/etc/rspamd/local.d/multimap.conf:
IP_WHITELIST {
type = "ip";
prefilter = true;
map = "/${LOCAL_CONFDIR}/local.d/ip_whitelist.map";
action = "accept";
Put these lines into your server's .bashrc: | |
## | |
## TMUX auto attach | |
## | |
if [ -n "$SSH_CLIENT" ] || [ -n "$SSH_TTY" ]; then # if this is an SSH session | |
if which tmux >/dev/null 2>&1; then # check if tmux is installed | |
if [[ -z "$TMUX" ]] ;then # do not allow "tmux in tmux" | |
ID="$( tmux ls | grep -vm1 attached | cut -d: -f1 )" # get the id of a deattached session | |
if [[ -z "$ID" ]] ;then # if not available create a new one | |
tmux new-session |
This is how to automatically delete cached image previews from your Mastodon instance if they are older than 7 days. | |
Log in as your "mastodon" User or log in as root and then change to the "mastodon" user, who runs Mastodon: | |
# su - mastodon | |
Open crontab: | |
$ crontab -e | |
... and add these lines to your crontab: |
If postfix runs in an chrooted environment: | |
# ========================================================================== | |
# service type private unpriv chroot wakeup maxproc command + args | |
# (yes) (yes) (yes) (never) (100) | |
# ========================================================================== | |
cleanup unix n - y - 0 cleanup | |
... opendkim.sock must be placed into /var/spool/postfix. Postfix won't be able to access the socket otherwise. |
In case there's already a DHCP config for netplan for the private IP address:
File: /etc/netplan/50-cloud-init.yaml
Contents:
# This file is generated from information provided by
# the datasource. Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
### If you set up your Mastodon instance before 9th of June 2018, you probably | |
### might not have jemalloc active on your Ruby setup. Jemalloc changes the way Ruby | |
### allocates memory and saves up RAM. On my 140 users instance RAM usage dropped by 300 MB just by using jemalloc. | |
### This is how to set it up on Debian 9 Stretch: | |
### As root, install libjemalloc-dev: | |
apt install libjemalloc-dev | |
### Change to mastodon user: |
### Remove all snapshots crteated by the zfs-auto-snapshot tool | |
zfs list -t snapshot -o name | grep zfs-auto-snap | tac | xargs -n 1 zfs destroy -r |
(Assuming metalhead.club as instance domain - please adapt to your instance!) | |
add_header Content-Security-Policy "default-src 'none'; script-src https: 'self'; object-src 'self'; style-src 'self' 'unsafe-inline'; img-src * blob: data:; media-src 'self' data:; frame-src 'self' https:; font-src 'self' data:; connect-src 'self' wss://metalhead.club"; | |
Note: | |
style-src: I chose 'unsafe-inline' because there are just too many inline styles in static source code or dynamically | |
generated code to cover all cases (Embed dialog, image lightbox, ...). Also styles seem to be dynamic, so | |
hashes cannot be generated to allow certain inline styles. :-( | |
According to: "Growing a loop backed ZFS pool" on https://lxd.readthedocs.io/en/latest/storage/ | |
For LXD via Snap package: | |
- The default pool is located at /var/snap/lxd/common/lxd/disks/default.img | |
- and is named "default". | |
### To increase the pool size by 20 GiB do this: | |
>>> Stop all your containers! <<< |
# | |
# Use case: Podman should run a build-container. | |
# The build should be run by a user "builder" with UID 1000 inside the container | |
# Build artifacts should be shared with the host via a -v Volume. | |
# To make things easier, artifacts created inside the container should have the user, who started the container, as owner. | |
# The Container should run in "rootless" mode. | |
# Solution: Use --uidmap for user mapping. | |
# | |
podman run \ |