Back over two years ago I made a post, looking at some non-mainstream political accounts on the largest instance mastodon dot social, 75% were hidden or blocked. These were all identifiably left-wing with an anti-war, anti-NATO stance - I didn’t bother checking right-wing accounts as I think universally everyone will acknowledge they won’t last 10 minutes on Mastodon.

Anyway this is the main reason I’m binning one of my instances off - the culture of Mastodon is just not suitable for any sort of political discussion outside of a very narrow bourgeois-liberal spectrum, X is actually much better for this nowadays.

This is without addressing all the other issues:

• Fediblock wars where whole instances just get blocked by other instances. Their users left wondering why they can’t communicate with people they were talking to yesterday.
• Or Mastodon dot lol shutting down, with over seventy three thousand users, because a bunch of trans-activists were harassing people who wanted to play the computer game Hogwarts Legacy.

The list is almost endless.

Anyway I’ve used various Nostr applications for a while, I used to run a relay for it a couple of years ago. I think as it and the applications for it matures it offers a lot of potential. And technically, unlike ActivityPub where your identify is tied to a server and can get nuked or blocked for a variety of reasons.

Or we just go back in time to twenty years ago and go on the blogosphere 🙌.

More reading

• On Mastodon censorship
• Mastodon.social shadowbanned me

According to epsilon77 this is because:

Hello! I am maintainer of glances in Debian, for Debian policy, the packages should not include prebult files, for this reason, we had to remove those js files from debian package. and this change does WEB-UI useless.

There’s a few suggestions in that thread however I’d suggest just running:

wget https://github.com/nicolargo/glances/archive/refs/tags/v3.2.7.tar.gz
tar -xzf v3.2.7.tar.gz
sudo cp -r glances-3.2.7/glances/outputs/static/public/ /usr/lib/python3/dist-packages/glances/outputs/static/
rm v3.2.7.tar.gz
rm -r glances-3.2.7

That’ll download the files we need, extract them, copy them into the Glances install directory and then remove the downloaded bits once we’re done. Refreshing the browser should show the Glances Web UI instead of a blank white page.

Web proxy

1. Assuming you’re running Nginx on the web host you’ll need to setup a proxy by adding something like this to your .conf file:

    location / {
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_pass http://127.0.0.1:8080;
    }
   

2. If you’re using Certbot, you may need to tweak how Nginx handles the ACME Challenge, I use the below to make sure the certificate request isn’t proxied to Pixelfed:

    location /.well-known/acme-challenge/ {
      alias   /path/to/web/site/.well-known/acme-challenge/;
      allow all;
    }
   

Please be aware Pixelfed expects to receive traffic from /.well-known/webfinger* and potentially other addresses for ActivityPub.

Pixelfed

1. Grab the docker-compose.yml file off the Github repository, we wanna comment out the build instructions and just use the above image, like the below for both the app and worker.

    # Comment to use dockerhub image
    #   build:
    #    context: .
    #      dockerfile: contrib/docker/Dockerfile.apache
    image: murazaki/pixelfed:edge-apache
   

2. Grab the .env.docker file off the repository, make sure to edit the below plus any database names and passwords etc:

    ## General Settings
    APP_NAME="Pixelfed Prod"
    APP_ENV=production
    APP_DEBUG=false
    APP_URL=https://real.domain
    APP_DOMAIN="real.domain"
    ADMIN_DOMAIN="real.domain"
    SESSION_DOMAIN="real.domain"
   

Check through the file and change any other settings as required. Its quicker to do it before hand as by default Pixelfed will cache the config, requiring it to be cleared etc. Pixelfed does not handle changing domain after installing, so make sure you’re happy with the domain you’re using.

3. Ok we should be good to run docker-compose up -d.

4. Check any firewall rules that might be blocking the Docker bridge.

5. Generate a crypto key using docker-compose exec app php artisan key:generate this will also enter it into .env.docker for you, but you could run cat .env.docker | grep APP_KEY to check.

6. Restart the app docker-compose restart app.

7. Clear the config cache with docker-compose exec app php artisan config:cache.

8. Setup the database using docker-compose exec app php artisan migrate.

9. Restart the app docker-compose restart app.

10. Create your first user with docker-compose exec app php artisan user:create.

11. Visit the domain, you should be able to login.

12. Additional steps depending on how you want to run it, run docker-compose exec app php artisan instance:actor if you want to use ActivityPub.

Should be good to go, generally after updates will need to run docker-compose exec app php artisan migrate and I’ve had a few cases where profile pictures etc weren’t loading after an update, fixed by running docker-compose exec app php artisan storage:link.

Detailed CLI documentation. My Pixelfed account.

Any questions? Feel free to drop a comment below.

Update 14th June 2023

I’ve actually recently started using zknt’s Docker image this has got a few benefits, such as a startup script that automatically handles the initial install and does a migrate after an update. Additionally it is updated much more frequently.

However, the cryptocurrency wallet is probably one of the better features, certainly better than searching the web for shopping vouchers. Hopefully come the next crypto cycle it’ll be ready and help drive cryptocurrency into the mainstream by bringing “web3” direct to the browser.

Only real questions are how susceptible is this going to be to dodgy websites impersonating another? Will that alone cause more bad headlines featuring users that don’t really know what they’re doing getting scammed. Obviously happens with bank cards, but that isn’t newsworthy - and at least banks can stop or refund fraudulent transactions!

Any chance we could get a decent RSS reader back in the browser please?

I imagine the behaviour of this button will annoy many users as it looks distracting and opens on a long hover aswell as left-click, no doubt prompting many accidental openings.

I’m leaving it on at the moment as I am trying to use Bing Chat in more of my workflows. However there’s no hiding the fact a lot of people will regard this as bloatware and those people who want a minimum clean browser will want the option to disable it.

At the moment there are two ways, the first launching the browser with --disable-features=msUndersideButton. Below showing that setup in an Edge shortcut.

Once launched with this, it’ll disappear:

Alternatively you can add the below registry key and reload the policies in Edge to hide it:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Edge] "HubsSidebarEnabled"=dword:00000000

Hopefully in the future Microsoft will add a simple hide in a right-click menu on it, or at least an option exposed in the settings UI - or failing that a browser flag to hide it.

Update, 18th March 2023

The new Canary build 113 of Edge is now shipping with an option for this under Settings > Sidebar > Discover.

Update 23rd April 2023

The toggle button in settings has now shipped in version 112.

Microsoft has recently launched a new version of its Bing search engine that features an AI-powered assistant called Chat. Chat is based on OpenAI’s ChatGPT technology, which is a chatbot that can generate natural and engaging responses to user queries. In this blog post, we will explore what Chat can do, how it works, and what are some of its benefits and challenges.

What can Chat do?

Chat can answer questions, provide information, and offer suggestions based on web searches. It can also engage in more informal and personal conversations with users, such as telling jokes, stories, or opinions. Chat can understand natural language and context, so users can ask questions however they like, do complex searches, follow up, and make refinements in chat.

For example, if you ask Chat “What is the best laptop for gaming?”, it will show you some relevant web results and also ask you some follow-up questions to narrow down your search criteria. You can then chat with Chat to compare different models, features, prices, reviews, etc.

Chat can also generate creative content such as poems, lyrics, code snippets etc., using its own words and knowledge. For example if you ask Chat “Write me a poem about love”, it will generate something like this:

Love is more than just a word
It’s a feeling that fills your heart
It’s a bond that never breaks apart
It’s a light that guides your way
It’s a smile that brightens your day
Love is more than just a word
It’s a gift that you give and receive

How does Chat work?

Chat is built on top of OpenAI’s GPT-3 family of large language models. GPT-3 is an AI system that can generate text on any topic given some input text. It has been trained on billions of words from the internet and books.

However GPT-3 alone cannot handle dialogue very well as it lacks consistency, personality, and safety. That’s why OpenAI developed ChatGPT which is a chatbot that has been fine-tuned using both supervised and reinforcement learning techniques.

Supervised learning means that human experts have labeled some data (such as conversations) with correct responses for the chatbot to learn from. Reinforcement learning means that human feedback (such as ratings or comments) has been used to reward or punish the chatbot for its outputs.

By combining these two methods OpenAI was able to create ChatGPT which can generate more coherent, relevant, and appropriate responses than GPT-3 alone.

Microsoft has integrated ChatGPT into Bing using its own proprietary technology called Project Conversation Engine (PCE). PCE allows Bing to leverage multiple sources of information such as web results, images, videos, maps etc., to provide rich answers to user queries.

PCE also enables Bing to handle multiple domains such as news, shopping, travel etc., and switch between them seamlessly depending on user intent.

What are the benefits of Chat?

Chat offers several benefits for users who want to get more out of their web searches. Some of these benefits are:

• Faster and easier access to information: Users don’t have to type long queries or browse through multiple pages to find what they are looking for. They can simply ask Chat in natural language and get quick answers.
• More comprehensive and personalized results: Users can get more details about their topics of interest by chatting with Chat. They can also get tailored suggestions based on their preferences and needs.
• More fun and engaging experience: Users can enjoy chatting with Chat as it has a friendly personality and sense of humor. They can also explore their curiosity by asking Chat anything they want.
• More creative possibilities: Users can use Chat as a source of inspiration by asking it to generate content such as poems, lyrics, code snippets etc., for them.

What are some challenges or limitations of using Bing and ChatGPT?

Bing with ChatGPT is still an experimental technology that is undergoing testing and improvement. As such, it may encounter some challenges or limitations such as:

• It may not always provide accurate or relevant answers to your questions.
• It may sometimes generate inappropriate or offensive texts that do not reflect Microsoft’s values or policies.
• It may get confused or behave oddly if you engage in very long chat sessions with it .

Microsoft advises users to exercise caution when using Bing with ChatGPT and report any issues or feedback they encounter.

Conclusion

Bing with ChatGPT is an innovative feature that aims to enhance users’ search experience by providing them with intelligent, conversational, and personalized answers. It offers users several benefits such as saving time, getting diverse perspectives, learning new things, and having fun. However, it also has some challenges or limitations such as accuracy issues, inappropriate texts, and confusion problems.

If you want to try out this feature yourself, you need to use Microsoft Edge browser and go to www.bing.com/new or download the new Edge browser from here: https://www.microsoft.com/en-us/edge

What do you think about this feature? Do you find it useful or interesting? Do you have any questions or feedback? Please leave a comment below.

1. Stick the Hugo executable somewhere on the server.
2. Use the following PHP deploy script from here, published below in case it ever goes offline.

	/**
	 * Automated deploy from GitHub
	 *
	 * https://developer.github.com/webhooks/
	 * Template from ServerPilot (https://serverpilot.io/community/articles/how-to-automatically-deploy-a-git-repo-from-bitbucket.html)
	 * Hash validation from Craig Blanchette (http://isometriks.com/verify-github-webhooks-with-php)
	 */

	// Variables
	$secret = getenv('GH_DEPLOY_SECRET'); # Paul note: Best to set environment variable - avoid setting here.
	$repo_dir = '/home/example/git/examplerepo';
	$web_root_dir = '/home/example/public_html';
	$rendered_dir = '/public';
	$hugo_path = '/usr/local/bin/hugo';

	// Validate hook secret
	if ($secret !== NULL) {

		// Get signature
		$hub_signature = $_SERVER['HTTP_X_HUB_SIGNATURE'];

		// Make sure signature is provided
		if (!isset($hub_signature)) {
			file_put_contents('deploy.log', date('m/d/Y h:i:s a') . ' Error: HTTP header "X-Hub-Signature" is missing.' . "\n", FILE_APPEND);
			die('HTTP header "X-Hub-Signature" is missing.');
		} elseif (!extension_loaded('hash')) {
			file_put_contents('deploy.log', date('m/d/Y h:i:s a') . ' Error: Missing "hash" extension to check the secret code validity.' . "\n", FILE_APPEND);
			die('Missing "hash" extension to check the secret code validity.');
		}

		// Split signature into algorithm and hash
		list($algo, $hash) = explode('=', $hub_signature, 2);

		// Get payload
		$payload = file_get_contents('php://input');

		// Calculate hash based on payload and the secret
		$payload_hash = hash_hmac($algo, $payload, $secret);

		// Check if hashes are equivalent
		if (!hash_equals($hash, $payload_hash)) {
		    // Kill the script or do something else here.
		    file_put_contents('deploy.log', date('m/d/Y h:i:s a') . ' Error: Bad Secret' . "\n", FILE_APPEND);
		    die('Bad secret');
		}

	};

	// Parse data from GitHub hook payload
	$data = json_decode($_POST['payload']);

	$commit_message;
	if (empty($data->commits)){
		// When merging and pushing to GitHub, the commits array will be empty.
		// In this case there is no way to know what branch was pushed to, so we will do an update.
		$commit_message .= 'true';
	} else {
		foreach ($data->commits as $commit) {
			$commit_message .= $commit->message;
		}
	}

	if (!empty($commit_message)) {

		// Do a git checkout, run Hugo, and copy files to public directory
		exec('cd ' . $repo_dir . ' && git fetch --all && git reset --hard origin/master');
		exec('cd ' . $repo_dir . ' && ' . $hugo_path);
		exec('cd ' . $repo_dir . ' && cp -r ' . $repo_dir . $rendered_dir . '/. ' . $web_root_dir);

		// Log the deployment
		file_put_contents('deploy.log', date('m/d/Y h:i:s a') . " Deployed branch: " .  $branch . " Commit: " . $commit_message . "\n", FILE_APPEND);

	}

3. Create webhook and secret in Github repository.
4. Set GH_DEPLOY_SECRET as an environment variable for above script to use.
5. Skip for public repo, else create SSH key if needed ssh-keygen -t ed25519 -C "githubemail@example.com" and import key into your account on Github.
6. May need eval "$(ssh-agent -s)" and tell SSH to use the key ssh-add /path/to/key.
7. Clone the repo to your web server by running in a suitable directory git clone git@github.com:you/repo.git don’t worry about username will authenticate with SSH key.
8. CD into the repo directory make sure you can run git fetch --all.
9. If this fails, may need to create personal access token in Github and specify it as part of the URL in .git/config inside the repo directory.
10. May also need to run git config --global --add safe.directory /home/example/git/examplerepo.
11. Check line 69 of deployment script and make sure origin/master is correct for your branch.
12. Make sure PHP process has execute permissions on Hugo, and has read/write access to repo dir and the web server public_html directory, as once built into repodir/public it will need to be copied to public_html.
13. Check permissions on the Hugo temp folder /tmp/hugo_cache/.
14. If you can see this post, it worked!

Might write this up as more of an organised general tutorial one day, in the meantime feel free to drop any comments below.

Although I run my main private instance through Nginx, I do run an a very small public instance behind Apache. This is the relevent configuration under the VirtualHost on port 443:

ProxyPreserveHost On
RequestHeader set X-Forwarded-Proto "https"
ProxyPass /api/v1/streaming ws://localhost:4000
ProxyPassReverse /api/v1/streaming ws://localhost:4000
ProxyPass / http://localhost:3000/
ProxyPassReverse / http://localhost:3000/

ProxyPreserveHost, ProxyPass, ProxyPassReverse all require mod_proxy, RequestHeader requires mod_headers. Failure to have these modules installed when configured in .conf will likely prevent Apache from starting.

I would speculate that Mastodon wants to confirm its going to an https connection, hence RequestHeader - and perhaps its getting into a redirect loop due to this, with the virtual host on 80 redirecting? And possibly 403 is because Mastodon only expects a connection from something with the same hostname, and PreserveHost needs to be set. I’m not sure, but that would be my thinking.

I’ve had an electric vehicle for a couple of years now, back in the good old days there was myself and one other guy using the chargers every Saturday morning, we’d get maybe 4 or 5 kWh of electric for free while we were there doing the shop - enough for around 20 miles of range, not a big deal but nice to have every week. Over the last couple of years its obviously gotten busier as EV ownership has rocketed - to the point where all electric charging bays at Tesco were full, pretty much all the time.

Of course, mainly because they were free - paid for chargers are never that busy!

I had a bit of a rant on Zap Map eight months ago about people literally just abusing the chargers - they were always supposed to be for Tesco customers, so they could get a bit of free electric during their shop.

Probably since the start of this year, genuine people literally had little chance of using them for the intended purpose, at least where I live in Worthing. Things were probably slightly quieter during the week, but the temptation is always there to just plug your car in all day and leave it.

Anyway the 7kW chargers like at my Tesco are now 28p per kWh, frankly that’s still a pretty good deal to a lot of people, and the people that need to use them might actually be able to now. The pikey gits that ruined it for everyone can get stuffed! 😂 I’ll enjoy parking in the nice big EV bays again.

Yes it is!

If you edit the Mastodon env.production file and use the following:

LOCAL_DOMAIN=domain.tld
WEB_DOMAIN=subdomain.domain.tld

We’ll also need to forward Mastodon traffic, from the domain.tld - to the subdomain, as other instances on the internet won’t know about the subdomain, so all their traffic will need redirecting. You can do this in Apache by using mod_rewrite, in the sites .conf file place:

RewriteEngine on
RewriteRule ^/.well-known/host-meta(.*)$ https://subdomain.domain.tld/.well-known/host-meta$1 [L,R=301]
RewriteRule ^/.well-known/webfinger(.*)$ https://subdomain.domain.tld/.well-known/webfinger$1 [L,R=301]

That’ll redirect all the traffic to the right place. Using Nginx you should be able to do it by adding the below to the .conf file:

location = /.well-known/host-meta {
return 301 https://subdomain.domain.tld$request_uri;
}
location = /.well-known/webfinger {
return 301 https://subdomain.domain.tld$request_uri;
}

Webfinger seems to be used for new versions of Mastodon - however I’ve also forwarded host-meta in case old versions out there are still using it. I’ve not tested this on an instance that is already running - I would assume that existing accounts will retain their original usernames, so I’d only recommend on a new instance. Manually editing the existing usernames will likely break interactions with all other instances, breaking follows etc.