Difference between revisions of "Poddery - Diaspora, Matrix and XMPP"

We run diaspora, xmpp and matrix services at [https://poddery.com poddery.com]. Diaspora username and password can be used to access xmpp and matrix services. [https://chat.poddery.com chat.poddery.com] provides riot client (accessed by a web browser), which can be used to connect to any matrix server without installing a riot app/client.

We are on a [https://www.scaleway.com/baremetal-cloud-servers/ C2S instance of scaleway.com bare metal cloud server].

* '''€17.99''' per month

We run debian 9 stretch image provided by scaleway.

* SSH password login disabled (allow only key based logins)

* root SSH login disabled (use a normal user with sudo)

* fail2ban configured against brute force attacks

* There should be a data disk attached (added from cloud.scaleway.com)

''' mkdir /var/lib/diaspora/uploads; chown -R diaspora: /var/lib/diaspora/uploads;ln -s /var/lib/diaspora/uploads /usr/share/diaspora/public/uploads

   systemctl status nginx # our web server front end for diaspora, xmpp and matrix

   systemctl status sslh # SSL/SSH multiplexer which allow us to provide multiple services via 443 port (to bypass stupid firewalls)

Homepage and other static pages are maintained in our gitlab instance. You can change it directly in the master branch or send pull requests. You can edit it via web as well.

save.poddery.com repo is maintained as a sub module in poddery.com repo. See this tutorial -> https://chrisjean.com/git-submodules-adding-using-removing-and-updating/ for working with git submodules.

  # letsencrypt certonly --webroot -w /usr/share/diaspora/public  -d poddery.com -d www.poddery.com -d test.poddery.com -d groups.poddery.com -w /usr/share/diaspora/public/save -d save.poddery.com

  34 2 * * 1 /etc/init.d/prosody reload

We use diaspora-installer-mysql package from  https://people.debian.org/~praveen/diaspora (stretch/contrib)

See [https://salsa.debian.org/ruby-team/diaspora-installer/blob/debian/0.6.6.0+debian1/README /usr/share/doc/diaspora-common/README] for package specific configuration.

* We use prosody and steps for setting up prosody is given at -> https://wiki.debian.org/Diaspora/XMPP

* We have enabled all XEPs conversations expect. We use sslh to multiplex diaspora and prosody on port 443.

* We use synapse server for setting up the matrix server.

* We use nginx reverse proxy to send requests that has ''/_matrix/*'' in url to synapse on 8008. See /etc/nginx/sites-enabled/diaspora

*[https://www.loomio.org/g/2bjVXqAu/fosscommunity-in-poddery-com-maintainer-s-group loomio group] - we use this for decision making.

* Hangout with us in our matrix room [https://matrix.to/#/#poddery:poddery.com #poddery:poddery.com]

Email: poddery at autistici.org (alias that reaches Akhilan, Abhijith Balan, Fayad, Balasankar, Julius, Praveen, Prasobh, Sruthi, Shirish, Vamsee and Manukrishnan)

We recommend you setup [http://www.vim.org/scripts/script.php?script_id=3645 vim gpg plugin] for transparent editing. If you are new to gpg, then follow [https://www.madboa.com/geek/gpg-quickstart/ this guide].

Maintained in a private git repo at -> https://git.fosscommunity.in/community/access

Backup was setup on a Scaleway C1 VPS (4 core ARM processor with 2GB RAM). '''TODO: C1 server was crashing frequently and we need to setup backup again on VPS provided by Manu'''.

'''Note:''' Since we are not using a public ip (saves us money), backup.poddery.com connects to poddery.com via private ip. So if poddery.com is rebooted, the new ip address should be updated in /etc/hosts file of backup.poddery.com. To connect, use the web console from scaleway.com

# Power off the machine with "ARCHIVE" option. It may take upto an hour for shutdown to complete on backup.poddery.com and poddery.com

# Resize file system (resize2fs /dev/mapper/diaspora)

This section holds maintenance/issue history for future tracking.