Skip to content

Instantly share code, notes, and snippets.

@stefanbohacek
Last active April 13, 2024 17:20
Show Gist options
  • Save stefanbohacek/ca85adc8a22311094c9f219e3b899583 to your computer and use it in GitHub Desktop.
Save stefanbohacek/ca85adc8a22311094c9f219e3b899583 to your computer and use it in GitHub Desktop.
Hiding media attachments on fediverse servers

Mastodon

Solution 1: make media upload directories write-only

chmod 722 /home/mastodon/live/public/system/cache
chmod 722 /home/mastodon/live/public/system/media_attachments

# reset permissions
chmod 777 /home/mastodon/live/public/system/cache
chmod 777 /home/mastodon/live/public/system/media_attachments

Solution 2: nginx conf (work in progress)

nano /etc/nginx/nginx.conf
nano /home/mastodon/live/dist/nginx.conf
http {
  server {
    location ~ ^/system/media_attachments/ {
      return 503;
    }

    location ~ ^/system/cache/media_attachments/ {
      return 503;
    }
  }
}
# restart nginx
sudo systemctl reload nginx

# restart mastodon, for good measure?
systemctl reload mastodon-web && systemctl restart mastodon-sidekiq
@krzysztofjeziorny
Copy link

krzysztofjeziorny commented Apr 13, 2024

Just thinking out loud, untested:

  location ~* \.(png|jpg|jpeg|gif|webp|avif|ico|svg)$ {
    return 503;
  }

@stefanbohacek
Copy link
Author

@krzysztofjeziorny Thank you for sharing this! I'm not sure it's necessary to block all the images, icons, etc, that Mastodon uses outside of the user-uploaded ones.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment