Skip to content

Instantly share code, notes, and snippets.


Thomas Leister ThomasLeister

View GitHub Profile
ThomasLeister /
Last active Sep 25, 2020
Python database convert script for Thomas Leister's Mailserver Guide
# This script converts the DB layout of the old mailserver guide (Ubuntu 14.04) [1]
# to the new one, introduced with Ubuntu Xenial (16.04) [2].
# Please note that the DB schema / tables for the new schema already need to exist.
# This script is just transferring / converting table _contents_.
# No not forget to provide your own database name and credentials in the
# MySQL "connect" commands at the beginning of the script!
# Prerequisites:
# apt install python3-pip
ThomasLeister /
Created May 9, 2020
Delete Ejabberd accounts by JID list
## Create a "spammers.txt" file with all the JIDs (Jabber IDs) to delete. One in each line:
## user1@server.tld
## user2@server.tld
## user3@server.tld
## ...
## then run this command:
cat spammers.txt | xargs -L1 -i bash -c 'jid={}; name=${jid%@*}; domain=${jid##*@}; ejabberdctl unregister $name $domain; echo "deleted $jid"'
ThomasLeister / auto-start-tmux-ssh.txt
Last active Apr 16, 2020
Put this into your .bashrc to auto-start a tmux session after SSH login
View auto-start-tmux-ssh.txt
Put these lines into your server's .bashrc:
## TMUX auto attach
if [ -n "$SSH_CLIENT" ] || [ -n "$SSH_TTY" ]; then # if this is an SSH session
if which tmux >/dev/null 2>&1; then # check if tmux is installed
if [[ -z "$TMUX" ]] ;then # do not allow "tmux in tmux"
ID="$( tmux ls | grep -vm1 attached | cut -d: -f1 )" # get the id of a deattached session
if [[ -z "$ID" ]] ;then # if not available create a new one
tmux new-session
View remove-zfs-auto-snapshot
### Remove all snapshots crteated by the zfs-auto-snapshot tool
zfs list -t snapshot -o name | grep zfs-auto-snap | tac | xargs -n 1 zfs destroy -r
ThomasLeister / mastodon-tootctl-media-purge.txt
Created Feb 21, 2019
How to automatically remove cached media files older that 7 days from your Mastodon instance
View mastodon-tootctl-media-purge.txt
This is how to automatically delete cached image previews from your Mastodon instance if they are older than 7 days.
Log in as your "mastodon" User or log in as root and then change to the "mastodon" user, who runs Mastodon:
# su - mastodon
Open crontab:
$ crontab -e
... and add these lines to your crontab:
ThomasLeister / mastodon-csp-header
Last active Oct 25, 2018
CSP header for Mastodon social network
View mastodon-csp-header
(Assuming as instance domain - please adapt to your instance!)
add_header Content-Security-Policy "default-src 'none'; script-src https: 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src * blob: data:; media-src 'self' data:; frame-src 'self' https:; font-src 'self' data:; connect-src 'self' wss://";
style-src: I chose 'unsafe-inline' because there are just too many inline styles in static source code or dynamically
generated code to cover all cases (Embed dialog, image lightbox, ...). Also styles seem to be dynamic, so
hashes cannot be generated to allow certain inline styles. :-(
ThomasLeister /
Last active Feb 27, 2021
How to whitelist IP addresses or domains in Rspamd

Whitelist IP addresses based on pre-filter policy


      type = "ip";
      prefilter = true;
      map = "/${LOCAL_CONFDIR}/local.d/";
      action = "accept";
ThomasLeister / mastodon-install-jemalloc.txt
Last active Jan 10, 2019
How to install jemalloc and save RAM on your Mastodon instance
View mastodon-install-jemalloc.txt
### If you set up your Mastodon instance before 9th of June 2018, you probably
### might not have jemalloc active on your Ruby setup. Jemalloc changes the way Ruby
### allocates memory and saves up RAM. On my 140 users instance RAM usage dropped by 300 MB just by using jemalloc.
### This is how to set it up on Debian 9 Stretch:
### As root, install libjemalloc-dev:
apt install libjemalloc-dev
### Change to mastodon user:
View gist:4ec2e9f98ce3a3993b8083ff2122bcba
ACLs enabled for LXD / LXC containers on ZFS:
apt install acl (on host and container)
zfs set acltype=posixacl default/containers/kirby (on host)
(restart container)
=> *profit*
View Mailserver Postgres.txt
/* Create queries for */
create table domains (
id serial not null,
domain char (255) unique not null,
create table accounts (
id serial not null,