As Mastodon temporaliry saves uploaded content to memory and disk (if
/tmp is a disk), unlimiting client max body size makes the server
vulnerable to DoS attack.
This gives some advice on getting started with an email service guide, including specifics on the process and caveats of the various free services people recommend, as well as a short command in the Rails console that helps a user test this out.
* add ExecReload to reload puma.
This enables puma to reload changes without restarting process.
* fix path for command `kill`
* fix to bash.
* change to /bin/kill
* change from hot restart to phased restart.
* "gcc-6" should just be "gcc"
gcc-6 isn't a valid package name
* It was `adduser mastodon` for a reason
making it with `--system and --disabled-password` breaks the rest of the guide where `su - mastodon` is used.
I use this method as it makes maintaining the Mastodon instance easier.
* eval "$(rbenv init -)" should be in ~/.bashrc as well
otherwise the correct ruby version isn't used
* Use sudo su - instead
- Nginx duplication in packages installation
- Specify the user type for `mastodon` (--system and --disabled-password)
- Simplify services start-up
- Clearly write how to check services are running (or not) with `systemctl status`
* Complete re-write of Mastodon Production Guide
I re-wrote the Mastodon Production Guide so that it has a better structure.
Work on this re-write was done on my own repo:
https://github.com/staticsafe/mastodon-documentation
* Fix typo in a heading
* Change node.js Repository section to use curl|bash method.
For simplicity's sake
* Add an explanation of the dependencies
Added in the "Various Other Dependencies" section.
* Fix links to the Ruby project, was using the link to Rails previously.
* Add Let's Encrypt section with a short guide to certificate tool installation, certificate generation and automated renewal.
* Use systemctl instead of service in LE section
This is for consistency reasons.
`assets` are now at `packs`. Unfortunately this change will permanently cache `stats.json` and `report.html`, but these aren't super critical since they're just for debugging. I confirmed that `manifest.json` is not affected and no other non-fingerprinted assets are affected.
* Add a Debian 8 installation note
According to the conversation in f0a863feec, Debian 8 installs
an older version of nginx by default. This adds a note telling people
how to install a newer one.
* updating wording
Themanwhoisit