Year: 2022

After a bit of work with Hugo’s templating functions, namely the exceedingly useful getJSON I can now embed Mastodon posts directly in my page!

pieceofthepie

@pieceofthepie@n8e.dev

I've created a shortcode for #GoHugoIo (a static site generator) that lets me embed Toots on my blog posts!

https://realmenweardress.es/2022/11/2022-11-30-s3-hugo-toot-embeds/

#Mastodon #Fediverse #SelfHost #Blog #Hugo #HugoBlog

Nov 30, 2022, 16:34 · 5 · 4

If you’ve looked at this before you might be thinking “Gee, this is easy, you just use the Oembed API”. Well, I didn’t want to use that so this does it properly, with building actual content out of JSON responses. It does mean I’m in way more control of the behaviour.

It turns out that running a Mastodon instance, and hooking that instance up to a couple of relays will very quickly fill up the measly storage space on your VPS. To combat that you’ve got 2 options; 1) add more space¹ or, 2) hook up some object storage like Amazon’s S3 or Vultr’s, err, Object Storage. Since Mastodon natively supports the latter it seemed like a no brainer to me so I followed the official documentation and in doing so found instructions on setting up an Nginx proxy. To do this optional bit I needed to come up with a Dokku based solution, and this is it.

This deployable Dokku project implements a proxying service that allows you to front S3 Object storage served files from the configured domain. You may want to do this to, for example, retain control of your files apparent storage location and therefore allowing you to move your files later without having to implement redirects to the old content.

It also acts as a content cache and provides a 48 hour TTL. Additionally it implements cache locking to prevent cache slams/stampedes

Finally, it has inbuilt filtering that only allows GET operations to reach the bucket, therefore acting as a rudimentary firewall.

If you’re a Twitter user (and even if you’re not) you may be aware that it was recently acquired by one Elon Musk. You may also be aware that he’s gone on a cost cutting rampage that has left people concerned for the future of the platform as mass layoffs and publicised technical changes have resulted in broken functionality or massive shareholder losses.

There is a Twitter alternative, just one amongst many, called Mastodon. It’s a part of something called the Fediverse; which is a silly word that fundamentally groups a large number of applications around something called the ActivityPub protocol. In brief it’s a well defined method for clients and servers to talk to each other about people and what they’re doing. Which is why, over the last few weeks, Mastodon servers (or instances) have seen a massive spike in new user accounts and usage. People are migrating and instance owners have been scrambling to scale up their infrastructure to cope.

You can always join one of the many instances available, or, like I did you can run your own¹.

If you’re anything like me you’ll have a bunch of IoT smart home devices; if you’re anywhere as cheap as me, a number of those will only work on 2.4GHz networks which makes using the Google Wifi a right pain¹. I did eventually get the devices registered but only after many many repeated pairing/registration attempts. Presumably they would randomly latch onto the 2.4GHz network and be able to complete the process but it was frustrating work.

The internet also tells us just how all these cheap devices are realistically insecure and that you should be keeping them on a separate network so with that I decided to upgrade my network gear so I could implement secure things, like VLANs and ACLs and all of that fun stuff but I was using a Google WiFi mesh and although it did the job pretty well it just didn’t offer any power user features at all - primarily it didn’t do VLANs, or even more than one WiFi network which meant getting any sort of separation from my potentially badly behaved devices was next to impossible.

So I upgraded the hardware.

If you want to run Pi-hole on your network but not have the entire family grumble that the internet isn’t working when you need to reboot the machine it’s running on then you’ll need to run two Pi-holes. To run two Pi-holes properly they need to a) be on separate machines (I use my main homelab server and a RaspberryPi) and b) be configured on your client devices appropriately.¹

If you’ve got all that working but have been getting annoyed that adding any new service means duplicating manual configuration steps in a clunky Pi-hole web interface then you’ll likely have been searching for some sort of automation to handle it. Fortunately I came across a Terraform provider for Pi-hole that got me most of the way there. I just needed to put together a playbook/plan for it.

So with that. I present STPFMMP (Simple Terraform Playbook For Managing Multiple Pi-holes)