gotosocial.social now federates with over 10K instances, according to the statistics in the homepage!
gotosocial
It's a real mystery how #GoToSocial upgrades "just work". The new "hold your horses and don't do something dumb" page is a nice touch!
🏕️ my adventures in #selfhosting - day 76 ✨
Monday morning, which means: backing up my #YunoHost setup.
I see that #GoToSocial has an update available but I'm too scared to upgrade it. Having my 4th cup of espresso and working up the courage to do it (I hear it takes a looong time). Hoping I don't break anything 😅
In other news, I am LOVING my #LinkStack and having a glimpse into the links that are the most popular (LinkStack offers you a ranking in reverse order of the most clicked links when you log into their dashboard). Is anyone interested in me writing about it? For reference, here is what the front end looks like: https://elena.social
Off I go update my #GoToSocial, wish me luck!
#MySoCalledSudoLife #FOSS
Yayyy silly feature silly feature
https://codeberg.org/superseriousbusiness/gotosocial/pulls/4184
This pull request adds a very simple ad-hoc ListenBrainz widget to the frontend web view, with progressive enhancement (in all fail states it just falls back to rendering the field as normal).
#Fedicat will list the account rss feed in #GotoSocial profiles when it’s available
#GoToSocial running on a meta quest headset:
https://quest3.yhvr.me/@yhvr/statuses/01JKGZZP5CPPVNQ4YB532RBDF6
ok, here you go, updated GTS search patches for 0.18.0rc1. notice how they're on my repo? these are completely unofficial. do not bug anyone but me about them.
improved hashtag search. status: upstreamable, mostly.
doesn't require # prefix to search hashtags
searches for matches anywhere in a hashtag: Mac now matches VintageMac as well as MacOS
includes hashtags when not specifically searching for accounts or statuses, like most Mastodon-compatibles
doesn't change existing tag sorting. popularity and/or recency might be more useful
offset paging for searches. status: not upstreamable yet.
more compatible: many clients can't do ID paging
allows paging hashtag search results: Mastodon API has no concept of IDs for hashtags, so ID paging can't work for those anyway
possible performance issues: see comments on why main doesn't have it already. personally, i haven't noticed and i run this instance on a tiny VPS
remove search restrictions. status: heretical.
searches any post on your instance (except other accounts' private/direct posts, and accounts that have you blocked)
includes public, unlisted, your own private and DM posts, and private and DM posts that are replies to you
expanded search is default: revert to standard GTS behavior by adding scope:classic or in:library operator to search query
definite performance issues: this means searching more posts! GTS does not use either PG full-text indexes/operators or SQLite full-text virtual tables, and this patch doesn't change that.
doesn't include alt text of media attachments, or polls, because main doesn't
i may add more patches to this list in the medium future as i add more functionality to my own instance, for example, date range operators (before:date, after:date), post property operators (has:image,has:poll, has:cw, is:sensitive, visibility:public), threading operators (to:user@instance.tld, is:reply, -is:reply), sort operators (sort:oldest, sort:newest, sort:favs) and maybe PG full-text indexing if i have a really good day (i really don't wanna figure out SQLite's weird shit! someone else do it!)
randos don't debate me about Fedi search. my clients can't set per-post interaction controls yet so i'll just block you.
Feditext beta users: today's version 1.7.2 build 130 adds support for push notifications from GoToSocial instances.
you will need to be running a development version of GTS 0.18 with this patch applied <https://github.com/superseriousbusiness/gotosocial/pull/3762>, or wait for the *next* release candidate (0.18.0rc1 doesn't have it) or the 0.18.0 release proper.
users of other instance servers don't need to update.
What's that coming over the hill, is it a monster? Is it a monster?
Yes actually, it's version 0.19.0 of #GoToSocial, aka Seditious Sloth 😈! It's busted out of the release candidacy process and it's ready to kick some ass.
You can get the release from here:
https://github.com/superseriousbusiness/gotosocial/releases/tag/v0.19.0
Or use either the latest or 0.19.0 Docker tag.
The update contains several database migrations, so please read the migration notes carefully for instructions on how to upgrade to this version!
Release highlights
OAuth token scope enforcement: Token scopes (read, write etc) now actually do stuff! So we removed the big "scopes don't do stuff!" warning in the docs. The enforced scopes match the Mastodon API token scopes, so there shouldn't be any surprises for bot owners / app developers.
See https://docs.gotosocial.org/en/latest/api/swagger/ for more info.
Token review / invalidation: You can now review and invalidate tokens issued for your account in the settings panel, to help keep your account secure.
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#access-tokens
Create and manage applications in the settings panel: Handy for people who want to run bots and applications with GoToSocial!
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#applications
Gallery-style profile layout option: You can now choose to lay out the web view of your profile in a 'gram style gallery. Good for people who mostly post media and want to put that at the forefront.
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#select-layout
Support for two-factor authentication (aka 2FA): If your instance isn't configured to use an OIDC provider, you can now secure your account with 2FA via a QR code and an authenticator app. When logging in with 2FA enabled, you will have to provide a time-based one-time password. Security!
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#two-factor-authentication
Lots of web view tweaks including nicer media rendering on chrome, proper blurhash support, much better support for keyboard-based page navigation, wider font support for different scripts, tidier status info bar, and more.
OAuth bugfixes should allow more flexibility and compatibility when logging in with or authorizing third-party applications.
bandwagon.fm compatibility fixes: you can now follow Bandwagon.fm artists from your GoToSocial account and receive posts / announcements from them.
Edit domain permissions: you can now edit the obfuscate and public and private comment fields in domain permissions (blocks/allows) instead of having to remove and recreate the permission to update the comments.
Hey everyone, today we ran into a bit of an issue while updating gotosocial.social, which resulted in the site being down for the past 6 hours. The problem has been resolved now, and no data was lost or damaged. Still, sorry for disrupting your Fediverse browsing experience 🙂
A quick reminder for other #GoToSocial admins using snapshot builds: if you're using PostgreSQL, please consider not updating to d8113c1 for now as the db migration is likely incompatible with PostgreSQL. Keep an eye on Issue #3880 for updates on the fix.
Thanks to the hard work of @cdn0x12 the next #GoToSocial release candidate will include automated light mode / dark mode switching based on your system light mode / dark mode configuration.
This means visitors to the web view of your profile will be able to read your silly posts in whatever form they're most comfortable with. This works for the settings panel too! The auto switching also applies to "auto" profile themes with separate light and dark modes (not every theme has both dark + light mode counterparts at this point).
We're still cracking away on fixing release candidate bugs but we wanted to show this because it's cool as heck. Big thank you to @cdn0x12 for their hard work <3
Some screenshots!
this is cool, I just noticed that #BookWyrm reviews show up in #GotoSocial and #NeoDB with the title as a spoiler warning
Hi everyone!
We've just pushed a very important security bugfix release for #GoToSocial v0.17.3 and below:
https://github.com/superseriousbusiness/gotosocial/releases/tag/v0.17.4
If you are running on GoToSocial v0.17.3 or below, you should update to v0.17.4 as soon as possible. It's a very small update from v0.17.3 -> v0.17.4 as it contains only some code logic changes, and no database migrations.
In short, when a dereferencing bug is triggered under a specific set of circumstances it can cause loss of account data on affected instances. It's a rare thing to be triggered, but when it does happen it really, really stinks, and necessitates restoring from backup or manually editing the database to get things working again. (It's not possible to access or tamper with data by triggering the bug, only destroy it.)
We'll release a proper CVE for this in a couple of days when admins and packagers have had a chance to update.
Please note that folks who are already on v0.18.0-rc1 or latest snapshots are unaffected and do not need to do anything, as the bug occurs specifically in v0.17.3 and below. This means if you prefer to update straight from v0.17.3 to v0.18.0-rc1 then that's also an option; you can follow the release notes for v0.18.0-rc1 in this case.
So! If you know folks on GtS v0.17.3 or below, please let them know that they should take action! Link them to this post if you want! And please boost for visibility :)
Thank you everyone! <3 Computers!
in #Mastodon #Akkoma #Pleroma #GotoSocial you can hide your follower and following lists from public view
trying to do some cheeky small PRs today for #GoToSocial bugfixes and low-hanging thingies, to decompress after hyperfocusing this week
here's a wee little tweak to the front end to show a visibility icon, and underline the date to make clear it's clickable
https://github.com/superseriousbusiness/gotosocial/pull/3908
Good morning Fedi friends!
It's been 99 days since I started self-hosting my own Fediverse instances. Crazy how time flies!
I've been a bit absent from here this week because I started exploring the world of #PeerTube from the POV of a creator.
I just set up my own account on #MakerTube - so that I can write a guide that is accessible to many (as opposed to skipping this step and going straight to self-hosting).
Anyway, here is my PeerTube account: https://makertube.net/a/elena/video-channels
I have been able to follow it from #Mastodon and #Friendica without a problem, but I keep getting an error message when I try to subscribe with my #GoToSocial username. The exact message: "Cannot fetch information from this remote account." Does anybody have the same issue? (as in: people on GoToSocial, can you subscribe to PeerTube channels?)
Wishing you all a lovely day 🌞
P.S.: about to go offline for the rest of the day because... there's no pre-school in France on Wednesdays and the garderie keeps my little one up until 12:30. So apologies in advance if I'm slow to reply to messages.
#MySoCalledSudoLife
adding the #GotoSocial account switch between feed and gallery web views
Now that #GoToSocial v0.19.0 is out, we're going to start the process of transferring our coding workflow from Github over to #Codeberg (@Codeberg), to get away from Microsoft's endless parade of crapola.
This means that some time in the next week or so, we will "lock" the Github repository so that only superseriousbusiness.org members can create new PRs and issues etc (similar to what we do when we're on holiday).
Then, we will migrate the repository over to Codeberg, using Codeberg's migration functionality to keep issues, pull requests, comments, etc intact.
Once we've validated that everything is in order, we will mark the Github repository as a read-only mirror of the Codeberg repo, and start using Codeberg for issues, pull requests, CI/CD etc.
To avoid breaking people's automated builds that rely on that Github repo, we are planning to keep it as a read-only mirror for a while (eg., 6 months or so, not sure yet) . At some point though we will fully remove it, to avoid contributing our code to Microsoft's "ai" garbage. But we will warn in advance about this so that people can update their scripts and stuff in time.
There will probably be some turbulence in our CI/CD pipelines and workflow and whatnot during this transition period, but nothing that should affect end users of the software: releases up to v0.19.0 will remain available on Github and Docker as normal, and snapshots should remain up to date on our Minio S3 bucket and Docker.
We're looking forward to the move, and to putting the sloth in its new home and seeing it wander around sniffing the furniture and exploring Thanks for reading!
🏕️ my adventures in #selfhosting - day 111 (quiet edition) 💤
Good morning Fedi friends!
I hope you had a nice weekend.
After backing up my two VPSs I am now staring at my #YunoHost dashboard thinking: now what?
It feels a little odd not to have to tackle any pressing self-hosting issues. Everything seems to be working well, including my manual installation of Ghost on a second (Ubuntu) VPS.
I'm now in maintenance mode.
I must confess in the past 24 hours I have spent some time browsing @yunohost 's app catalogue. So many fascinating things in there! But I am exercising restraint (for now, LOL!)
I'm very grateful for all the software I'm currently self-hosting.
On Debian (via YunoHost):
#Fail2Ban
#Friendica -> https://elenarossini.fr/profile/ele/
#GoToSocial (this account!)
#LinkStack -> https://elena.social
#Pixelfed -> https://photos.elenarossini.com/ele
On Ubuntu:
Fail2Ban
My #Ghost blog/newsletter -> https://news.elenarossini.com
#Varnish cache
I'm highly aware of my privilege and how lucky I am to be doing all this. But can I confess I'm a little bored? Thankfully I may have another big project on the horizon: upgrading my VPS and installing / self-hosting #PeerTube. But that will be for another week. Resting now and enjoying this sense of empowerment / digital sovereignty. Very grateful to be in this position.
Wishing you all a fantastic week!
After reviewing FEP-5624: Per-object reply control policies and GoToSocial's interaction policy spec, I find myself leaning toward the latter for long-term considerations, though both have merit.
FEP-5624 is admirably focused and simpler to implement, which I appreciate. However, #GoToSocial's approach seems to offer some architectural advantages:
The three-tier permission model (allow/require approval/deny) feels more flexible than binary allow/deny
Separating approval objects from interactions appears more secure against forgery
The explicit handling of edge cases (mentioned users, post authors) provides clearer semantics
The extensible framework allows for handling diverse interaction types, not just replies
I wonder if creating an #FEP that extracts GoToSocial's interaction policy design into a standalone standard might be worthwhile. It could potentially serve as a more comprehensive foundation for access control in #ActivityPub.
This is merely my initial impression though. I'd be curious to hear other developers' perspectives on these approaches.
#FEP5624 #fedidev #fediverse #replycontrol #interactionpolicy
Good morning Fedi friends!
If you've been following my toots for a while, you know how incredibly grateful I am to @yunohost for empowering me to self-host my own fedi instances.
Six months ago I knew nothing about self-hosting. Now, thanks to #YunoHost and the superb tools they offer (for free!), I am running my own #GoToSocial, #Friendica, #Pixelfed and #PeerTube instances. I am a new and improved and more empowered digital citizen thanks to it. I cannot begin to describe the immense gratitude I feel towards YunoHost and its team of volunteers.
Well, today I have a chance to give back (a little). YunoHost has just launched a crowdfunding campaign to cover its operating costs for the rest of the year.
✨ https://yunohost.org/donate.html 🪴
I just donated to it - and if you have the means could you join me in doing so, too? Every euro / dollar / yen counts.
YunoHost has the incredible mission of empowering anyone to self-host their digital services - not just fediverse software, but HUNDREDS of free open source apps.
Needless to say, I want YunoHost to continue operating and to thrive for many many years to come. Its services are ESSENTIAL.
Thank you YunoHost for changing my life and wishing you great success with your fundraising campaign! 💚🪴
Updated to the latest version of #GoToSocial that has an optional gallery view on profiles - perfect for my photo-centric account, @snaps
Tons of themes to try, too. 🦥
Some questions for all the #GoToSocial users out there.
How many gigabytes of disk space (roughly) does your instance use?
How long has it been online?
And does the growth in storage slow down after the first seven days (on the default configuration), when cached images start clearing out?
#FediHelp #SelfHost #SelfHosted #Fediverse
I've got a quick favour to ask. If you're reading this post on Mastodon (or the Fediverse), please click boost.
How come?
I recently moved across to my own self-hosted single-user server (using GoToSocial.org). For a bunch of reasons, including visibility across the Fedi, it would really help out.
#Fediverse #FediHelp #gotosocial #mastohelp
Hello, we just created the first release candidate for version 0.19.0 of #GoToSocial:
https://github.com/superseriousbusiness/gotosocial/releases/tag/v0.19.0-rc1
Adventurous admins can try out this release candidate using the 0.19.0-rc1 docker tag, or by downloading the proper tar archive on the release page.
This version contains several database migrations so you will need to be patient when upgrading, and backup your database first!!
Release highlights:
OAuth token scope enforcement: Token scopes (read, write etc) now actually do stuff! So we removed the big "scopes don't do stuff!" warning in the docs. The enforced scopes match the Mastodon API token scopes, so there shouldn't be any surprises for bot owners / app developers.
See https://docs.gotosocial.org/en/latest/api/swagger/ for more info.
Token review / invalidation: You can now review and invalidate tokens issued for your account in the settings panel, to help keep your account secure.
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#access-tokens
Create and manage applications in the settings panel: Handy for people who want to run bots and applications with GoToSocial!
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#applications
Gallery-style profile layout option: You can now choose to lay out the web view of your profile in a 'gram style gallery. Good for people who mostly post media and want to put that at the forefront.
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#select-layout
Support for two-factor authentication (aka 2FA): If your instance isn't configured to use an OIDC provider, you can now secure your account with 2FA via a QR code and an authenticator app. When logging in with 2FA enabled, you will have to provide a time-based one-time password. Security!
Docs: https://docs.gotosocial.org/en/latest/user_guide/settings/#two-factor-authentication
Lots of web view tweaks including nicer media rendering on chrome, proper blurhash support, much better support for keyboard-based page navigation, wider font support for different scripts, and more.
Thanks for reading! :)