have a couple VPSes for my Tailscale exit nodes and one as an ingress/proxy for my selfhosted stuff at home. They're all super cheap and have unmetered* network connections. Kubernetes on some PIs and Lenovo tinys support all my services at home.

[–] [email protected] 1 points 1 year ago

I have this one on a Hetzner server that runs me like $6/mo. I'm not comfortable with the federated nature of things potentially putting CSAM or other illegal content on disk in my home.

I use tailscale so I can still hit my internal (at home) git repos and all that. The rest of my stuff is all hosted on an old gaming PC I turned into a Proxmox host that sits in my spare bedroom. Of those services, I only expose like 3 things to the outside world. Nextcloud being the main one. I don't route it through my VPS, just proxy it through cloudflare.