Mastodon makes the internet feel like home again | The Outline

Mastodon makes the internet feel like home again, by @srol@mellified.men

Having been on the service for nine months myself, I can confirm Mastodon is not a replacement for Twitter. It’s much better. It is the first place on the internet where I have felt comfortable in a long time.

S3 URLs have changed; update your Content-Security-Policy

I’m serving Free Radical’s images etc. from S3. When I updated to Mastodon v2.1.0, I noticed that all the page’s images were missing. Safari’s Show JavaScript Console menu revealed a lot of errors like:

[Error] Refused to load https://s3-us-west-2.amazonaws.com/freeradical-system/accounts/avatars/000/014/309/static/91f9782fad3f6284.png because it does not appear in the img-src directive of the Content Security Policy.

Turns out that some time between the releases of v2.0.0 and v2.1.0, the Mastodon switched from generating S3 URLs like:

https://freeradical-system.s3-us-west-2.amazonaws.com/...

to

https://s3-us-west-2.amazonaws.com/freeradical-system/...

Because I’d jumped through the hoops of setting up a Content-Security-Policy header, Safari wasn’t allowing those images to render. I had to change my CSP header in Nginx from:

add_header Content-Security-Policy "default-src 'self'; img-src 'self' https://freeradical-system.s3-us-west-2.amazonaws.com/ data:; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://freeradical.zone/; media-src 'self' https://freeradical-system.s3-us-west-2.amazonaws.com/";

to

add_header Content-Security-Policy "default-src 'self'; img-src 'self' https://freeradical-system.s3-us-west-2.amazonaws.com/ https://s3-us-west-2.amazonaws.com/freeradical-system/ data:; style-src 'self' 'unsafe-inline'; connect-src 'self' wss://freeradical.zone/; media-src 'self' https://freeradical-system.s3-us-west-2.amazonaws.com/ https://s3-us-west-2.amazonaws.com/freeradical-system/";

so that both the old and new S3 URLs are permitted.

Our harassment policy

The Free Radical policy on harassment is pretty simple: I will not allow anyone – local or federated – to let a guest feel unsafe. This is my living room and no one can come here and harass my friends.

My general guideline is to take the minimum action necessary to address a problem. If a guest can themselves silence an annoying person and that fixes it, awesome. If the problem escalates and requires dropping the banhammer on a whole instance, then so be it.

I wholeheartedly support other instances that do what it takes to protect their users.

Thoughts on logo commission

I want to have a cool logo but I can’t really justify paying to commission one to my family. Conversely, I’m not going to ask an artist to work for free, because I value their work and don’t want to imply that I don’t. So, how I can I reconcile these seemingly incompatible requirements? I’m not sure, but I’ve been tossing this around:

  • One or more artists submit rough drafts of their ideas,
  • I select one that resonates with me and help the artist develop it,
  • That artist gives me exclusive rights to the design so that there aren’t 43 instances with “my” branding, but
  • The artist keeps all merchandising rights, and I help them advertise stickers, t-shirts, etc.

Releastically, that probably wouldn’t generate a lot of revenue (although I’d certainly buy some stuff for myself). However, the artist would get 100% of all income from it. If I’m the only one who buys a t-shirt, it’s not that great a deal for them. If I help them sell a hundred shirts or somehow become Internet famous, that could be a nice chunk of change, of which my cut would be $0.00.

I’m neither a businessman nor an artist, so I’m not clear if this idea is brilliant or terrible. What do you think?

Hosting costs – November 2017

In the spirit of continued transparency, and because I haven’t remembered to do this in a while, this is an accounting of Free Radical’s hosting costs for November 2017:

  • The DigitalOcean droplet and persistent block storage (for PostgreSQL) was $22.00.
  • The Amazon Web Services S3 media and backup storage cost $3.59.

The DigitalOcean CPU usage graph runs consistently at about 5%. Memory is always at about 70%, with most of it used by PostgreSQL for caching. Disk usage is at about 0% except during hourly backups. Bandwidth averages about 20Kbps except during those same offsite backups.

In summary, this glorious hot mess costs a total of about $25 per month and has a ridiculous amount of room for future growth.

If you’d like to help support Free Radical, please send $5 in cash to your nearest hungry-looking person and tell them Tek says hi.

We’re here for you and for good

I’ve had a hard time going cold turkey with birdsite but it gets easier by the day. I still think of it as the early service that was new and different and exciting and wasn’t being used as a machine for spreading hate. I need to break that habit, but it’s hard.

This morning I drank deeply of that cesspool and was shocked at how horrible it is. Was it always that bad and I was just used to it, or has it taken a recent and sharp turn for the worse? I don’t know. Either way, here we are.

I’ve been committed to Free Radical since its launch, and I want to publicly and explicitly reaffirm this: we’re here for the long haul. The world needs a good, distributed, self-hosted social media network and I think that we’ve found it. I might not have posted a lot lately – life happens – but I’m here for you.

Let’s build something good!