mirror of https://gitlab.com/bashrc2/epicyon
1057 lines
63 KiB
HTML
1057 lines
63 KiB
HTML
<h1 id="table-of-contents">Table of Contents</h1>
|
||
<ol type="1">
|
||
<li><a href="#introduction">Introduction</a></li>
|
||
<li><a href="#installation">Installation</a></li>
|
||
<li><a href="#upgrading">Upgrading</a></li>
|
||
<li><a href="#housekeeping">Housekeeping</a></li>
|
||
<li><a href="#registering-accounts">Registering accounts</a></li>
|
||
<li><a href="#the-importance-of-good-defaults">The importance of good
|
||
defaults</a></li>
|
||
<li><a href="#logging-in">Logging in</a></li>
|
||
<li><a href="#account-profiles">Account Profiles</a></li>
|
||
<li><a href="#following">Following</a></li>
|
||
<li><a href="#creating-posts">Creating posts</a></li>
|
||
<li><a href="#the-timeline">The Timeline</a></li>
|
||
<li><a href="#calendar">Calendar</a></li>
|
||
<li><a href="#side-columns">Side columns</a></li>
|
||
<li><a href="#media-timeline">Media timeline</a></li>
|
||
<li><a href="#moderation">Moderation</a></li>
|
||
<li><a href="#themes">Themes</a></li>
|
||
<li><a href="#sharing-economy">Sharing economy</a></li>
|
||
<li><a href="#search">Search</a></li>
|
||
<li><a href="#browsing-in-a-command-shell">Browsing in a command
|
||
shell</a></li>
|
||
<li><a href="#building-fediverse-communities">Building fediverse
|
||
communities</a></li>
|
||
</ol>
|
||
<h1 id="introduction">Introduction</h1>
|
||
<p><em>“Every new beginning comes from some other beginning’s
|
||
end.”</em></p>
|
||
<p>– Seneca</p>
|
||
<p><em>The fediverse</em> is a set of federated servers, typically using
|
||
a communication protocol called <a
|
||
href="https://www.w3.org/TR/activitypub">ActivityPub</a> which was
|
||
devised by the <a href="https://www.w3.org/wiki/Socialwg">social working
|
||
group</a> within the World Wide Web Consortium (W3C). At present it is
|
||
mostly used for <a
|
||
href="https://en.wikipedia.org/wiki/Microblogging">microblogging</a>,
|
||
although ActivityPub is sufficiently general that it can also be used
|
||
for a variety of other purposes.</p>
|
||
<p>The word <em>fediverse</em> (federated universe) appears to have
|
||
originated around 2012 as the first <a
|
||
href="https://en.wikipedia.org/wiki/Identi.ca">identi.ca</a> website was
|
||
ending and the <a
|
||
href="https://en.wikipedia.org/wiki/Pump.io">pump.io</a> project was
|
||
beginning. The ActivityPub protocol was initially called
|
||
<em>ActivityPump</em>, due to the influence which pump.io had upon its
|
||
creation. Fediverse servers are typically referred to as
|
||
“instances”.</p>
|
||
<p>Servers such as <a
|
||
href="https://github.com/mastodon/mastodon">Mastodon</a> are well known,
|
||
but these are aimed at large scale deployments on powerful hardware
|
||
running within data centers, making use of content distribution networks
|
||
(CDN) and due to their large number of dependencies requiring someone
|
||
with a high level of systems administration skill to maintain. Epicyon
|
||
is designed for the opposite situation where it is only intended to have
|
||
a single user or a small number of users (less than ten) running from
|
||
your home location or on a modest VPS and where maintenance is extremely
|
||
trivial such that it’s possible to keep an instance running for long
|
||
durations with minimal intervention.</p>
|
||
<p>Epicyon is part of the <a
|
||
href="https://neustadt.fr/essays/the-small-web">small web</a> category
|
||
of internet software, in that it is intended to scale via federation
|
||
rather than to scale vertically via resource intensive and expensive
|
||
hardware. Think many small communicating nodes rather than a small
|
||
number of large servers. Also, in spite of the prevailing great
|
||
obsession with scale, not everything needs to. You can federate with a
|
||
small number of servers for a particular purpose - such as running a
|
||
club or hackspace - and that’s ok.</p>
|
||
<p><a
|
||
href="https://uxdesign.cc/mastodon-is-antiviral-design-42f090ab8d51?gi=9baf6195c60b">Anti-virality</a>
|
||
is a common design approach in the fediverse, and Epicyon also follows
|
||
this convention by having chronological timelines and avoiding lists of
|
||
trending things or ranking profiles by numbers of followers. Recent
|
||
hashtags are presented <em>in alphabetical order</em> to avoid any
|
||
frequency bias. Typically if a post gets more than ten likes then its
|
||
count will only show as <em>“10+”</em>, to try to avoid getting fixated
|
||
upon making numbers go up at the expense of more considered forms of
|
||
interaction.</p>
|
||
<p>It is hardly possible to visit many sites on the web without your
|
||
browser loading and running a large amount of javascript. Epicyon takes
|
||
a minimalist approach where its web interface only uses <a
|
||
href="https://html.spec.whatwg.org/multipage">HTML</a> and <a
|
||
href="https://www.w3.org/Style/CSS/Overview.en.html">CSS</a>. You can
|
||
disable javascript, or use a browser which doesn’t have javascript
|
||
capability, and the user experience is unchanged. Lack of javascript
|
||
also rules out a large area of potential attack surface.</p>
|
||
<p>Another common concern is being able to keep instances running.
|
||
Instance abandonment creates a lot of disruption, and it’s often related
|
||
to the amount of effort that it takes to keep things going. To avoid the
|
||
maintenance burden becoming prohibitive, Epicyon is implemented in a
|
||
simple manner with very few dependencies and no database. All data is
|
||
just files in a directory, and upgrades are also straightforward. This
|
||
degree of simplicity runs counter to the current trend within the
|
||
software industry towards complex frameworks and large scale databases
|
||
with elaborate and rapidly evolving dependencies.</p>
|
||
<p>Epicyon also includes some lightweight organizing features, such as
|
||
calendar, events and sharing economy features.</p>
|
||
<h1 id="installation">Installation</h1>
|
||
<h2 id="prerequisites">Prerequisites</h2>
|
||
<p>You will need python version 3.7 or later.</p>
|
||
<p>On a Debian based system:</p>
|
||
<div class="sourceCode" id="cb1"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb1-1"><a href="#cb1-1" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> apt install <span class="at">-y</span> tor python3-socks imagemagick python3-setuptools python3-cryptography python3-dateutil python3-idna python3-requests python3-flake8 python3-django-timezone-field python3-pyqrcode python3-png python3-bandit libimage-exiftool-perl certbot nginx wget</span></code></pre></div>
|
||
<h2 id="source-code">Source code</h2>
|
||
<p>The following instructions install Epicyon to the
|
||
<strong>/opt</strong> directory. It’s not essential that it be installed
|
||
there, and it could be in any other preferred directory.</p>
|
||
<p>Clone the repo, or if you downloaded the tarball then extract it into
|
||
the <strong>/opt</strong> directory.</p>
|
||
<div class="sourceCode" id="cb2"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb2-1"><a href="#cb2-1" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> /opt</span>
|
||
<span id="cb2-2"><a href="#cb2-2" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> clone https://gitlab.com/bashrc2/epicyon</span></code></pre></div>
|
||
<h2 id="set-permissions">Set permissions</h2>
|
||
<p>Create a user for the server to run as:</p>
|
||
<div class="sourceCode" id="cb3"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb3-1"><a href="#cb3-1" aria-hidden="true" tabindex="-1"></a><span class="fu">sudo</span> su</span>
|
||
<span id="cb3-2"><a href="#cb3-2" aria-hidden="true" tabindex="-1"></a><span class="ex">adduser</span> <span class="at">--system</span> <span class="at">--home</span><span class="op">=</span>/opt/epicyon <span class="at">--group</span> epicyon</span>
|
||
<span id="cb3-3"><a href="#cb3-3" aria-hidden="true" tabindex="-1"></a><span class="fu">chown</span> <span class="at">-R</span> epicyon:epicyon /opt/epicyon</span></code></pre></div>
|
||
<h2 id="news-mirrors">News mirrors</h2>
|
||
<p>The content for RSS feed links can be downloaded and mirrored, so
|
||
that even if the original sources go offline the content remains
|
||
readable. Link the RSS/newswire mirrors with.</p>
|
||
<div class="sourceCode" id="cb4"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb4-1"><a href="#cb4-1" aria-hidden="true" tabindex="-1"></a><span class="fu">mkdir</span> /var/www/YOUR_DOMAIN</span>
|
||
<span id="cb4-2"><a href="#cb4-2" aria-hidden="true" tabindex="-1"></a><span class="fu">mkdir</span> <span class="at">-p</span> /opt/epicyon/accounts/newsmirror</span>
|
||
<span id="cb4-3"><a href="#cb4-3" aria-hidden="true" tabindex="-1"></a><span class="fu">ln</span> <span class="at">-s</span> /opt/epicyon/accounts/newsmirror /var/www/YOUR_DOMAIN/newsmirror</span></code></pre></div>
|
||
<h2 id="create-daemon">Create daemon</h2>
|
||
<p>Typically the server will run from a <em>systemd</em> daemon. It can
|
||
be set up as follows:</p>
|
||
<div class="sourceCode" id="cb5"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb5-1"><a href="#cb5-1" aria-hidden="true" tabindex="-1"></a><span class="fu">nano</span> /etc/systemd/system/epicyon.service</span></code></pre></div>
|
||
<p>Paste the following:</p>
|
||
<div class="sourceCode" id="cb6"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb6-1"><a href="#cb6-1" aria-hidden="true" tabindex="-1"></a><span class="ex">[Unit]</span></span>
|
||
<span id="cb6-2"><a href="#cb6-2" aria-hidden="true" tabindex="-1"></a><span class="va">Description</span><span class="op">=</span>epicyon</span>
|
||
<span id="cb6-3"><a href="#cb6-3" aria-hidden="true" tabindex="-1"></a><span class="va">After</span><span class="op">=</span>syslog.target</span>
|
||
<span id="cb6-4"><a href="#cb6-4" aria-hidden="true" tabindex="-1"></a><span class="va">After</span><span class="op">=</span>network.target</span>
|
||
<span id="cb6-5"><a href="#cb6-5" aria-hidden="true" tabindex="-1"></a></span>
|
||
<span id="cb6-6"><a href="#cb6-6" aria-hidden="true" tabindex="-1"></a><span class="ex">[Service]</span></span>
|
||
<span id="cb6-7"><a href="#cb6-7" aria-hidden="true" tabindex="-1"></a><span class="va">Type</span><span class="op">=</span>simple</span>
|
||
<span id="cb6-8"><a href="#cb6-8" aria-hidden="true" tabindex="-1"></a><span class="va">User</span><span class="op">=</span>epicyon</span>
|
||
<span id="cb6-9"><a href="#cb6-9" aria-hidden="true" tabindex="-1"></a><span class="va">Group</span><span class="op">=</span>epicyon</span>
|
||
<span id="cb6-10"><a href="#cb6-10" aria-hidden="true" tabindex="-1"></a><span class="va">WorkingDirectory</span><span class="op">=</span>/opt/epicyon</span>
|
||
<span id="cb6-11"><a href="#cb6-11" aria-hidden="true" tabindex="-1"></a><span class="va">ExecStart</span><span class="op">=</span>/usr/bin/python3 <span class="ex">/opt/epicyon/epicyon.py</span> <span class="at">--port</span> 443 <span class="at">--proxy</span> 7156 <span class="at">--domain</span> YOUR_DOMAIN <span class="at">--registration</span> open <span class="at">--debug</span> <span class="at">--log_login_failures</span></span>
|
||
<span id="cb6-12"><a href="#cb6-12" aria-hidden="true" tabindex="-1"></a><span class="va">Environment</span><span class="op">=</span>USER=epicyon</span>
|
||
<span id="cb6-13"><a href="#cb6-13" aria-hidden="true" tabindex="-1"></a><span class="va">Environment</span><span class="op">=</span>PYTHONUNBUFFERED=true</span>
|
||
<span id="cb6-14"><a href="#cb6-14" aria-hidden="true" tabindex="-1"></a><span class="va">Restart</span><span class="op">=</span>always</span>
|
||
<span id="cb6-15"><a href="#cb6-15" aria-hidden="true" tabindex="-1"></a><span class="va">StandardError</span><span class="op">=</span>syslog</span>
|
||
<span id="cb6-16"><a href="#cb6-16" aria-hidden="true" tabindex="-1"></a><span class="va">CPUQuota</span><span class="op">=</span>80%</span>
|
||
<span id="cb6-17"><a href="#cb6-17" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectHome</span><span class="op">=</span>true</span>
|
||
<span id="cb6-18"><a href="#cb6-18" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectKernelTunables</span><span class="op">=</span>true</span>
|
||
<span id="cb6-19"><a href="#cb6-19" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectKernelModules</span><span class="op">=</span>true</span>
|
||
<span id="cb6-20"><a href="#cb6-20" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectControlGroups</span><span class="op">=</span>true</span>
|
||
<span id="cb6-21"><a href="#cb6-21" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectKernelLogs</span><span class="op">=</span>true</span>
|
||
<span id="cb6-22"><a href="#cb6-22" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectHostname</span><span class="op">=</span>true</span>
|
||
<span id="cb6-23"><a href="#cb6-23" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectClock</span><span class="op">=</span>true</span>
|
||
<span id="cb6-24"><a href="#cb6-24" aria-hidden="true" tabindex="-1"></a><span class="va">ProtectProc</span><span class="op">=</span>invisible</span>
|
||
<span id="cb6-25"><a href="#cb6-25" aria-hidden="true" tabindex="-1"></a><span class="va">ProcSubset</span><span class="op">=</span>pid</span>
|
||
<span id="cb6-26"><a href="#cb6-26" aria-hidden="true" tabindex="-1"></a><span class="va">PrivateTmp</span><span class="op">=</span>true</span>
|
||
<span id="cb6-27"><a href="#cb6-27" aria-hidden="true" tabindex="-1"></a><span class="va">PrivateUsers</span><span class="op">=</span>true</span>
|
||
<span id="cb6-28"><a href="#cb6-28" aria-hidden="true" tabindex="-1"></a><span class="va">PrivateDevices</span><span class="op">=</span>true</span>
|
||
<span id="cb6-29"><a href="#cb6-29" aria-hidden="true" tabindex="-1"></a><span class="va">PrivateIPC</span><span class="op">=</span>true</span>
|
||
<span id="cb6-30"><a href="#cb6-30" aria-hidden="true" tabindex="-1"></a><span class="va">MemoryDenyWriteExecute</span><span class="op">=</span>true</span>
|
||
<span id="cb6-31"><a href="#cb6-31" aria-hidden="true" tabindex="-1"></a><span class="va">NoNewPrivileges</span><span class="op">=</span>true</span>
|
||
<span id="cb6-32"><a href="#cb6-32" aria-hidden="true" tabindex="-1"></a><span class="va">LockPersonality</span><span class="op">=</span>true</span>
|
||
<span id="cb6-33"><a href="#cb6-33" aria-hidden="true" tabindex="-1"></a><span class="va">RestrictRealtime</span><span class="op">=</span>true</span>
|
||
<span id="cb6-34"><a href="#cb6-34" aria-hidden="true" tabindex="-1"></a><span class="va">RestrictSUIDSGID</span><span class="op">=</span>true</span>
|
||
<span id="cb6-35"><a href="#cb6-35" aria-hidden="true" tabindex="-1"></a><span class="va">RestrictNamespaces</span><span class="op">=</span>true</span>
|
||
<span id="cb6-36"><a href="#cb6-36" aria-hidden="true" tabindex="-1"></a><span class="va">SystemCallArchitectures</span><span class="op">=</span>native</span>
|
||
<span id="cb6-37"><a href="#cb6-37" aria-hidden="true" tabindex="-1"></a></span>
|
||
<span id="cb6-38"><a href="#cb6-38" aria-hidden="true" tabindex="-1"></a><span class="ex">[Install]</span></span>
|
||
<span id="cb6-39"><a href="#cb6-39" aria-hidden="true" tabindex="-1"></a><span class="va">WantedBy</span><span class="op">=</span>multi-user.target</span></code></pre></div>
|
||
<p>Activate the daemon:</p>
|
||
<div class="sourceCode" id="cb7"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb7-1"><a href="#cb7-1" aria-hidden="true" tabindex="-1"></a><span class="ex">systemctl</span> enable epicyon</span>
|
||
<span id="cb7-2"><a href="#cb7-2" aria-hidden="true" tabindex="-1"></a><span class="ex">systemctl</span> start epicyon</span></code></pre></div>
|
||
<h2 id="web-server-setup">Web server setup</h2>
|
||
<p>Create a web server configuration.</p>
|
||
<div class="sourceCode" id="cb8"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb8-1"><a href="#cb8-1" aria-hidden="true" tabindex="-1"></a><span class="fu">nano</span> /etc/nginx/sites-available/YOUR_DOMAIN</span></code></pre></div>
|
||
<p>And paste the following:</p>
|
||
<pre class="nginx"><code>server {
|
||
listen 80;
|
||
listen [::]:80;
|
||
server_name YOUR_DOMAIN;
|
||
access_log /dev/null;
|
||
error_log /dev/null;
|
||
client_max_body_size 31m;
|
||
client_body_buffer_size 128k;
|
||
|
||
limit_conn conn_limit_per_ip 10;
|
||
limit_req zone=req_limit_per_ip burst=10 nodelay;
|
||
|
||
index index.html;
|
||
rewrite ^ https://$server_name$request_uri? permanent;
|
||
}
|
||
|
||
server {
|
||
listen 443 ssl;
|
||
server_name YOUR_DOMAIN;
|
||
|
||
gzip on;
|
||
gzip_disable "msie6";
|
||
gzip_vary on;
|
||
gzip_proxied any;
|
||
gzip_min_length 1024;
|
||
gzip_comp_level 6;
|
||
gzip_buffers 16 8k;
|
||
gzip_http_version 1.1;
|
||
gzip_types text/plain text/css text/vcard text/vcard+xml application/json application/ld+json application/javascript text/xml application/xml application/rdf+xml application/xml+rss text/javascript;
|
||
|
||
ssl_stapling off;
|
||
ssl_stapling_verify off;
|
||
ssl on;
|
||
ssl_certificate /etc/letsencrypt/live/YOUR_DOMAIN/fullchain.pem;
|
||
ssl_certificate_key /etc/letsencrypt/live/YOUR_DOMAIN/privkey.pem;
|
||
#ssl_dhparam /etc/ssl/certs/YOUR_DOMAIN.dhparam;
|
||
|
||
ssl_protocols TLSv1.2 TLSv1.3;
|
||
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
|
||
ssl_prefer_server_ciphers on;
|
||
ssl_session_cache shared:SSL:10m;
|
||
ssl_session_tickets off;
|
||
|
||
add_header Content-Security-Policy "default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'";
|
||
add_header X-Frame-Options DENY;
|
||
add_header X-Content-Type-Options nosniff;
|
||
add_header X-XSS-Protection "1; mode=block";
|
||
add_header X-Download-Options noopen;
|
||
add_header X-Permitted-Cross-Domain-Policies none;
|
||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
|
||
|
||
access_log /dev/null;
|
||
error_log /dev/null;
|
||
|
||
index index.html;
|
||
|
||
location /newsmirror {
|
||
root /var/www/YOUR_DOMAIN;
|
||
try_files $uri =404;
|
||
}
|
||
|
||
keepalive_timeout 70;
|
||
sendfile on;
|
||
|
||
location / {
|
||
proxy_http_version 1.1;
|
||
client_max_body_size 31M;
|
||
proxy_set_header Host $http_host;
|
||
proxy_set_header X-Real-IP $remote_addr;
|
||
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
|
||
proxy_set_header X-Forward-Proto http;
|
||
proxy_set_header X-Nginx-Proxy true;
|
||
proxy_temp_file_write_size 64k;
|
||
proxy_connect_timeout 10080s;
|
||
proxy_send_timeout 10080;
|
||
proxy_read_timeout 10080;
|
||
proxy_buffer_size 64k;
|
||
proxy_buffers 16 32k;
|
||
proxy_busy_buffers_size 64k;
|
||
proxy_redirect off;
|
||
proxy_request_buffering off;
|
||
proxy_buffering off;
|
||
proxy_pass http://localhost:7156;
|
||
tcp_nodelay on;
|
||
}
|
||
}</code></pre>
|
||
<p>Enable the site:</p>
|
||
<div class="sourceCode" id="cb10"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb10-1"><a href="#cb10-1" aria-hidden="true" tabindex="-1"></a><span class="fu">ln</span> <span class="at">-s</span> /etc/nginx/sites-available/YOUR_DOMAIN /etc/nginx/sites-enabled/</span></code></pre></div>
|
||
<h2 id="on-your-internet-router">On your internet router</h2>
|
||
<p>Forward port 443 from your internet router to your server. If you
|
||
have dynamic DNS make sure its configured.</p>
|
||
<h2 id="obtain-a-tls-certificate">Obtain a TLS certificate</h2>
|
||
<div class="sourceCode" id="cb11"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb11-1"><a href="#cb11-1" aria-hidden="true" tabindex="-1"></a><span class="ex">systemctl</span> stop nginx</span>
|
||
<span id="cb11-2"><a href="#cb11-2" aria-hidden="true" tabindex="-1"></a><span class="ex">certbot</span> certonly <span class="at">-n</span> <span class="at">--server</span> https://acme-v02.api.letsencrypt.org/directory <span class="at">--standalone</span> <span class="at">-d</span> YOUR_DOMAIN <span class="at">--renew-by-default</span> <span class="at">--agree-tos</span> <span class="at">--email</span> YOUR_EMAIL</span>
|
||
<span id="cb11-3"><a href="#cb11-3" aria-hidden="true" tabindex="-1"></a><span class="ex">systemctl</span> start nginx</span></code></pre></div>
|
||
<h2 id="restart-the-web-server">Restart the web server</h2>
|
||
<div class="sourceCode" id="cb12"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb12-1"><a href="#cb12-1" aria-hidden="true" tabindex="-1"></a><span class="ex">systemctl</span> restart nginx</span></code></pre></div>
|
||
<p>If you need to use <a href="https://www.fail2ban.org">fail2ban</a>
|
||
then failed login attempts can be found in
|
||
<strong>accounts/loginfailures.log</strong>.</p>
|
||
<p>If you are using the <a href="https://caddyserver.com">Caddy web
|
||
server</a> then see <a
|
||
href="https://code.libreserver.org/bashrc/epicyon/raw/main/caddy.example.conf">caddy.example.conf</a>.</p>
|
||
<p>Now you can navigate to your domain and register an account. The
|
||
first account becomes the administrator.</p>
|
||
<h2 id="configuring-notifications">Configuring notifications</h2>
|
||
<p>Since Epicyon does not use javascript there are no notifications in
|
||
the browser. However, you can receive notifications via email, XMPP, <a
|
||
href="https://matrix.org">Matrix</a> or <a
|
||
href="https://ntfy.sh">ntfy</a>.</p>
|
||
<p>Copy the notifications script:</p>
|
||
<div class="sourceCode" id="cb13"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb13-1"><a href="#cb13-1" aria-hidden="true" tabindex="-1"></a><span class="fu">cp</span> /opt/epicyon/scripts/epicyon-notification /usr/local/bin/epicyon-notification</span>
|
||
<span id="cb13-2"><a href="#cb13-2" aria-hidden="true" tabindex="-1"></a><span class="fu">chmod</span> +x /usr/local/bin/epicyon-notification</span></code></pre></div>
|
||
<p>If you are using email for notifications and it is a single user
|
||
instance then you might want to edit <em>MY_EMAIL_ADDRESS</em> within
|
||
<em>/usr/local/bin/epicyon-notification</em>.</p>
|
||
<p>Then add the following to <em>/etc/crontab</em>.</p>
|
||
<div class="sourceCode" id="cb14"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb14-1"><a href="#cb14-1" aria-hidden="true" tabindex="-1"></a><span class="co"># */1 * * * * root /usr/local/bin/epicyon-notification</span></span></code></pre></div>
|
||
<h2 id="installing-on-onion-or-i2p-domains">Installing on Onion or i2p
|
||
domains</h2>
|
||
<p>If you don’t have access to the clearnet, or prefer to avoid it, then
|
||
it’s possible to run an Epicyon instance easily from your laptop. There
|
||
are scripts within the <em>deploy</em> directory which can be used to
|
||
install an instance on a Debian or Arch/Parabola operating system. With
|
||
some modification of package names they could be also used with other
|
||
distros.</p>
|
||
<p>Please be aware that such installations will not federate with
|
||
ordinary fediverse instances on the clearnet, unless those instances
|
||
have been specially modified to do so. But onion instances will federate
|
||
with other onion instances and i2p instances with other i2p
|
||
instances.</p>
|
||
<h1 id="upgrading">Upgrading</h1>
|
||
<p>Unlike some other instance types, Epicyon is really easy to upgrade.
|
||
It only requires a git pull to obtain the changes from the upstream
|
||
repo, then set permissions and restart the daemon.</p>
|
||
<div class="sourceCode" id="cb15"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb15-1"><a href="#cb15-1" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> /opt/epicyon</span>
|
||
<span id="cb15-2"><a href="#cb15-2" aria-hidden="true" tabindex="-1"></a><span class="fu">git</span> pull</span>
|
||
<span id="cb15-3"><a href="#cb15-3" aria-hidden="true" tabindex="-1"></a><span class="fu">chown</span> <span class="at">-R</span> epicyon:epicyon <span class="pp">*</span></span>
|
||
<span id="cb15-4"><a href="#cb15-4" aria-hidden="true" tabindex="-1"></a><span class="ex">systemctl</span> restart epicyon</span></code></pre></div>
|
||
<h1 id="housekeeping">Housekeeping</h1>
|
||
<p>To avoid running out of disk space you will want to clear down old
|
||
inbox posts. Posts from your instance outboxes will be unaffected.</p>
|
||
<p>Create an archive script
|
||
<strong>/usr/bin/epicyon-archive</strong>:</p>
|
||
<div class="sourceCode" id="cb16"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb16-1"><a href="#cb16-1" aria-hidden="true" tabindex="-1"></a><span class="co">#!/bin/bash</span></span>
|
||
<span id="cb16-2"><a href="#cb16-2" aria-hidden="true" tabindex="-1"></a><span class="bu">cd</span> /opt/epicyon <span class="kw">||</span> <span class="bu">exit</span> 0</span>
|
||
<span id="cb16-3"><a href="#cb16-3" aria-hidden="true" tabindex="-1"></a><span class="ex">/usr/bin/python3</span> epicyon.py <span class="at">--archive</span> none <span class="at">--archiveweeks</span> 4 <span class="at">--maxposts</span> 32000</span></code></pre></div>
|
||
<p>You can adjust the maximum number of weeks and the maximum number of
|
||
inbox posts as needed. Then add it as a cron entry.</p>
|
||
<div class="sourceCode" id="cb17"><pre
|
||
class="sourceCode bash"><code class="sourceCode bash"><span id="cb17-1"><a href="#cb17-1" aria-hidden="true" tabindex="-1"></a><span class="bu">echo</span> <span class="st">"*/60 * * * * root /usr/bin/epicyon-archive"</span> <span class="op">>></span> /etc/crontab</span></code></pre></div>
|
||
<h1 id="registering-accounts">Registering accounts</h1>
|
||
<p>You will notice that within the systemd daemon the
|
||
<em>registration</em> option is set to <em>open</em>. In a browser if
|
||
you navigate to the URL of your instance then you should see a
|
||
<em>Register</em> button. The first account to register becomes the
|
||
administrator.</p>
|
||
<p>To avoid spam signups, or overloading the system, there is a maximum
|
||
number of accounts for the instance which by default is set to 10.</p>
|
||
<h1 id="the-importance-of-good-defaults">The importance of good
|
||
defaults</h1>
|
||
<p>Many social network systems have bad defaults, and that is for the
|
||
purpose of maximizing the number of users and their level of engagement.
|
||
Bad defaults usually create a combination of <em>addiction patterns</em>
|
||
and <em>involuntary oversharing</em> and hence a viral network effect of
|
||
escalating outrage and dependency. On small fediverse servers we can
|
||
avoid having bad defaults, because there is no profit motive or drive
|
||
for massive notoriety.</p>
|
||
<p>Good defaults tend to be a little more private and avoid the
|
||
addiction to making numbers go up or achieving <em>notoriety at any
|
||
social cost</em>. This puts fediverse instances like Epicyon at a slight
|
||
disadvantage compared to ruthlessly commercial systems, but it’s an
|
||
explicit trade-off in order to minimize the harms which can arise within
|
||
social networks. So you won’t find any high scores tables or trending
|
||
items.</p>
|
||
<h1 id="logging-in">Logging in</h1>
|
||
<p>In a browser if you navigate to the URL of your instance and enter
|
||
the username and password that you previously registered. The first time
|
||
that you log in it will show a series of introduction screens which
|
||
prompt you to add a profile picture, name and bio description.</p>
|
||
<figure>
|
||
<img src="manual-login.png" alt="Login screen" />
|
||
<figcaption aria-hidden="true">Login screen</figcaption>
|
||
</figure>
|
||
<h1 id="account-profiles">Account Profiles</h1>
|
||
<h2 id="initial-setup">Initial setup</h2>
|
||
<p>When you first register an account on the instance the first thing
|
||
that you may want to do is to add more profile details and change your
|
||
preferences. From the main timeline screen select the top banner to move
|
||
to your profile and then select the edit button, which usually looks
|
||
like a pen and is adjacent to the logout icon.</p>
|
||
<p><img src="manual-profile.jpg" alt="Profile screen" /> <img
|
||
src="manual-edit-button.png" alt="Profile edit button" /></p>
|
||
<h2 id="basic-details">Basic details</h2>
|
||
<figure>
|
||
<img src="manual-basic-details.png" alt="Profile basic details" />
|
||
<figcaption aria-hidden="true">Profile basic details</figcaption>
|
||
</figure>
|
||
<h3 id="describe-yourself">Describe yourself</h3>
|
||
<p>Add an appropriate description of youself, which doesn’t resemble the
|
||
type of thing which would appear on a spam account. When other fediverse
|
||
users are judging a follow request from you they will want to know that
|
||
you are a real person and not a spammer or troll.</p>
|
||
<h3 id="other-fediverse-accounts">Other fediverse accounts</h3>
|
||
<p>If you have any other fediverse accounts on different instances then
|
||
you might want to add URLs for those. You can set the languages which
|
||
you can read, as <a href="https://en.wikipedia.org/wiki/ISO_639-1">two
|
||
letter abbreviations</a>. This helps to avoid having posts from other
|
||
people within your timeline which you can’t read.</p>
|
||
<h3 id="expiring-posts">Expiring posts</h3>
|
||
<p>You can set your posts to expire after a number of days. If this
|
||
value is zero then the instance will keep your posts indefinitely.</p>
|
||
<h3 id="quitting-twitter">Quitting Twitter</h3>
|
||
<p>If you are coming to the fediverse as an exile from Twitter then you
|
||
may want to select the option to remove any Twitter posts from your
|
||
timeline. Sometimes people want to make a clean break from Twitter and
|
||
have no further involvement with it.</p>
|
||
<h3 id="alternative-contact-details">Alternative contact details</h3>
|
||
<p>You can set additional contact details, such as email, XMPP and
|
||
Matrix addresses. So if people want to contact you for private <a
|
||
href="https://en.wikipedia.org/wiki/End-to-end_encryption">end-to-end
|
||
secure</a> chat then they can do so. The fediverse was never designed
|
||
for end-to-end security - it is primarily for public communications -
|
||
and so it’s better to leave secure private chat to the apps which are
|
||
specialized for that purpose.</p>
|
||
<h3 id="filtering-and-blocking">Filtering and blocking</h3>
|
||
<p>If you want to block particular fediverse accounts or instances then
|
||
you can enter those in the <em>blocked account</em> section. There
|
||
should be one account per line.</p>
|
||
<h3 id="geolocation-spoofing">Geolocation spoofing</h3>
|
||
<p>Within the <em>filtering and blocking</em> section you can also set a
|
||
city which will be used for geolocation spoofing. When you post a photo,
|
||
instead of removing all metadata spoofed metadata will be added in order
|
||
to consistently fool the machine learning systems behind web crawlers or
|
||
scrapers, and create a <a
|
||
href="https://en.wikipedia.org/wiki/Confirmation_bias">confirmation
|
||
bias</a> effect where the surveillance systems become increasingly
|
||
confident in an erroneous conclusion. Setting a city somewhere near to
|
||
your <a href="https://en.wikipedia.org/wiki/Time_zone">time zone</a> is
|
||
preferable, so that it matches your typical pattern of daily posting
|
||
activity without giving away your real location.</p>
|
||
<h3 id="verifying-your-website-or-blog">Verifying your website or
|
||
blog</h3>
|
||
<p>It is possible to indicate that a website of blog belongs to you by
|
||
linking it to your profile screen. Within the <em>head</em> html section
|
||
of your website or blog index page include a line similar to:</p>
|
||
<div class="sourceCode" id="cb18"><pre
|
||
class="sourceCode html"><code class="sourceCode html"><span id="cb18-1"><a href="#cb18-1" aria-hidden="true" tabindex="-1"></a><span class="kw"><link</span> <span class="er">rel</span><span class="ot">=</span><span class="st">"me"</span> <span class="er">href</span><span class="ot">=</span><span class="st">"https://YourEpicyonDomain/@YourNickname"</span> <span class="kw">/></span></span></code></pre></div>
|
||
<p>If you edit and then publish your profile, with the <em>website</em>
|
||
and/or <em>blog</em> fields completed then if the above link is found
|
||
your sites will be indicated to be verified on your profile screen. When
|
||
verified they will appear in green with a tick.</p>
|
||
<figure>
|
||
<img src="manual-verified-website.jpg"
|
||
alt="Profile screen showing verified website" />
|
||
<figcaption aria-hidden="true">Profile screen showing verified
|
||
website</figcaption>
|
||
</figure>
|
||
<h2 id="roles">Roles</h2>
|
||
<p>If you are the administrator then within your profile settings you
|
||
can also specify roles for other accounts on the instance. A small
|
||
instance is like a ship with the roles being crew positions, and all
|
||
members of the crew need to work together to keep the ship afloat. The
|
||
current roles are:</p>
|
||
<h3 id="moderator">Moderator</h3>
|
||
<p>Is allowed to remove posts and deal with moderation reports.</p>
|
||
<h3 id="editor">Editor</h3>
|
||
<p>Editors can change the links in the left column and the RSS feeds
|
||
within the right newswire column.</p>
|
||
<h3 id="artist">Artist</h3>
|
||
<p>Artists can change the colors and style of the web interface, using
|
||
the <em>theme designer</em>.</p>
|
||
<h3 id="counselor">Counselor</h3>
|
||
<p>A <em>counselor</em> is someone tasked with resolving disputes
|
||
between users of the instance. They are permitted to send DMs to any
|
||
user account on the instance. Obviously, this type of power can be
|
||
abused and so the administrator should choose counselors with care.</p>
|
||
<h3 id="devop">Devop</h3>
|
||
<p>Devops are permitted to perform some routine administration
|
||
functions, such as monitoring instance performance graphs.</p>
|
||
<h1 id="following">Following</h1>
|
||
<p>On the main timeline screen at the top right of the centre column
|
||
there is a search icon which looks like a magnifying glass. By
|
||
convention within the fediverse the search function is also the way to
|
||
look up and follow other people. Enter the handle (<span
|
||
class="citation" data-cites="name">@name</span><span class="citation"
|
||
data-cites="domain">@domain</span>) or URL of the profile page for the
|
||
person that you want to follow and select <em>search</em>. If the
|
||
account is found then its details will appear and you can choose to
|
||
follow or not.</p>
|
||
<p><img src="manual-search-following.jpg"
|
||
alt="Following people via search" /> <img src="manual-following.jpg"
|
||
alt="Following search result" /></p>
|
||
<p>Once you are following someone then selecting their profile picture
|
||
and then the <em>unfollow</em> button will remove the follow.</p>
|
||
<h1 id="creating-posts">Creating posts</h1>
|
||
<p>To make a new post from the main timeline screen select the <em>new
|
||
post</em> icon at the top right of the centre column.</p>
|
||
<figure>
|
||
<img src="manual-new-post.png" alt="New post screen" />
|
||
<figcaption aria-hidden="true">New post screen</figcaption>
|
||
</figure>
|
||
<p>The format of the post should be plain text, without any html markup.
|
||
Any URLs will be automatically linked, and you can use hashtags and
|
||
emoji. Emojis can be added via their name with colon characters before
|
||
and after.</p>
|
||
<h2 id="post-scopes">Post scopes</h2>
|
||
<p>Posts can have different scopes which provide some amount of privacy,
|
||
or particular functions. To change the scope select the current one and
|
||
a dropdown list will appear.</p>
|
||
<h3 id="public">Public</h3>
|
||
<p>Is visible to anyone in the fediverse. May also be visible outside of
|
||
the fediverse to anyone with an appropriate link.</p>
|
||
<h3 id="blog">Blog</h3>
|
||
<p>Used to create a blog post. Blog posts are typically longer than
|
||
other types of post, and are also publicly visible to anyone on the
|
||
web.</p>
|
||
<p>At the top of the <em>links</em> column on the main timeline screen
|
||
there is an icon to show an RSS feed for your blog entries.</p>
|
||
<h3 id="unlisted">Unlisted</h3>
|
||
<p>Similar to a public post, but will not appear as a recent post within
|
||
your profile. Unlisted posts can add a little more privacy to a
|
||
conversation in that it will not be immediately obvious to casual
|
||
observers. Often in practice this is all that’s needed to avoid trolls
|
||
or unwanted attention.</p>
|
||
<h3 id="followers">Followers</h3>
|
||
<p>A <em>followers only</em> post will only be visible to people who are
|
||
following you. They will not be visible to people who are not your
|
||
followers, or to other observers on the web.</p>
|
||
<p>A subtlety of this type of post is that people have different
|
||
followers, so if you send to your followers and they send a reply to
|
||
their followers then your post or references to it may end up with
|
||
people who are not your followers.</p>
|
||
<h3 id="dm">DM</h3>
|
||
<p>Direct messages are only send to specific people, designated by their
|
||
fediverse handles (<span class="citation"
|
||
data-cites="name">@name</span><span class="citation"
|
||
data-cites="domain">@domain</span>).</p>
|
||
<h3 id="reminder">Reminder</h3>
|
||
<p>A reminder is a direct message to yourself at some time in the
|
||
future. It will appear on your calendar.</p>
|
||
<h3 id="report">Report</h3>
|
||
<p>A report is a type of post which is sent to moderators on your
|
||
instance, to alert them about some problem. It is not sent to any other
|
||
instance.</p>
|
||
<h3 id="shares">Shares</h3>
|
||
<p>A <em>shared item</em> post describes a physical object or service
|
||
which may be shared by people on your instance. Shared items may also be
|
||
visible to people on specific named instances if that has been set up by
|
||
the administrator.</p>
|
||
<h3 id="wanted">Wanted</h3>
|
||
<p>A <em>wanted item</em> is a physical object or service which you
|
||
want. These posts will be visible to other people on your instance and
|
||
also to people on specific named instances if that has been set up by
|
||
the administrator.</p>
|
||
<h2 id="attachments">Attachments</h2>
|
||
<p>Attachments can use a variety of formats.</p>
|
||
<ul>
|
||
<li>Images: <em>jpg, jpeg, gif, webp, avif, svg, ico, jxl, png</em></li>
|
||
<li>Audio: <em>mp3, ogg, flac, opus, speex, wav</em></li>
|
||
<li>Video: <em>mp4, webm, ogv</em></li>
|
||
</ul>
|
||
<figure>
|
||
<img src="manual-attachments.png" alt="New post attachments" />
|
||
<figcaption aria-hidden="true">New post attachments</figcaption>
|
||
</figure>
|
||
<p>Attachments should be as small as possible in terms of file size.
|
||
Videos should be no more than 20 seconds in length. Epicyon is not
|
||
suitable for hosting lengthy or high resolution videos, although
|
||
podcasts might be feasible.</p>
|
||
<h2 id="events">Events</h2>
|
||
<p>You can specify a date, time and location for the post. If a date is
|
||
set then the post will appear as an event on the calendar of recipients.
|
||
This makes it easy for people to organize events without needing to
|
||
explicitly manage calendars. <img src="manual-date-time.png"
|
||
alt="New post event" /></p>
|
||
<h2 id="maps">Maps</h2>
|
||
<p>The location field on a post can be a description, but it can also be
|
||
a map geolocation. To add a geolocation go to <a
|
||
href="https://www.openstreetmap.org">openstreetmap.org</a>, find your
|
||
location and copy and paste the URL into the location field of your new
|
||
post.</p>
|
||
<p>Selecting the <em>location</em> header will open the last known
|
||
geolocation, so if your current location is near this makes it quicker
|
||
to find.</p>
|
||
<h1 id="the-timeline">The Timeline</h1>
|
||
<h2 id="layout">Layout</h2>
|
||
<figure>
|
||
<img src="manual-layout.png" alt="Layout" />
|
||
<figcaption aria-hidden="true">Layout</figcaption>
|
||
</figure>
|
||
<p>On a desktop system the main timeline screen has a multi-column
|
||
layout. The main content containing posts is in the centre. To the left
|
||
is a column containing useful web links. To the right is the newswire
|
||
containing links from RSS feeds.</p>
|
||
<p>At the top right of the centre column there are a few icons known as
|
||
<em>action buttons</em>, for show/hide, calendar, search and creating a
|
||
new post.</p>
|
||
<p>On mobile screens there is a single column layout, and the
|
||
<em>links</em> and <em>newswire</em> column content is available via
|
||
action buttons.</p>
|
||
<p>Different timelines are listed at the top - inbox, DM, replies,
|
||
outbox, etc - and more can be shown by selecting the <em>show/hide</em>
|
||
icon.</p>
|
||
<h2 id="navigation">Navigation</h2>
|
||
<p>As a general principle of navigation selecting the top banner always
|
||
takes you back to the previous screen, or if you are on the main
|
||
timeline screen then it will alternate with your profile.</p>
|
||
<p>At the bottom of the timeline there will usually be an arrow icon to
|
||
go to the next page, and a list of page numbers. You can also move
|
||
between pages using key shortcuts <strong>ALT+SHIFT+></strong> and
|
||
<strong>ALT+SHIFT+<</strong>. Key shortcuts exist for most navigation
|
||
events, and you can customise them by selecting the <em>key
|
||
shortcuts</em> link at the bottom of the left column.</p>
|
||
<figure>
|
||
<img src="manual-shortcuts.png" alt="Keyboard shortcuts screen" />
|
||
<figcaption aria-hidden="true">Keyboard shortcuts screen</figcaption>
|
||
</figure>
|
||
<h1 id="calendar">Calendar</h1>
|
||
<p>The calendar is not yet a standardized feature of the fediverse as a
|
||
whole, but has existed in Friendica and Zot instances for a long time.
|
||
Being able to attach a date and time to a post and then have it appear
|
||
on your calendar and perhaps also the calendars of your followers is
|
||
quite useful for organizing things with minimum effort. Until such time
|
||
as federated calendar functionality becomes more standardized this may
|
||
only work between Epicyon instances.</p>
|
||
<p>Calendar events are really just ordinary posts with a date, time and
|
||
perhaps also a location attached to them. Posts with <em>Public</em>
|
||
scope which have a date and time will appear on the calendars of your
|
||
followers, unless they have opted out of receiving calendar events from
|
||
you.</p>
|
||
<figure>
|
||
<img src="manual-calendar.png" alt="Calendar screen" />
|
||
<figcaption aria-hidden="true">Calendar screen</figcaption>
|
||
</figure>
|
||
<p><em>Reminder</em> is a special type of calendar post, which is really
|
||
just a direct message to yourself in the future.</p>
|
||
<p>To create a calendar post from the main timeline, select the
|
||
<strong>New post</strong> icon, then use the dropdown menu to select the
|
||
scope of your post. Give your event a description and add a date and
|
||
time. If you add a location this can either be a description or a
|
||
geolocation link, such as a link to <a
|
||
href="https://openstreetmap.org">openstreetmap</a>.</p>
|
||
<p>Selecting the calendar icon from the main timeline will display your
|
||
calendar events. It is possible to export them using the
|
||
<strong>iCalendar</strong> icon at the bottom right to the screen.
|
||
Calendar events are also available via <a
|
||
href="https://en.wikipedia.org/wiki/CalDAV">CalDav</a> using the URL
|
||
https://yourdomain/calendars/yournickname</p>
|
||
<h1 id="side-columns">Side columns</h1>
|
||
<p><img src="manual-side-columns.png" alt="Timeline side columns" /> The
|
||
links within the side columns are global to the instance, and only users
|
||
having the <em>editor</em> role can change them. Since the number of
|
||
accounts on the instance is expected to be small these links provide a
|
||
common point of reference.</p>
|
||
<p>This multi-column layout is inspired by the appearance of early blogs
|
||
or the original <em>Indymedia</em>, which in turn was inspired by the
|
||
appearance of monastic texts in which you would see comments in the
|
||
margins in line with the main text. So you can be reading posts from
|
||
friends but also keeping an eye on the news from RSS/Atom feeds at the
|
||
same time.</p>
|
||
<h2 id="links">Links</h2>
|
||
<p>Web links within the left column are intended to be generally useful
|
||
or of interest to the users of the instance. They are similar to a
|
||
blogroll. If you have the <em>editor</em> role there is an edit button
|
||
at the top of the left column which can be used to add or remove links.
|
||
Headers can also be added to group links into logical sections. For
|
||
example:</p>
|
||
<pre class="text"><code>* Search
|
||
|
||
Code search https://beta.sayhello.so
|
||
Wiby https://wiby.me/
|
||
|
||
* Links
|
||
|
||
16colors https://16colo.rs
|
||
Dotshareit http://dotshare.it</code></pre>
|
||
<h2 id="newswire">Newswire</h2>
|
||
<p>The right column is the newswire column. It contains a list of links
|
||
generated from RSS/Atom feeds.</p>
|
||
<p><a href="https://en.wikipedia.org/wiki/RSS">RSS</a> is a much
|
||
maligned protocol. It’s simple, and an excellent way to read news in a
|
||
manner that’s convenient for you. The main reason for its downfall is
|
||
that it’s difficult to implement <a
|
||
href="https://en.wikipedia.org/wiki/Surveillance_capitalism">targeted
|
||
advertising</a> - the dominant business model of the web - within RSS.
|
||
It’s hard to spy on anyone using an RSS feed. So if we want the web to
|
||
improve then supporting RSS ought to be a priority.</p>
|
||
<p>If you have the <em>editor</em> role then an edit icon will appear at
|
||
the top of the right column, and the edit screen then allows you to add
|
||
or remove feeds.</p>
|
||
<h3 id="moderated-feeds">Moderated feeds</h3>
|
||
<p>Feeds can be either <em>moderated</em> or not. Moderated feed items
|
||
must be approved by a moderator before then can appear in the newswire
|
||
column and be visible to other users on the instance. To indicate that a
|
||
feed should be moderated prefix its URL with a star character.</p>
|
||
<h3 id="mirrored-feeds">Mirrored feeds</h3>
|
||
<p>Newswire items can also be mirrored. This means that instead of
|
||
newswire items being links back to the original source article a copy
|
||
will be made of the article locally on your server. Mirroring can be
|
||
useful if the site of the RSS/Atom feed is unreliable or likely to go
|
||
offline (such as solar powered systems only online during daylight
|
||
hours). When deciding whether to mirror a feed you will also want to
|
||
consider the copyright status of the content being mirrored, and whether
|
||
legal problems could arise. To indicate that a feed should be mirrored
|
||
prefix its URL with an exclamation mark ! character.</p>
|
||
<h3 id="filters-and-warnings">Filters and warnings</h3>
|
||
<p>On this screen you can also set filtered words and dogwhistle content
|
||
warnings for the instance. Filtered words should be on separate lines,
|
||
and dogwhistle words can be added in the format:</p>
|
||
<pre class="text"><code>dogwhistleword -> content warning to be added
|
||
dogwhistle phrase -> content warning to be added
|
||
DogwhistleWordPrefix* -> content warning to be added
|
||
*DogwhistleWordEnding -> content warning to be added</code></pre>
|
||
<h3 id="newswire-tagging-rules">Newswire tagging rules</h3>
|
||
<p>As news arrives via RSS or Atom feeds it can be processed to add or
|
||
remove hashtags, in accordance to some rules which you can define.</p>
|
||
<p>On the newswire edit screen, available to accounts having the
|
||
<em>moderator</em> role, you can define the news processing rules. There
|
||
is one rule per line.</p>
|
||
<p><strong>Syntax:</strong> <em>if [conditions] then [action]</em></p>
|
||
<p><strong>Logical Operators:</strong> <em>not, and, or, xor, from,
|
||
contains</em></p>
|
||
<p>A simple example is:</p>
|
||
<pre class="test"><code>if moderated and not #oxfordimc then block</code></pre>
|
||
<p>For moderated feeds this will only allow items through if they have
|
||
the <strong>#oxfordimc</strong> hashtag.</p>
|
||
<p>If you want to add hashtags an example is:</p>
|
||
<pre class="test"><code>if contains "garden" or contains "lawn" then add #gardening</code></pre>
|
||
<p>So if incoming news contains the word “garden” either in its title or
|
||
description then it will automatically be assigned the hashtag
|
||
<strong>#gardening</strong>. You can also add hashtags based upon other
|
||
hashtags.</p>
|
||
<pre class="test"><code>if #garden or #lawn then add #gardening</code></pre>
|
||
<p>You can also remove hashtags.</p>
|
||
<pre class="test"><code>if #garden or #lawn then remove #gardening</code></pre>
|
||
<p>Which will remove <strong>#gardening</strong> if it exists as a
|
||
hashtag within the news post.</p>
|
||
<p>You can add tags based upon the RSS link, such as:</p>
|
||
<pre class="test"><code>if from "mycatsite.com" then add #cats</code></pre>
|
||
<h1 id="media-timeline">Media timeline</h1>
|
||
<p>Selecting the <em>show/hide</em> icon from the main timeline will
|
||
reveal an extra timeline called <strong>Media</strong>. The media
|
||
timeline shows posts which contain a picture, audio or video content. So
|
||
if you are primarily interested in photos then this timeline can be
|
||
useful.</p>
|
||
<figure>
|
||
<img src="manual-media.jpg" alt="Media timeline" />
|
||
<figcaption aria-hidden="true">Media timeline</figcaption>
|
||
</figure>
|
||
<p>If there is an description for the media then this also appears
|
||
within this timeline. Selecting a photo will enlarge it.</p>
|
||
<h1 id="moderation">Moderation</h1>
|
||
<p>The importance of moderation within social networks can’t be
|
||
over-stated. In the early history of the web in which communities tended
|
||
to be organized around forum software and mailing lists the typical
|
||
pattern went as follows:</p>
|
||
<ul>
|
||
<li>Founders initiate the forum</li>
|
||
<li>The forum gains popularity and a community grows around it</li>
|
||
<li>Trolls show up</li>
|
||
<li>The administrator is too nice, believes that all opinions are
|
||
equally valid, and refuses to remove trolls or promptly redact their
|
||
content</li>
|
||
<li>Within somewhere between a couple of days and a few weeks, trolls
|
||
set longstanding forum members against each other</li>
|
||
<li>Community fails and the forum closes abruptly, leaving only a
|
||
404</li>
|
||
</ul>
|
||
<p>The pattern has been repeated many times. Online communities can take
|
||
years to carefully build up and days to destroy. Having good moderation
|
||
in place, with clear terms of service and enforced boundaries, can help
|
||
to avoid failures or burnout. Being “nice” and accepting all content
|
||
tends not to work out well. Such an arrangement is easily hijacked by
|
||
people with bad intent.</p>
|
||
<h2 id="moderator-timeline">Moderator timeline</h2>
|
||
<p>If you have the <em>moderator</em> role then selecting the
|
||
<em>show/hide</em> icon from the main timeline will reveal an extra
|
||
timeline usually called <strong>Mod</strong>. Selecting this timeline
|
||
will take you to the instance moderator timeline, which contains any
|
||
moderation reports.</p>
|
||
<figure>
|
||
<img src="manual-moderator.png" alt="Moderator timeline" />
|
||
<figcaption aria-hidden="true">Moderator timeline</figcaption>
|
||
</figure>
|
||
<h3 id="filtering">Filtering</h3>
|
||
<p>You can filter out posts containing particular words or phrases by
|
||
entering the offending text and then selecting the
|
||
<strong>Filter</strong> button. You can use the
|
||
<strong>Unfilter</strong> button to reverse the decision.</p>
|
||
<h3 id="removing-an-offending-post">Removing an offending post</h3>
|
||
<p>If a post made on your instance has been reported as violating the
|
||
terms of service you can remove it by entering its URL and then
|
||
selecting the <strong>Remove</strong> button.</p>
|
||
<h3 id="suspending-an-account">Suspending an account</h3>
|
||
<p>You can suspend an account on the instance by entering the nickname
|
||
and then selecting the <strong>Suspend</strong> button. Accounts are
|
||
usually suspended pending investigation into some terms of service
|
||
violation. You can use the <strong>Unsuspend</strong> button to
|
||
re-enable an account.</p>
|
||
<h3 id="instance-level-blocking">Instance level blocking</h3>
|
||
<p>To block a fediverse handle (nickname@domain), hashtag or domain
|
||
enter the thing that you wish to block and then select the
|
||
<strong>Block</strong> button. You can do the same with the
|
||
<strong>Unblock</strong> button to reverse your decision.</p>
|
||
<p>If you want to see what is being blocked at the instance level then
|
||
select the <strong>Info</strong> button.</p>
|
||
<h3 id="web-crawlers-and-search-bots">Web crawlers and search bots</h3>
|
||
<p>Most fediverse posts have <em>Public</em> scope, and various web
|
||
crawlers routinely try to index them. These are mostly the usual
|
||
suspects, such as BigTech companies, but also include lesser known
|
||
crawlers such as the British Library. By default all web search bots are
|
||
blocked, but the administrator account can enable particular ones.</p>
|
||
<p>If you are the administrator of the instance then to see the
|
||
currently active web search crawlers edit your profile and select
|
||
<strong>Filtering and blocking</strong>, then <strong>Known Web Search
|
||
Bots</strong>. The most common ones will appear at the top. To enable
|
||
particular ones add their name to <strong>Web Search Bots
|
||
Allowed</strong> (one per line).</p>
|
||
<h2 id="account-level-moderation">Account level moderation</h2>
|
||
<h3 id="filtering-1">Filtering</h3>
|
||
<p>From the main timeline select the top banner to go to your profile,
|
||
then select the <strong>edit</strong> icon. Open the <strong>Filtering
|
||
and blocking</strong> section and then you can specify filtered words or
|
||
phrases. Be sure to select <strong>Publish</strong> to finalize your
|
||
settings.</p>
|
||
<p>You can also filter words within the bio of users making follow
|
||
requests. This allows unwanted followers to be automatically rejected if
|
||
their bio contains particular words.</p>
|
||
<h3 id="blocking-accounts-or-domains">Blocking accounts or domains</h3>
|
||
<p>From the main timeline select the top banner to go to your profile,
|
||
then select the <strong>edit</strong> icon. Open the <strong>Filtering
|
||
and blocking</strong> section and then you can specify blocked accounts
|
||
or domains (one per line). Be sure to select <strong>Publish</strong> to
|
||
finalize your settings.</p>
|
||
<h3 id="replacing-words">Replacing words</h3>
|
||
<p>Sometimes you may want to replace words within received posts. This
|
||
can be for added clarity, to dissipate annoyance or just for fun.</p>
|
||
<p>From the main timeline select the top banner to go to your profile,
|
||
then select the <strong>edit</strong> icon. Open the <strong>Filtering
|
||
and blocking</strong> section and then you can specify replacements as
|
||
follows:</p>
|
||
<pre class="text"><code>OldWord -> NewWord
|
||
original phrase -> new phrase</code></pre>
|
||
<p>These replacements are subjective, such that if you
|
||
boost/repeat/announce a post then the original wording will be retained
|
||
for recipients.</p>
|
||
<h3 id="content-warning-lists">Content warning lists</h3>
|
||
<p>Content warning lists are lists of domains and/or keywords which can
|
||
be used to append a warning if they appear in the content of an incoming
|
||
post. For example, you can have a content warning added if a post
|
||
contains links to satire sites, so that you don’t confuse them with real
|
||
news and you don’t need to be familiar with every possible satire site.
|
||
These types of warnings are opt-in, so if they don’t apply to you then
|
||
you don’t have to have any.</p>
|
||
<p>From the main timeline select the top banner to go to your profile,
|
||
then select the <strong>edit</strong> icon. Open the <strong>Filtering
|
||
and blocking</strong> section and look for <strong>“Add content warnings
|
||
for the following sites”</strong>. You can then select the types of
|
||
warnings to be added to your timeline.</p>
|
||
<h2 id="emergencies">Emergencies</h2>
|
||
<p>The fediverse is typically calmer than the centralized social
|
||
networks, but there can be times when disputes break out and tempers
|
||
become heated. In the worst cases this can lead to administrator burnout
|
||
and instances shutting down.</p>
|
||
<p>If you are the administrator and you are in a situation where you or
|
||
the users on your instance are getting a lot of targeted harassement
|
||
then you can put the instance into <em>broch mode</em>, which is a type
|
||
of temporary allowlist which lasts for between one and two weeks. This
|
||
prevents previously unknown instances from sending posts to your
|
||
timelines, so adversaries can’t create a lot of temporary instances for
|
||
the purpose of attacking yours.</p>
|
||
<p>A general observation is that it is difficult to maintain collective
|
||
outrage at a high level for more than a week, so trolling campaigns tend
|
||
to not last much longer than that. Broch mode allows you to ride out the
|
||
storm, while retaining normal communications with friendly
|
||
instances.</p>
|
||
<p>To enable broch mode the administrator should edit their profile, go
|
||
to the instance settings and select the option. Once enabled it will
|
||
turn itself off automatically after 7-14 days. The somewhat uncertain
|
||
deactivation time prevents an adversary from knowing when to begin a new
|
||
flooding attempt, and after a couple of weeks they will be losing the
|
||
motivation to continue.</p>
|
||
<h1 id="themes">Themes</h1>
|
||
<p>Generic-looking user interfaces have become expected for many types
|
||
of software, because they are designed to scale up to very large numbers
|
||
of users and hence need to be as bland and inoffensive as possible. But
|
||
small web systems don’t need appeal to a bland, corporate, imagined
|
||
average user. If you are spending significant time using a social
|
||
network then being able to customise it and really make it your online
|
||
home improves usability.</p>
|
||
<h2 id="standard-themes">Standard themes</h2>
|
||
<p>Epicyon has multiple standard themes and if you are the administrator
|
||
then if you edit your profile and open the <em>Graphic design</em>
|
||
section then you can change the current theme for the instance. Users
|
||
may need to reload the web page with <em>CTRL+F5</em> in order to see
|
||
the changes.</p>
|
||
<h2 id="theme-customization">Theme customization</h2>
|
||
<p>If you have the <em>artist</em> role then from the top of the left
|
||
column of the main timeline you can select the <em>Theme Designer</em>
|
||
icon, which usually resembles a paint roller or paint brush. This allows
|
||
you to change colors and values for user interface components.</p>
|
||
<figure>
|
||
<img src="manual-theme-designer.png" alt="Theme designer screen" />
|
||
<figcaption aria-hidden="true">Theme designer screen</figcaption>
|
||
</figure>
|
||
<h1 id="sharing-economy">Sharing economy</h1>
|
||
<p>This is intended to add <a
|
||
href="https://en.wikipedia.org/wiki/The_Freecycle_Network">Freecycle</a>
|
||
type functionality within a social network context, leveraging your
|
||
social connections on the instance, or between participating instances,
|
||
to facilitate sharing and reduce wasteful consumerism.</p>
|
||
<h2 id="adding-a-shared-item">Adding a shared item</h2>
|
||
<p>When creating a new post one of the scope options is called
|
||
<em>shares</em>. You can describe an item or service that you are
|
||
willing to share.</p>
|
||
<p>Sharing is primarily intended to not require any monetary
|
||
transactions, although prices can optionally be added. There are no
|
||
payment mechanisms implemented and if that is required then it is
|
||
recommended to include details of payment method within the
|
||
description.</p>
|
||
<figure>
|
||
<img src="manual-new-share.png" alt="Adding a new shared item" />
|
||
<figcaption aria-hidden="true">Adding a new shared item</figcaption>
|
||
</figure>
|
||
<h2 id="adding-a-wanted-item">Adding a wanted item</h2>
|
||
<p>This is the opposite to adding a share in that you are making a post
|
||
which indicates that you are wanting some particular thing or
|
||
service.</p>
|
||
<h2 id="new-shares">New shares</h2>
|
||
<p>When new shared items are added then in the left column of the main
|
||
timeline screen there will be a section showing recent shares.</p>
|
||
<h2 id="shared-and-wanted-items-timelines">Shared and wanted items
|
||
timelines</h2>
|
||
<p>Any items shared or wanted will appear within timelines, which can be
|
||
viewed by selecting the <em>show/hide</em> icon.</p>
|
||
<h2 id="federated-shares">Federated shares</h2>
|
||
<p>If you are the administrator of the instance then you can specify
|
||
other instances with which your local shared items may be federated.
|
||
Edit your profile and select the <em>Shares</em> section, then add the
|
||
domain names of the instances to share with (one per line). If other
|
||
instance administrators also configure their system to share with yours
|
||
then this is the ideal mutualistic situation, increasing the set of
|
||
things being shared.</p>
|
||
<p>The technical implementation of federated shared items currently does
|
||
not use ActivityPub, but instead a pull-based system more comparable to
|
||
RSS/Atom. This is so that the people doing the sharing always remain in
|
||
control of what they are sharing, and can withdraw a share at any time.
|
||
A pull-based implementation also makes things considerably harder for
|
||
spammers.</p>
|
||
<h1 id="search">Search</h1>
|
||
<p>To search, select the magnifying glass icon from the top right of the
|
||
centre column of the main timeline. This will take you to a separate
|
||
screen where you can enter your search query.</p>
|
||
<figure>
|
||
<img src="manual-search.jpg" alt="Search screen" />
|
||
<figcaption aria-hidden="true">Search screen</figcaption>
|
||
</figure>
|
||
<p><strong>Hashtag categories</strong></p>
|
||
<p>If you select <em>SHOW MORE</em> at the bottom of the search screen
|
||
then this will show all recent hashtags, in alphabetical order. If you
|
||
have the <em>editor</em> role then selecting a tag will then allow to to
|
||
assign a category to it. In this way you can build up <em>hashtag
|
||
categories</em> as a way to group tags together under subject headings.
|
||
For example, <em>cake</em> might be under a <em>food</em> category.</p>
|
||
<p>The hashtag categories are published as an RSS feed at
|
||
https://yourdomain/categories.xml, and editors on other instances can
|
||
add those feeds to their newswire. This enables the categorization of
|
||
hashtags to be crowdsourced between instances.</p>
|
||
<p><strong>Searching for a fediverse handle or profile URL</strong></p>
|
||
<p>If you enter a fediverse handle or a URL corresponding to a profile
|
||
then the system will try to find it. If successful then a summary of the
|
||
found profile will be shown, and you will have the option to
|
||
follow/unfollow or view the original upstream profile page. If you are
|
||
already following then a different screen will be shown with more
|
||
options available.</p>
|
||
<p><strong>Searching your posts</strong></p>
|
||
<p>To search your own posts prefix the search text with a single quote
|
||
character.</p>
|
||
<p><strong>Searching hashtags</strong></p>
|
||
<p>To search for a hashtag just enter it, complete with the hash
|
||
prefix.</p>
|
||
<p><strong>Searching shared items</strong></p>
|
||
<p>To search for any shared items just enter the text that you want to
|
||
search for.</p>
|
||
<p><strong>Searching wanted items</strong></p>
|
||
<p>To search for a wanted item then enter the text that you want to
|
||
search for prefixed by a full stop (period) character.</p>
|
||
<p><strong>Searching for skills</strong></p>
|
||
<p>To search for accounts having a particular skill, prefix your search
|
||
text with a star character.</p>
|
||
<p><strong>Searching for emojis</strong></p>
|
||
<p>To search for an emoji use its name prefixed by a colon
|
||
character.</p>
|
||
<h1 id="browsing-in-a-command-shell">Browsing in a command shell</h1>
|
||
<p>Since the web interface of Epicyon only needs HTML5 and CSS, it can
|
||
work with browsers which don’t implement javascript at all.</p>
|
||
<p>Screenshots within the preceding sections all assume that you are
|
||
using a common graphical web browser. However, it is also possible to
|
||
use Epicyon from a shell browser, such as <a
|
||
href="https://lynx.invisible-island.net">Lynx</a>. This may be better
|
||
suited for use with screen readers, or if you want to check your social
|
||
media while logged into a server via <em>ssh</em>.</p>
|
||
<p>If you are using <em>Lynx</em> then you will need to ensure that it
|
||
is configured for the <strong>utf-8</strong> character set, and that you
|
||
have emoji fonts installed (eg. <strong>noto-fonts-emoji</strong>). Edit
|
||
your <em>lynx.cfg</em> file (usually in <em>/etc/lynx.cfg</em>) and
|
||
set:</p>
|
||
<pre class="text"><code>CHARACTER_SET:utf-8</code></pre>
|
||
<p>To avoid annoying questions you may also want to set:</p>
|
||
<pre class="text"><code>ACCEPT_ALL_COOKIES:TRUE</code></pre>
|
||
<p>After logging in you will see a menu, which are shortcuts to
|
||
different screens.</p>
|
||
<figure>
|
||
<img src="manual-lynx-menu.png"
|
||
alt="Menu viewed within a shell browser" />
|
||
<figcaption aria-hidden="true">Menu viewed within a shell
|
||
browser</figcaption>
|
||
</figure>
|
||
<p>Timelines will look something like the following.</p>
|
||
<figure>
|
||
<img src="manual-lynx-inbox.png"
|
||
alt="Inbox viewed within a shell browser" />
|
||
<figcaption aria-hidden="true">Inbox viewed within a shell
|
||
browser</figcaption>
|
||
</figure>
|
||
<h1 id="building-fediverse-communities">Building fediverse
|
||
communities</h1>
|
||
<p>The great thing about running a small instance is that you can do
|
||
things in whatever manner you prefer. What follows is a few guidelines
|
||
which may help.</p>
|
||
<figure>
|
||
<img src="manual-fediverse.png" alt="Fediverse logo" />
|
||
<figcaption aria-hidden="true">Fediverse logo</figcaption>
|
||
</figure>
|
||
<p><strong>Have a working backup system</strong></p>
|
||
<p>Keeping backups is very important, and fortunately with Epicyon this
|
||
is a simple process. The Epicyon installation consists only of files in
|
||
a directory. There is no database. So just backing up the directory
|
||
where it resides - typically <em>/opt/epicyon</em> - is all that you
|
||
need to do. Once you have a backup system in place, test that it
|
||
works.</p>
|
||
<p><strong>The fediverse is not an open source Twitter</strong></p>
|
||
<p>This sounds like a trite comment, but if you have members on your
|
||
instance coming from Twitter and expecting it to be the same sort of
|
||
thing then they will be disappointed. A major difference is that the
|
||
fediverse is more about conversation rather than one-way broadcast.
|
||
Sites like Twitter encourage you to become an “influencer” and adopt a
|
||
style of communication where you are shouting to a large audience
|
||
without much expectation of dialogue.</p>
|
||
<p>On Twitter there is an algorithm which will make follow suggestions
|
||
and dump all manner of aggravating trash into your timeline. On the
|
||
fediverse if you want to connect with people then you will need to be
|
||
more proactive in going out to <em>find the others</em>. There is no
|
||
algorithm trying to guess what you want without your participation.</p>
|
||
<p><strong>Robustly remove bad actors</strong></p>
|
||
<p>If people are creating a problem or bringing trouble and are not
|
||
amenable to changing their ways, whether they are members of your
|
||
instance or not, then be prepared to block or suspend their accounts.
|
||
Remember that <em>trolls will destroy your community if you let
|
||
them</em>. Define your <em>terms of service</em> and apply it
|
||
consistently to anyone interacting with your instance.</p>
|
||
<p><strong>Curate your experience</strong></p>
|
||
<p>Add links to the left column and blog or podcast feeds to the right.
|
||
Choose links which are relevant to your community so that useful
|
||
information is one click away. If you have multiple people on your
|
||
instance then assign roles to them so that they have a stake in
|
||
maintaining a good experience.</p>
|