Annie D

@ann-arcana

Queen of Burgers 🍔

she/her
www.redpanda.fun/

Writer, game designer, engineer, bisexual tranthing, FFXIV addict

OC: Anna Verde - Primal/Excalibur, Empyreum W12 P14

Mare: E6M76HDMVU
. . .

tumblr

annarcana.tumblr.com/

blog

blog.redpanda.fun/

Annie D @ann-arcana11/26/2022, 2:23 PM

walking mirage @atomicthumbs

alex tax1a @atax1a11/24/2022, 6:16 PM

someone on Twitter asked why we think ActivityPub sucks from a protocol and implementation standpoint, and we're porting it over here with minor cleanups:

several things — from a server perspective, the most popular implementation requires that you become an SRE for Nginx, Rails, Postgres, Redis, Sidekiq, and possibly ElasticSearch. IMO, these (especially postgres) are nontrivial services to maintain over the long term.

once you pick a piece of Activitypub-compatible software, as far as we can tell, you're locked into that particular branch — you cannot simply export a Mastodon database into the GotoSocial implementation, you have to set up GotoSocial brand new, and make everyone refollow you

protocol-wise, we keep finding shocking ways in which activitypub is worse than email; the biggest pecadillo (IMO) is that if i follow 100 people on 3 servers and make a post, my server has to make 100 requests, one per follower, instead of 3 posts, one per server

the way the protocol works is that if two large instances defederate each other, it causes a notification storm for everyone downstream that can overwhelm smaller instances

so! if you run your own, you pretty much have to become a cache SRE, web-tier SRE, DB SRE, queue SRE, Rails SRE, you have to know how to secure unix systems, mitigate attacks, and if you're responsible, you have to do replication and backups.

sure, Docker has made it so that you can stand up all of this easily, but long-term maintenance? are you really confident that you know what you're doing here? Oh, sure, you've offloaded a lot of this to your cloud provider, but then you're now dependent on that provider continuing to work. Unless you're a large corporation with a secure contract, your cloud provider most likely doesn't care about you.

in short, standing up our own mastondong is signing up for a whole lot of Actual Work that we don't really want to do just to talk with friends, and we absolutely must stress that we both worked for twitter for 6 years and run our own email server for 21

#we-are-plural-not-an-entire-sre-org #ActivityPub #mastodon

alex tax1a @atax1a11/24/2022, 11:31 PM

apparently (per some debatebro in our fediverse mentions) all of the big implementations implement an optional part of the spec which says you can do message fanout in the per-server way that doesn't suck. We don't like that over here because we know what happens to optional parts of specifications, and want protocols that show evidence of having studied the prior art and require reasonable behavior instead of leaving it up to implementor choice.

#we-are-plural-not-an-entire-sre-org

You must log in to comment.

in reply to @atax1a's post:

X @xkeeper11/24/2022, 6:44 PM

also god fuckin help you if you deviate from the main branch at all. really easy to go "oh i'll just add this little customization tweak" and congratulations, now you aren't just an sre, you're also a code maintainer and developer

наб @nabijaczleweli11/24/2022, 6:48 PM

mastodon this federation that we need to get people back on mailing lists. too me. of course that would require people to use muas that don't sap their will to live so its a non-starter but. "lets pokemon go to the MX!!" or "she 450 on my MAIL FROM til i retry!!" maybe. all in all, facebook and its consequences have been a disaster for the human race.

alex tax1a @atax1a11/24/2022, 6:51 PM

imo gooble finished the job of ruining email that microsoft started with outlook

but christ on a cracker, the AP protocols were very clearly designed by people who tried to reinvent twitter if it worked like email, while understanding neither twitter, nor email

and now we have this dude in our mentions insisting that it's fine that the "shared inbox" delivery aka "fanout that isn't dogshit" is an optional part of the spec, because all the Big Implementations do it

наб @nabijaczleweli11/24/2022, 10:24 PM

completely unrelated because yeag , you're right, but idk if youve ever tried to send/relay mail from exchange^Wmicrosoft "mail" products but its a fun three hours and a JVM you're running forever; sometimes interactively (X11 only! IIRC) forever if you need 2FA; very cool for your entire organisation's mail notification infra (this was part of a move from self-hosting mail to institutional O365, natch). idk what microsoft was smoking when they made a system entirely parallel feature-wise to mail and entirely unrelated to mail that only incidentally interacts with mail (well, okay, yeah, i do know, but)

alex tax1a @atax1a11/25/2022, 2:14 AM

we have not had the misfortune of having to interact with that, it sounds singularly disastrous and we're sorry

fictive @artemis11/24/2022, 8:20 PM

this is also i think a large part of why mastodon ends up with a lot of what on the outside looks extremely like "got mine, fuck you" to a newcomer, with lots of instances that seem cool but are closed for new activations and stuff. half the time its because the server literally cannot keep up with the load of any more users. and a lot of the time its because the server moderation team doesnt have the energy to moderate the server, because they're spending all their energy trying to keep the software working at all

fictive @artemis11/24/2022, 8:26 PM

technical issues is also a lot of what keeps people from running their own matrix server. everyone who has ever considered hosting a matrix server has either made the mistake of joining a large channel and DoSing themselves in the process, or knows someone who has. matrix just fucking breaks down whenever you have big rooms, to the point where there's a setting in Synapse to prevent random users from joining rooms above a certain "complexity" level (which is just a count of how many event state change messages have been sent in the room since the beginning of time, or since time period, i forget which), so your users cant accidentally break your server. i still use matrix for some things because it has properties that are useful, but like the set of things matrix is technically competent at and the set of things IRC is technically competent at are two circles with almost no overlap.

in reply to @atax1a's post:

signal eleven @widr11/25/2022, 7:05 AM

i'm curious who and where is the "we" and "over here" in your exposition!

also yeah when it comes to fedi and act. pub, eyebrow height is a linear function of knowledge acquired it seems

alex tax1a @atax1a11/25/2022, 2:59 PM

we are the we, and "over here" is "in our head"

signal eleven @widr11/25/2022, 9:05 PM

thanks!

gull *Plus!*@gull11/26/2022, 10:46 AM

i think i once heard the phrase "'may' means 'will not' when it counts"? which is about right i think

Tamber @tamber11/26/2022, 1:19 PM

Christ, yeah... I looked at standing up my own mastodon server a few years back and decided I wanted no part of that.

It's a towering clusterfuck of stuff and -- at least from my POV -- the attitude is "well, don't worry about all that, just run the docker container :)" which is all well and good for getting you set up to begin with, but setting something up for a month, and running&maintaining it for an extended period is absolutely two different things.

Maybe I'm just cynical about it, but I foresee a large number of the newest instances either giving up after a few months, or becoming painfully outdated & vulnerable because they're being run by people who just wanted to ~~grill~~ social media, rather than making server maintenance their full-time job.

Annie D @ann-arcana11/26/2022, 2:27 PM

I think the people going "you can just run your own instance!" are also not really considering cost. You are not gonna run Masto on the free tier, the storage requirements alone will bite you, because they are constantly growing, forever. My DO hosting bill went from 5 to 30 bucks over the space of less than a year, and it would've ballooned even faster if I'd stayed on a relay.

And it can never go down, only up, because as far as I can tell there's no way to prune history, and your users would probably be upset if you did.

@prehnra11/26/2022, 2:58 PM

The bit about having to maintain a bunch of dependencies is part of why I'm interested in checking out Pleroma. It's written in Elixir and so it doesn't have many external dependencies (iirc, just pg). BEAM is pretty good at handling caching, key-value, inter-node communication, pubsub, etc natively. Plus it's fast/efficient.

Bbbuuutttt the protocol is still the protocol of course

alex tax1a @atax1a11/26/2022, 3:44 PM

pg is also not a small dependency, and it's one that we categorically refuse to stand up for a site smaller than the 1 physical body we have using the service.

over on fediverse - https://infosec.exchange/@atax1a/109400805323461898 -

what we would prefer is an activitypub instance that we can stand up like Fossil SCM — one binary, one database file, one run script in /service/activitypub, where you upgrade it by replacing the binary and kicking the service over. gotosocial looks like it is approaching that, but also we have no interest in doing free labor by maintaining alpha software.

tedunangst's honk is the closest available thing to what we're describing, but, again, the protocol on one hand, and alpha software on the other.

@prehnra11/26/2022, 4:10 PM

That's totally fair. I guess I'm so used to running pg from my day job and other services I'm running that it barely registers anymore.

Pinned Tags