Lemmy

cross-posted from: https://vlemmy.net/post/241877

Title. 18.0 seems to refresh your feed when you return from having clicked a post. This makes it so you have to scroll back down every time you click on a post. It also refreshes the feed so new posts add to the scrolling. Can we get a fix for this in v18.1?

cross-posted from: https://lemmy.ml/post/1485422

So I’ve just now looked into bookwyrm despite knowing of it for a while. From what I can tell, it doesn’t federate with lemmy … please correct me if I’m wrong! And this seems to be largely because bookwyrm is largely user based, or at least that’s how mastodon sees it.

But it seems that lemmy and bookwyrm would actually be a good fit? Lemmy is communities with posts with comments. Bookwyrm seems to be books with reviews with comments. This feels like a one to one mapping could work well, no?

From what I gather, there are various bookwyrm instances with different focuses. So from lemmy you could search specifically to an instance for a book/community using key words, which would also work well. Then you could delve into the various reviews and comments etc.

More importantly, this would cross pollinate between the two platforms! And of course, any good review could be easily cross posted to any relevant community here, where all comments from here would also be federated with bookwyrm.

Thoughts?

The last upgrade with a piece of content in the feed is great and much more fun to browse ! That specific change makes me feel that I can jump from reddit to lemmy definitly.

Good work dudes <3

If you're like me, you're accustomed to setting up 2FA by having 1Password detect a QR code on-screen, but this doesn't work with Lemmy's 2FA since it never displays a QR code. Here's what you should do instead.

Start in Lemmy by enabling 2FA in your settings. When you save, scroll down again to the bottom of your settings. You'll now see a 2FA installation button. My first inclination was to click this button, but my Mac wanted to open it in the macOS keychain instead of 1Password. Instead, right click the button and copy the link. (It's styled as a button, but it's really just a plain link.)

Now, in 1Password, add a one-time password field to your Lemmy login. Paste the URL you copied from the button into the one-time password field. Save the login, and you should now see the one-time password displayed in 1Password.

You're actually done at this point. One thing that threw me off is that Lemmy's 2FA does not require a code validation step like many 2FA systems do. I validated it manually by logging out and logging back in. Lemmy asked me to enter the 2FA code, and I was able to copy/paste it from 1Password to log back in.

Hope this helps others who are confused like I was!

There is a big difference between mild NSFW and full on porno. Suppose there is a News story with photo/video but it's a little bit graphic or violent. Nobody is jacking off to that. Maybe shouldn't view it at work, but in the library is fine.

Maybe it's a funny meme pic but there's a nip slip situation going on. No biggy; it should probably be tagged NSFW. Probably don't want it showing up at actual work. But I want to enable this kind of content away from work without a bunch of actual porn showing up in my feed.

There should be a porn tag. It's not the same as NSFW.

EDIT: The two main devs have done some amazing work here, but as I understand it they are totally booked for the foreseeable future. My rust chops aren't quite up to snuff (yet) and my frontend chops are non-existent, so it might be a quite while before I'm up to speed enough to make a meaningful contribution. In the meantime just thought I'd point out the issue.

I recently started using Lemmy as an alternative to Reddit and there is one major inconvenience that makes it difficult to use. Specifically, there are no iPhone apps that support it (yet?). So instead, I am using it as a web app by adding it to my Home Screen. It works well for the most part, but there are no navigation buttons to allow me to go back and forth between pages. So I might find myself diving deep into a thread, but when I want to go back up a level, I can’t. Instead I’ve been tapping the instances icon at the top to get back to the home page. Then I have to go find where I was at again. Plus, there are no tab options that I could use as a workaround. Is there any way to pop up arrow keys or map them to one of the volume buttons? Is this something that needs to be added into the Lemmy software? Are there any known apps that support Lemmy in development?

I made, in fact, this commentary in another thread. But, for some reason, it shows up as if it was in this thread, in which I made another comment.

Lemmy is certainly a lot faster than new reddit, but I prefer the aesthetic and speed of old.reddit.com and hackernews. I like the minimalism and how everything defaults to the left of the browser rather than the center. I also really enjoy how I can expand the entire text of a post without actually clicking on the post's link.

Just my thoughts. Hoping to see more theme and front-end options emerge over time.

I have the application process enabled for people to join my instance, and I've gotten about 20 bots trying to join today when I had nobody trying to join for 5 days. I can tell because they are generic messages and I put a question in asking what 2+3 is and none of them have answered it at all, they just have a generic message.

Be careful out there, for all you small instance admins.

They went down for a lot of time. Are their downtimes linked somehow?

Since, everything done on behalf of your instance is logged, detecting if you have a large number of bots, or invalid users isn't that challenging.

These queries can be executed via docker exec -it, via remoting into the container, via pg query tools, or via pgadmin.

For listing all comments performed by users on your instance (This includes comments made remotely):

SELECT
	p.actor_id
	, p.name
	, c.content as comment
FROM public.comment c 
JOIN public.person p on p.id = c.creator_id
WHERE 
	p.local = 'true'
	AND p.admin = 'false' -- Exclude Admins
;

For listing all posts created, by users, from your instance-

SELECT
	p.actor_id
	, c.name AS title
	, c.body as body
FROM public.post c 
JOIN public.person p on p.id = c.creator_id
WHERE 
	p.local = 'true'
	AND p.admin = 'false' -- Exclude Admins
;

Lastly, here is a query to identify users who consistently upvotes or downvotes the same user over and over.

SELECT
	p.id
	, p.name
	, p.actor_id
	, cr.name as creator
	, count(1)
FROM public.comment_like l
JOIN public.comment c on c.id = l.comment_id
JOIN public.person p on p.id = l.person_id
JOIN public.person cr on cr.id = c.creator_id
WHERE 
	p.id != cr.id
	AND p.local = 'true'
	AND p.admin = 'false' -- Exclude Admins
GROUP BY p.id, p.name, p.actor_id, cr.name
ORDER BY count(1) desc
;

If- anyone has idea of other queries which can be created for detecting suspicious activity, please LMK.

Edit- added where clause to exclude admins. If your admins are spambots, you have bigger issues to worry about.

I like the current design, but the way the lines are too close to each other confuses me, so how can I get the design above me, where a line stops when a new child reply is dropped?

I think mastodon webfinger search is broken by the newest lemmy release

I can no longer look up lemmy posts by their url from mastodon. I am checking and it seems instances that haven't updated still work but the ones on v18 don't work

@lemmy @LemmyDev

504 Gateway Time-out nginx timeout error on home page

Instances, of course, have some bot-mitigation tools which they can use to prevent signups, etc.

However, what’s stopping bots from pretending to be their own brand new instance, and publishing their votes/spam to other instances?

Couldn’t I just spin up a python script to barrage this post, for example, with upvotes?

EDIT: Thanks to @Sibbo@sopuli.xyz ‘s answer, I am convinced that federation is NOT inherently susceptible, and effective mitigations can exist. Whether or not they’re implemented is a separate question, but I’m satisfied that it’s achievable. See my comment here: https://programming.dev/comment/313716

Can someone buy and donate it to us? :D

Can you help translate the Wikipedia article about Lemmy into your own language?

Currently it's only in 4 languages, so there's a lot of translation to be done!

#English
https://en.wikipedia.org/wiki/Lemmy_(software)

#German / #Deutsch
https://de.wikipedia.org/wiki/Lemmy_(Software)

#Ukrainian / #українська
https://uk.wikipedia.org/wiki/Lemmy_(програмне_забезпечення)

#Basque / #Euskara
https://eu.wikipedia.org/wiki/Lemmy_(softwarea)

[posted to @lemmy]

It was banned on Reddit because it is racist, hatefull and spread Conspiracies.

In my new community I expect the exclution of racist communities. It is easy now with defederation. Nazis can do whatever they want on their instances, but the instances I want to be part of should not amplify their shit and flush it into our timelines.

The instance-admin of !thedonald@sh.itjust.works did not reply to my message. Big instances seem not to defederate with them.

The new TD may not be a success, the point is not to give Nazis a platform like it is happening now. Fans of TD are racists.

Where are the instances that show face against racism?

edit: to contact the admins: @donut @TheDude @smorks

edit2: @TheDude deleted the community :)

There are now 3 additional sorting options, allowing you to sort by Top posts in the last 1, 6 and 12 hours.

Don't forget you can go into your settings and set the default to what you prefer.

It would be cool to have support for KaTeX (used by Khan Academy, claims to be the fastest) or MathJax (older, used more widely, but slow) in order to help kickstart math communities with beautiful equations instead of having users take screenshots or photos of equations. That itself would beat Reddit in that niche domain.

Hi, Do you have any suggestions on how to backup the database or any other suggestions before upgrading Lemmy?

Hi all,

I have an issue where I'm trying to setup my instance, and get as far as being able to register as an admin and login when using localhost, but not on my example domain.

When accessing my instance at https://lemmy.mydomain.com, for all appearances it appears to but up and running (I get a nice CSS theme)... but I simply cannot login. It gives 404 post responses.

Proof of failing login:

curl -H 'content-type: application/json' \
    --data-raw '{ \
"username":"tetris11", \
"password":"mypassword",  \
"password_verify":"mypassword, \
"show_nsfw":true \
}'  lemmy.mydomain.com/api/v3/user/register

returns:

<html>
<head><title>302 Found</title></head>
<body>
<center><h1>302 Found</h1></center>
<hr><center>nginx/1.25.1</center>
</body>
</html>

But if I change my domain into localhost:

curl -H 'content-type: application/json' \
    --data-raw '{ \
"username":"tetris11", \
"password":"mypassword",  \
"password_verify":"mypassword, \
"show_nsfw":true \
}'  localhost:8536/api/v3/user/register

I get

{ "jwt":"XXYYXXYY.XXYYXXYYYX", 
"registration_created":false,
"verify_email_sent":false 
}

or on repeated attempts:

{"error":"user_already_exists"}

My API is up but cannot be reached by https?

My lemmy.hjson

  database: {
    # put your db-passwd from above
    password: "db-password"
  }
  # replace with your domain
  hostname: "lemmy.mydomain.com"
  bind: "127.0.0.1"
  tls_enabled: true
  federation: {
    enabled: true
  }
  setup: {
    # Username for the admin user
    admin_username: "tetris11"
    # Password for the admin user. It must be at least 10 characters.
    admin_password: "mypassword"
    # Name of the site (can be changed later)
    site_name: "Welcome to the My Lemmy"
    # Email for the admin user (optional, can be omitted and set later through the web>
    admin_email: "realemail@email.com"
  }
  # remove this block if you don't require image hosting
  pictrs: {
    ## This port appears to be hardcoded
    url: "http://127.0.0.1:8080/"
  }
}

My lemmy-ui.service

[Unit]
Description=Lemmy UI - Web frontend for Lemmy
After=lemmy.service
Before=nginx.service

[Service]
User=lemmy
WorkingDirectory=/var/lib/lemmy-ui
ExecStart=/usr/bin/node dist/js/server.js
##Environment=LEMMY_UI_HOST=0.0.0.0:8536
Environment=LEMMY_UI_LEMMY_INTERNAL_HOST=localhost:8536
Environment=LEMMY_UI_LEMMY_EXTERNAL_HOST=lemmy.mydomain.com
Environment=LEMMY_UI_HTTPS=true
Environment=RUST_LOG=info
Restart=on-failure

# Hardening
ProtectSystem=full
PrivateTmp=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

My lemmy.service

[Unit]
Description=Lemmy - A link aggregator for the fediverse
After=network.target

[Service]
User=lemmy
ExecStart=/home/lemmy/.cargo/bin/lemmy_server
Environment=LEMMY_CONFIG_LOCATION=/etc/lemmy/lemmy.hjson
Environment=PICTRS_PATH=/var/lib/pictrs
Environment=PICTRS_ADDR=127.0.0.1:8080
Restart=on-failure

# Hardening
ProtectSystem=yes
PrivateTmp=true
MemoryDenyWriteExecute=true
NoNewPrivileges=true

[Install]
WantedBy=multi-user.target

My nginx.conf

    limit_req_zone $binary_remote_addr zone=lemmy.mydomain.com_ratelimit:10m rate=>

    server {
        server_name lemmy.mydomain.com;
        access_log  /var/log/lemmy.access.log combined;

        location / {
            proxy_pass http://0.0.0.0:1234/;  ## lemmy
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

    listen 443 ssl http2; # managed by Certbot
    listen [::]:443 ssl http2;
    ssl_certificate /etc/letsencrypt/live/lemmy.mydomain.com/fullchain.pem; # mana>
    ssl_certificate_key /etc/letsencrypt/live/lemmy.mydomain.com/privkey.pem; # ma>
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

After reading many Lemmy related discussions over the past days, it has become clear to me that what people expect from Lemmy / think it is, is quite different from what it actually is.

From the official documentation:

Lemmy is a selfhosted, federated social link aggregation and discussion forum. It consists of many different communities which are focused on different topics.

In other words, the Lemmy software tries to resemble Reddit and every instance that runs this software is (kind of) a Reddit clone.

Each instance is its own entire platform that is, due to federation, able to speak and pull in posts from other platforms that support the same federation protocol. Federation is often explained with the example of "imagine you could read all posts from Reddit, Facebook and Twitter on Reddit." This is indeed true, just that in the case of Lemmy (and other Fediverse platforms) a considerable number of people have decided to run the same software for all their platforms. I.e., we now have a Reddit-A, Reddit-B, Reddit-C, Reddit-D and so on.

Lemmy is not a platform, Lemmy is an application, and people have decided to all use the same software to run their own social media platforms.

Most users, on the other hand (including me), expect a single distributed platform or system. This is also how federation is being (miss)explained by many members of the community. Users expect a network of nodes which all come together to form a single system, but at the moment we have a collection of identically looking platforms which all try to either be the same thing or something entirely different. While users are unable to tell them apart.

I believe this is either a major design flaw of Lemmy (or lack of any design) or it is precisely what the creators intended, and the software is being greatly misused.

To come closer to what many users expect from the platform, Lemmy should be split up into its structural components.

This means instead of the current instances, we would have two servers, user servers and community servers. Users would be solely responsible for providing user accounts to Lemmy users. Server admins can define registration policies as it is possible today and control who signs up to their server.

Community servers, on the other hand, would be responsible for hosting one or more communities and their sole purpose would be to distribute posts and their comments to users. These servers would still be able to define policies for how people are granted write access or who can create new communities, so there might be an application required to join a community server. Moderation would also happen on the community server according to the rules defined for the server and the individual communities.

A crucial point in this is that community servers do not federate with each other, there is no reason to. Federation mainly happens between user servers and community servers (user servers might also exchange details about their users).

This setup would truly resemble the analogy that is often cited when explaining the Fediverse, email. Email (in the context of Lemmy) consists of email providers like GMail or Hotmail, that enable their users to communicate via E-Mail, but they usually do not host the mailing lists a user might subscribe to.

Distributing Lemmy like this would greatly reduce what has to be considered when choosing a provider for a Lemmy account. User servers would solely be service providers that enable access to the platform, while community servers can provide hosting for communities as well as rules and moderation.

There is more that could be done in regard to distributing the platform, but this seems like the most obvious first step.