Whalebird-desktop: A Fediverse Client App for Desktop

Whalebird

Whalebird is a Fediverse client app for desktop.

Feature

• An interface like slack
• Notify to desktop
• Streaming
• Many keyboard shortcuts
• Manage multiple accounts
• Supporting
  • Mastodon
  • Pleroma
  • Misskey

Shortcuts

Install

Mac

Or you can download .dmg from release page.

So on, you can install from Homebrew:

$ brew update
$ brew install --cask whalebird

:sparkles: Thanks to @singingwolfboy for adding it to homebrew-cask.

Linux

There are some packages in release page, for example .deb, .rpm and .AppImage. If you do not want to use the package manager, please download .tar.bz2 file and decompress it.

If you are using snap, please install from snapcraft.io.

$ sudo snap install whalebird

Or you can install from Arch User Repository.

$ yay -S whalebird

Windows

We prepared winget package and .exe files, but we don't recommend these ways. Because these binary is not code signed, so you will get warnings when you launch. Only Windows Store version is signed, so please use it.

$ winget show "Whalebird" --versions

Translation

If you can speak multiple languages, could you please help with translation in Crowdin?

Or if you want add new language, please create an issue. I will add it.

Development

We'd love you to contribute to Whalebird.

Minimum requirements for development

• Node.js greater than or equal version 15.0.0 (16.x is recommended)
• npm or yarn

Getting started

# clone this repository
$ git clone https://github.com/h3poteto/whalebird-desktop.git
$ cd whalebird-desktop

# Install font config
$ sudo apt-get install libfontconfig-dev

# install dependencies
$ yarn install

# serve with hot reload at localhost:9080
$ yarn run dev

Download Details:

Author: H3poteto
Source Code: https://github.com/h3poteto/whalebird-desktop 
License: MIT license

#typescript #electron #vue #mastodon 

How to Automate Mastodon interactions with Python

Follow along as I play with the Mastodon API to create a new application.

The federated Mastodon social network has gotten very popular lately. It's fun to post on social media, but it's also fun to automate your interactions. There is some documentation of the client-facing API, but it's a bit light on examples. This article aims to help with that.

You should be fairly confident with Python before trying to follow along with this article. If you're not comfortable in Python yet, check out Seth Kenlon's Getting started with Python article and my Program a simple game article.

Create an application

The first step is to go to Preferences in Mastodon and select the Development category. In the Development panel, click on the New Applications button.

After creating an application, copy the access token. Be careful with it. This is your authorization to post to your Mastodon account.

There are a few Python modules that can help.

• The httpx module is useful, given that it is a web API.
• The getpass module allows you to paste the token into the session safely.
• Mastodon uses HTML as its post content, so a nice way to display HTML inline is useful.
• Communication is all about timing, and the dateutil and zoneinfo modules will help deal with that.

Here's what my typical import list looks like:

import httpx
import getpass
from IPython.core import display
from dateutil import parser
import zoneinfo

Paste in the token into the getpass input:

token=getpass.getpass()

Create the httpx.Client:

client = httpx.Client(headers=dict(Authorization=f"Bearer {token}"))

The verify_credentials method exists to verify that the token works. It's a good test, and it gives you useful metadata about your account:

res = client.get("https://mastodon.social/api/v1/accounts/verify_credentials")

You can query your Mastodon identity:

res.raise_for_status()
result = res.json()
result["id"], result["username"]

>>> ('27639', 'moshez')

Your mileage will vary, but you get your internal ID and username in response. The ID can be useful later.

For now, abstract away the raise_for_status and parse the JSON output:

def parse(result):
    result.raise_for_status()
    return result.json()

Here's how this can be useful. Now you can check your account data by ID. This is a nice way to cross-check consistency:

result = parse(client.get("https://mastodon.social/api/v1/accounts/27639"))
result["username"]

>>> 'moshez'

But the interesting thing, of course, is to get your timeline. Luckily, there's an API for that:

statuses = parse(client.get("https://mastodon.social/api/v1/timelines/home"))
len(statuses)

>>> 20

It's just a count of posts, but that's enough for now. There's no need to deal with paging just yet. The question is, what can you do with a list of your posts? Well, you can query it for all kinds of interesting data. For instance, who posted the fourth status?

some_status = statuses[3]
some_status["account"]["username"]

>>> 'donwatkins'

Wonderful, a tweet from fellow Opensource.com correspondent Don Watkins! Always great content. I'll check it out:

display.HTML(some_status["content"])

<p>Just finished installed <span class="h-card"><a href="https://fosstodon.org/@fedora" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>fedora</span></a></span> <a href="https://fosstodon.org/tags/Silverblue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Silverblue</span></a> 37 on <span class="h-card"><a href="https://fosstodon.org/@system76" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>system76</span></a></span> <a href="https://fosstodon.org/tags/DarterPro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DarterPro</span></a></p>

"Just" finished? Wait, when was this tweet posted? I live in California, so I want the time in my local zone:

california = zoneinfo.ZoneInfo("US/Pacific")
when = parser.isoparse(some_status["created_at"])
print(when.astimezone(california))

>>> 2022-12-29 13:56:56-08:00

Today (at the time of this writing), a little before 2 PM. Talk about timeliness.

Do you want to see the post for yourself? Here's the URL:

some_status["url"]

>>> 'https://fosstodon.org/@donwatkins/109599196234639478'

Enjoy tooting, now with 20% more API!

Original article source at: https://opensource.com/

#python #automate #mastodon 

Wildebeest: An ActivityPub and Mastodon-compatible Server

Wildebeest

Wildebeest is an ActivityPub and Mastodon-compatible server whose goal is to allow anyone to operate their Fediverse server and identity on their domain without needing to keep infrastructure, with minimal setup and maintenance, and running in minutes.

Wildebeest runs on top Cloudflare's Supercloud, uses Workers and Pages, the D1 database to store metadata and configurations, Zero Trust Access to handle authentication and Images for media handling.

Currently, Wildebeest supports the following features:

• Authentication and automatic profile creation.
• Message signing & notification.
• Inbox and Outbox notes (text, mentions and images), follow, announce (reblog), accept (friend), like.
• Server to server federation.
• Web client for content exploration (read-only).
• Compatibility with other Mastodon clients (Mobile iOS/Android and Web).

Cloudflare will continue to evolve this open-source project with additional features over time and listen to the community feedback to steer our priorities. Pull requests and issues are welcome too.

Requirements

Wildebeest is a full-stack app running on top of Cloudflare Pages using Pages Functions. We are of course assuming that you have a Cloudflare account (click here if you don't) and have at least one zone using Cloudflare. If you don't have a zone, you can use Cloudflare Registrar to register new a new domain or transfer an existing one.

Some features, like data persistence, access controls, media storage, are handled by other Cloudflare products:

• D1 for the database.
• Workers KV for object caching.
• Zero Trust Access to handle user authentication and SSO on any identity provider.
• Images for media handling.

Most of our products offer a generous free plan that allows our users to try them for personal or hobby projects that aren’t business-critical. However the Images one doesn't have a free tier, so for setting up your instance you need to activate one of the paid Images plans.

Images plan

To activate Images, please login into your account, select Images on the left menu, and then select the plan that best fits your needs.

API token

Before we begin, you also need to create an API token in your Cloudflare account. To do that, login into your account, and press the Create Token button under My Profile (top right corner) / API Tokens.

Now press Create Custom Token and add the following permissions:

• D1, account level, edit permission.
• Cloudflare Pages, account level, edit permission.
• Access: Apps and policies, account level, edit permission.
• Access: Organizations, Identity Providers and Groups, account level, read permission.
• Workers KV Storage, account level, edit permission.
• DNS, zone level, edit permission.
• Cloudflare Images, account level, edit permission.
• Workers Scripts, account level, edit permission.

You can limit the token to the specific zone where you will using Wildebeest if you want. Don't set a TTL.

Now Continue to Summary, review your settings, and Create Token. Take note of your token and store it in your password manager, you're going to need it later.

Zone and Account IDs

You also need to take note of your Zone and Account IDs. To find them, login into your account and select the zone (domain) where you plan to use Wildebeest. Then, on the Overview page you will the following information:

We're all set now, let's start the installation process.

Getting started

Wildebeest uses Deploy to Workers to automate the installation process.

Click here to start the installation.

Please pay attention to all the steps involved in the installation process.

• Authorize Workers to use your GitHub account.
• Enter your Account ID (from the previous section) and the API token that you created previously.
• Configure your instance/project with the Zone ID, Domain, Title, Admin Email and Description.
• Fork the repository into your personal GitHub account.
• Enable GitHub Actions.
• Deploy.

Authorizations and API Token

The first two steps are authorizing Workers to use your GitHub account and entering your Account ID and the API token you created in the requirements section.

Instance configuration

Configure your instance/project with the Zone ID (see the requirements above), Domain (the full FQDN domain of your zone, where you want to deploy your Wildebeest server), Title, Admin Email and Description.

Now click Fork the repository.

Then enable GitHub Actions and confirm by clicking Workflows enabled.

And finally click Deploy.

The installation script will now build and deploy your project to Cloudflare Pages and will run a Terraform script to configure the D1, KV, DNS, Images and Access settings automatically for you.

Finish installation

If you followed all the steps, you should see a successful GitHub Actions build.

You can also confirm in the Cloudflare dashboard that the Pages project, DNS entry, KV namespace, D1 database and Access rule were all created and configured.

Almost there, only one last step missing:

Configure the access rule

The installation process automatically created a Zero Trust Access application called wildebeest-your-github-user for you. Now you need to create a policy that defines who can have access to your Wildebeest instance.

Go to https://one.dash.cloudflare.com/access and select your account, then select Access / Applications and Edit the wildebeest-your-github-user application.

Now click Add a policy. Name the policy wildebeest-policy, set the action to Allow, and add an include rule with the list of Emails that you want to allow and then click Save policy

You're ready

Open your browser and go to your newly deployed Wildebeest domain https://social.example/ (replace social.example with your domain). You should see something like this:

Go to https://social.example/api/v1/instance (replace social.example with your domain) and double-check your configuration. It should show:

{
    "description": "Private Mastodon Server",
    "email": "admin@social.example",
    "title": "My Wildebeest Server",
    "registrations": false,
    "version": "4.0.2",
    "rules": [],
    "uri": "social.example",
    "short_description": "Private Mastodon Server"
}

That's it, you're ready to start using your Wildebeest Mastodon compatible instance.

Supported clients

Wildebeest is Mastodon API compatible, which means that you should be able to use most of the Web, Desktop, and Mobile clients with it. However, this project is a work in progress, and nuances might affect some of their functionality.

This is the list clients that we have been using successfully while developing and testing Wildebeest:

• Pinafore web client (source).
• Mastodon official mobile client for iOS (source) and Android (source).

Wildebeest also provides a read-only web client in your instance URL, where you can explore the timelines (local and federated), posts and profiles. Please use the existing Mastodon clients to post and manage your account.

Wildebeest has no user registration

Wildebeest uses Zero Trust Access to handle user authentication. It assumes that your users will register with another identity provider (Zero Trust supports many providers or your custom one that implements Generic SAML 2.0).

When you start using Wildebeest with a client, you don't need to register. Instead, you go straight to log in, which will redirect you to the Access page and handle the authentication step according to the policy that you defined earlier.

When authenticated, Access will redirect you back to Wildebeest. The first time this happens, we will detect that we don't have information about the user and ask for your Username and Display Name. This will be asked only once and is what will show in your public Mastodon profile.

Updating Wildebeest

Updating your Wildebeest to the latest version is as easy as going to your forked repo on GitHub and clicking the Sync fork button:

Once your fork is syncronized with the official repo, the GitHub Actions CI is triggered and a new build will be deployed.

Additional Cloudflare services

Since Wildebeest is a Cloudflare app running on Pages, you can seamlessly enable additional Cloudflare services to protect or improve your server.

Email Routing

If you want to receive Email at your @social.example domain, you can enable Email Routing for free and take advantage of sophisticated Email forwarding and protection features. Simply log in to your account, select the Wildebeest zone and then click on Email to enable.

Troubleshooting

Sometimes things go south. The GitHub Actions deployment can fail for some reason, or some configuration changed or was accidentally removed.

Starting over

If you attempted to deploy Wildebeest in your account and something failed, or you simply want to reinstall everything from scratch again, you need to do manual checkups and cleaning before you start over.

• Go to your zone DNS settings and delete the CNAME record that points to wildebeest-username.pages.dev
• Go to your account Pages section and delete the wildebeest-username project (make sure you remove the custom domain first if it's been configured).
• Go to your account Workers / KV section and delete the wildebeest-username-cache and wildebeest-terraform-username-state namespaces.
• Go to your account Workers / D1 and delete the wildebeest-username database.
• Launch Zero Trust, select your account, go to Access / Applications and delete the wildebeest-username application.
• Delete your GitHub wildebeest forked repo.

You can now start a clean install.

Error 1102

Wildebeest runs cryptographical functions and can process lots of data internally, depending on the size of the instance and social graph. It's possible that, in some cases, a request exceeds the Worker's resource limits in the free plan.

We will keep optimizing our code to run as fast as possible, but if you start seeing 1102 errors when using your Wildebeest pages and APIs, you might need to upgrade to Workers Unbound, which provides much higher limits.

To do that, go to your Account Page / Pages, select the wildebeest-username project, go to Settings / Functions and change the usage model to Unbound.

After you change your Pages project to Unbound, you need to redeploy it. Go to GitHub Actions in your repo, select the latest successful deploy, and press Re-run all jobs.

Download Details:

Author: Cloudflare
Source Code: https://github.com/cloudflare/wildebeest 
License: View license

#typescript #server #mastodon

Elk: A Nimble Mastodon Web Client

Elk alpha

A nimble Mastodon web client 

⚠️ Elk is in Alpha

It is already quite usable, but it isn't ready for wide adoption yet. We recommend you use it if you would like to help us build it. We appreciate your feedback and contributions. Check out the Open Issues and jump in the action. Join the Elk discord server to chat with us and learn more about the project.

Official Deployment

The Elk team maintains a deployment at:

• 🦌 Production: elk.zone
• 🐙 Canary: main.elk.zone (deploys on every commit to main branch)

Ecosystem

These are known deployments using Elk as an alternative Web client for Mastodon servers or as a base for other projects in the fediverse:

• elk.h4.io - Use Elk for the h4.io Server
• elk.universeodon.com - Use Elk for the Universeodon Server

And all the companies and individuals sponsoring Elk Team and the members. If you're enjoying the app, consider sponsoring us:

• Elk Team's GitHub Sponsors

Or you can sponsor our core team members individually:

• Anthony Fu
• Daniel Roe
• 三咲智子 Kevin Deng
• Patak

We would also appreciate sponsoring other contributors to the Elk project. If someone helps you solve an issue or implement a feature you wanted, supporting them would help make this project and OS more sustainable.

📍 Roadmap

Open board on Volta

🧑‍💻 Contributing

We're really excited that you're interested in contributing to Elk! Before submitting your contribution, please read through the following guide.

Online

You can use StackBlitz Codeflow to fix bugs or implement features. You'll also see a Codeflow button on PRs to review them without a local setup. Once the elk repo has been cloned in Codeflow, the dev server will start automatically and print the URL to open the App. You should receive a prompt in the bottom-right suggesting to open it in the Editor or in another Tab. To learn more, check out the Codeflow docs.

Local Setup

Clone the repository and run on the root folder:

pnpm i
pnpm run dev

Warning: you will need corepack enabled, check out the Elk Contributing Guide for a detailed guide on how to set up the project locally.

We recommend installing ni, that will use the right package manager in each of your projects. If ni is installed, you can instead run:

ni
nr dev

Testing

Elk uses Vitest. You can run the test suite with:

nr test

🦄 Stack

• Vite - Next Generation Frontend Tooling
• Nuxt - The Intuitive Web Framework
• Vue - The Progressive JavaScript Framework
• VueUse - Collection of Vue Composition Utilities
• Pinia - The Vue Store that you will enjoy using
• Vue Macros - More macros and syntax sugar for Vue
• UnoCSS - The instant on-demand atomic CSS engine
• Iconify - Iconify icon sets in JSON format
• Masto.js - Mastodon API client in TypeScript
• shiki - A beautiful Syntax Highlighter
• vite-plugin-pwa - Prompt for update and push notifications

Download Details:

Author: Elk-zone
Source Code: https://github.com/elk-zone/elk 
License: MIT license

#vue #typescript #mastodon #client #nuxt #app 

Simple 6 Steps to Get Verified on Mastodon with Encrypted Keys

Get Mastodon's green checkmark with PGP and Keyoxide.

Mastodon permits its users to self-verify. The easiest method to do this is through a verification link. For advanced verification, though, you can use the power of shared encrypted keys, which Mastodon can link to thanks to the open source project Keyoxide.

Install

Pretty good privacy (PGP) is a standard for shared key encryption. All PGP keys come in pairs. There's a public key, for use by anyone in the world, and a secret key, for use by only you. Anyone with your public key can encode data for you, and once it's encrypted only your secret key (which only you have access to) can decode it again.

If you don't already have a key pair, the first step for encrypted verification is to generate one.

There are many ways to generate a PGP key pair, but I recommend the open source GnuPG suite.

On Linux, GnuPG is already installed.

On Windows, download and install GPG4Win, which includes the Kleopatra desktop application.

On macOS, download and install GPGTools.

1. Create a key pair

If you already have a GPG key pair, you can skip this step. You do not need to create a unique key just for Mastodon.

To create a new key, you can use the Kleopatra application. Go to the File menu and select New key pair. In the Key Pair Creation Wizard that appears, click Create a personal OpenPGP key pair. Enter your name and a valid email address, and select the Protect the generated key with a passphrase option. Click Create to generate your key pair.

(Seth Kenlon, CC BY-SA 4.0)

Alternately, you can use the terminal:

$ gpg2 --full-generate-key

Follow the prompts until you have generated a key pair.

2. Add notation

Now that you have a key, you must add special metadata to it. This step requires the use of the terminal (Powershell on Windows) but it's highly interactive and isn't very complex.

First, take a look at your secret key:

gpg2 --list-secret-keys

The output displays your GnuPG keyring, containing at least one secret key. Locate the one you want to use for Mastodon (this might be the only key, if you've just created your first one today.) In the output, there's a long alphanumeric string just above a line starting with uid. That long number is your key's fingerprint. Here's an example:

sec   rsa4096 2022-11-17 [SC]
      22420E443871CF4313B9E90D50C9169F563E50CF
uid           [ultimate] Tux <tux@example.com>
ssb   rsa4096 2022-11-17 [E]

This example key's fingerprint is 22420E443871CF4313B9E90D50C9169F563E50CF. Select your key's fingerprint with your mouse, and then right-click and copy it to your clipboard. Then copy it into a document somewhere, because you're going to need it a lot during this process.

Now you can add metadata to the key. Enter the GnuPG interface using the gpg2 --edit-key command along with the fingerprint:

gpg2 --edit-key 22420E443871CF4313B9E90D50C9169F563E50CF

At the GnuPG prompt, select the user ID (that's your name and email address) you want to use as your verification method. In this example, there's only one user ID (uid [ultimate] Tux <tux@example.com>) so that's user ID 1:

gpg> uid 1

Designate this user as the primary user of the key:

gpg> primary

For Keyoxide to recognize your Mastodon identity, you must add a special notation:

gpg> notation

The notation metadata, at least in this context, is data formatted to the Ariadne specification. The metadata starts with proof@ariadne.id= and is followed by the URL of your Mastodon profile page.

In a web browser, navigate to your Mastodon profile page, and copy the URL. For me, in this example, the URL is https://example.com/@tux, so Enter the notation at the GnuPG prompt:

gpg> notation
Enter the notation: proof@ariadne.id=http://example.com/@tux

That's it. Type save to save and exit GnuPG.

gpg> save

3. Export your key

Next, export your key. To do this in Kleopatra, select your key and click the Export button in the top toolbar.

Alternately, you can use the terminal. Reference your key by its fingerprint (I told you that you'd be using it a lot):

gpg2 --armor --export \
22420E443871CF4313B9E90D50C9169F563E50CF > pubkey.asc

Either way, you end up with a public key ending in .asc. It's always safe to distribute your public key. (You would never, of course, distribute your secret key because it is, as its very name implies, meant to be secret.)

4. Upload your key

Open your web browser and navigate to keys.openpgp.org.

On the keys.openpgp.org website, click the Upload link to upload your exported key. Do this even if you've had a GPG key for years and know all about the --send-key option. This is a unique step to the Keyoxide process, so don't skip it.

(Seth Kenlon, CC BY-SA 4.0)

After your key's been uploaded, click the Send confirmation email button next to your email address so you can confirm that you own the email your key claims it belongs to. It can take 15 minutes or so, but when you receive an email from Openpgp.org, click the confirmation link to verify your email.

5. Add your key to Mastodon

Now that everything's set up, you can use Keyoxide as your verification link for Mastodon. Go to your Mastodon profile page and click the Edit profile link.

On the Edit profile page, scroll down to the Profile Metadata section. Type PGP (or anything you want) into the Label field. In the Content field, type https://keyoxide.org/hkp/ and then your key fingerprint. For me, in this example, the full URL is https://keyoxide.org/hkp/22420E443871CF4313B9E90D50C9169F563E50CF.

Click the Save button and then return to your profile page.

(Seth Kenlon, CC BY-SA 4.0)

You can click the Keyoxide link in your profile to see your Keyoxide "profile" page. This page is actually just a rendering of the GPG key you created. Keyoxide's job is to parse your key, and to be a valid destination when you need to link to it (from Mastodon, or any other online service.)

6. Build trust

The old Twitter verification method was opaque and exclusive. Somebody somewhere claimed that somebody else somewhere else was really who they said they were. It proved nothing, unless you agree to accept that somewhere there's a reliable network of trust. Most people choose to believe that, because Twitter was a big corporation with lots at stake, and relatively few people (of the relative few who were granted it) complained about the accuracy of the Twitter blue checkmark.

Open source verification is different. It's available to everyone, and proves as much as Twitter verification did. But you can do even better. When you use encrypted keys for verification, you grant yourself the ability to have your peers review your identity and to digitally sign your PGP key as a testament that you are who you claim you are. It's a method of building a web of trust, so that when you link from Mastodon to your PGP key through Keyoxide, people can trust that you're really the owner of that digital key. I also means that several community members have met you in person and signed your key.

Help build human-centric trust online, and use PGP and Keyoxide to verify your identity. And if you see me at a tech conference, let's sign keys!

Original article source at: https://opensource.com/

#mastodon #key #steps 

Switch From Twitter to Mastodon

Mastodon is an open source microblogging community.

Like many people, I find social media somewhat exciting and also...a bit much. Sometimes you get deep-fried in algorithms, tracking data, and ads catered especially for you. You lack administrative control over what you want to see, especially on the old platforms many of us are used to. As usual, you must look to open source to fix the problem. And that's exactly what Mastodon, an open source microblogging community, does.

With Mastodon social, not only are you working with open source software, but everything is decentralized, which means you can pick what you want to see partly based on the instance you want to occupy. Mastodon uses separate instances, each with its own code of conduct, privacy options, and moderation policies. That means that when you join an instance, you're less likely to see the stuff you're not interested in and more likely to see messages from people who share your interests.

However, you can also interact with other instances. All Mastodon installs have the potential to be "federated" in what its users call the "fediverse."

What is the fediverse?

The fediverse is an ensemble of federated (or interconnected) servers. The word comes from the mix of "federated" and "universe." You can use this for all sorts of web publishing, from social networking to websites to file hosting. While each instance is hosted independently, they can talk to each other.

So how can I sign up for Mastodon?

First, go to Mastodon.social to sign up.

On the right-hand side of the screen, there are Sign in and Create account buttons.

(Jess Cherry, CC BY-SA 4.0)

However, because anyone can run a Mastodon server, there are many instances, and some servers are already home to a community with interests that may align with your own. As I've said, you'll have access to the whole fediverse no matter what, but it can be nice to start on a server where people already "speak your language" (that can be literal, too, because you can add a filter to find a server in your native language).

To find a server, click the Find another server button.

(Jess Cherry, CC BY-SA 4.0)

When you click that button, you're brought to the Join Mastodon page, with a button to list available servers.

(Jess Cherry, CC BY-SA 4.0)

As you scroll down, you can pick a topic on the left to help you find where you would like to be hosted.

(Jess Cherry, CC BY-SA 4.0)

I'm all about open source, so let's see what we have in the technology topic.

(Jess Cherry, CC BY-SA 4.0)

As you can see, there's a large index with many waiting lists. In this case, it looks like Don Watkins, a fellow Opensource.com author, has chosen an instance that works for himself and our talented group. So I'll skip ahead and tell you where I'm going: There's a free open source software server known as Fosstodon, and I've chosen to sign up there so I can share my articles freely.

[ Related read Switching from Twitter to Mastodon: What sysadmins need to know ]

Here are the sign-in steps.

First, enter your information:

(Jess Cherry, CC BY-SA 4.0)

Next, you get a message about a confirmation email:

(Jess Cherry, CC BY-SA 4.0)

When you get to your email, click the Verify button, and the system prompts you to confirm your login information.

This server does have an application process to join. This process isn't just for safety reasons but also for privacy. Once approved, you get this amazing email!

(Jess Cherry, CC BY-SA 4.0)

I kept my handle from other social media venues, so it's easy to move back and forth from one place to another and cross-post with replication and API calls.

Complete control

Now that I have a new profile, I can change preferences on what emails I receive, allowing for more control over what I see. This is a good way to give me more power over my media intake, and it's greatly appreciated. Once I click Preferences, Mastodon offers me cool appearance, language information, and many other options.

(Jess Cherry, CC BY-SA 4.0)

Next, I can click notifications and limit what I see and what I get notified for, so I can opt for less noise.

(Jess Cherry, CC BY-SA 4.0)

This complete control of my media without algorithmic intervention is great. You can also set up featured hashtags for what you want on your profile to follow long-term projects or allow people to find you by following those hashtags. You also have the options for filters, followers, and so much more.

Final notes

This open source social media is a great way to find your group of people and broadly interact with those in a broad universe of interests. Controlling media intake is great for some balance in your life, and you can opt-in to contributing by checking the contributor rules.

In addition to the control over your own social media experience, you also gain phone apps that work on all devices, including Toot for iPhone and Tusky for Android.

Long story short: I think we should all get ready for a new open source world of social media.

Original article source at: https://opensource.com/

#mastodon #twitter 

4 Favorite key differences between Twitter and Mastodon

Mastodon is not a corporation. All of its instances are staffed and supported by each server's contributors. Here are a few other advantages.

Social media is not always sociable, and sometimes we need a sufficient impetus to change what we do and what we read. I began using Twitter as a replacement for my RSS reader in 2008, which revolutionized how I read and learned up to that point. Tweets from educators and free and open source (FOSS) advocates worldwide kept me informed and engaged in a learning network that was without equal. That's changed over the past half dozen years, and recently a change in ownership and the shaping of what I read was driven more by an algorithm than by my personal interests and choices. During a yearly meetup of correspondents and editors of Opensource.com a few years ago, Seth Kenlon suggested giving Mastodon a try. I joined Fosstodon in 2019. Fosstodon is a Mastodon instance for a community of like-minded people who enjoy free and open source software.

Mastodon vs Twitter

Change is not easy. Being a creature of habit, I stayed with my old standby even though it was becoming increasingly tiresome. The threat of its sale in the spring of 2022 invited me to reconsider Fosstodon.

1. Favorite instead of like

The Mastodon interface is similar to Twitter. Rather than "liking" a post, you "favorite" a post on Mastodon by clicking the star icon under the post content.

(Don Watkins, CC BY-SA 4.0)

2. Share a post

Re-sharing on my old network is a "retweet," but on Mastodon, it's a "boost." You click the double-arrow icon under the post content to boost a post.

(Don Watkins, CC BY-SA 4.0)

3. Mastodon instances

Because anyone can run a Mastodon instance, different instances not only have unique communities (like the ones that form around specific hashtags on Twitter, but Mastodon also has hashtags). Some have a unique set of rules. For instance, unlike my former social network, there were content moderation rules on Fosstodon that seemed strict initially. I made a post unrelated to FOSS software, and my post was removed. I was told it had been removed because I'd not issued a "content warning." That irked me, so I looked for another instance and found a couple more to my liking. One was Mastodon.social, and the other Scholar.social. The former is a general server with no expectation about what you will post. The latter was an instance dedicated to academics. In all cases, there are well-enforced codes of conduct.

Each instance has rules, and while they differ slightly in the description, they clearly spell out what is and is not acceptable behavior. Fosstodon published its code of conduct, which established the rules and expectations of behavior on the site.

4. Open source social networking

If you want to run your own Mastodon instance or help develop one, you'll be happy to know that Mastodon is open source. It uses an AGPLv3 license, and its source code is available as a Git repository. The software provides a social network server that uses the ActivityPub protocol to communicate with other servers worldwide.

Mastodon is not a single site on the internet but a series of sites spanning the globe and communicating with each other. This federated network is referred to as the "fediverse." Unlike other social networks, where there's a single owner of the network, Mastodon and other ActivityPub sites are owned by anyone who runs a server.

From a user's perspective, this doesn't matter at first. You can sign up on any Mastodon instance and then connect to all other instances.

[ Related read Switching from Twitter to Mastodon: What sysadmins need to know ]

There is power to this distributed design, though. If you encounter an instance with a community producing content you'd rather not see, you can block either a single user from that instance or the whole instance.

In the past month, I've returned to Fosstodon primarily because open source is my passion. I enjoy sharing open source content on Fosstodon because the other users of Fosstodon are generally receptive to posts about free and open source software. When I have something to share that's not considered appropriate on Fosstodon, I share it on Scholar.social or Mastodon.social.

Not all instances have topics they focus on, and even those that do often use their topical interests as a guideline rather than grounds for strict removal of posts. If you have a particular interest, you might be able to find a community built around that topic, and you're likely to see that you have an instant audience. Of course, you'll still always be able to communicate with users of other instances, too.

Try Mastodon

Mastodon is not a corporation. All of its instances are staffed and supported by each server's contributors. Some instances make it easy to support them with Patreon or PayPal.

I have found the fediverse a welcoming place that brings joy back into social networking. Have you joined Mastodon? What are your takeaways? Let us know in the comments.

Original article source at: https://opensource.com/

#mastodon #twitter 

How to Get Verified on Mastodon with Your Website

Three easy steps to a green checkmark on the open source social media platform.

If you're migrating away from Twitter, you might be looking for a way to ensure your followers that you are who you say you are. Ignoring debates of how anyone can be sure of anyone's true identity online, it's easy to verify yourself on Mastodon if you already have your own website. This requires a very basic understanding of HTML, so if you don't maintain your own website, then send this article to your web maintainer instead.

1. Get your verification code

Sign in to your Mastodon account and click the edit profile link under your Mastodon handle.

(Seth Kenlon, CC BY-SA 4.0)

In the Edit Profile screen that appears, scroll down to the Verification section. This section contains a special verification code. Click the Copy button to copy your verification code to your clipboard.

(Seth Kenlon, CC BY-SA 4.0)

2. Paste your code on your website

To assure people that the same person running your Mastodon account also runs your website, you must paste your verification code into your website.

The verification code you got from your Mastodon profile page is just a hyperlink back to your profile page, around the word "Mastodon." It's arguably the most obvious word to link back to a Mastodon profile, but it's entirely arbitrary. What really matters is that a link to your profile page, with the rel="me" attribute, appears on a page of a website you control. The contents of the link doesn't actually matter.

You can create a page to serve especially for verification, or you can put it into your site's footer, or into a social media icon.

Here's a simple example of a page exclusively serving as a verification point:

<html>
<head>
<title>My website</title>
</head>
<body>
<a rel="me" href="https://mastodon.example.com/@tux">Mastodon</a>
</body>
</html>

You don't have to create a whole page for your verification, though. You can just paste the verification link into the footer of your site, or somewhere on the index page.

3. Add the verification URL to Mastodon

Once your page is live, copy its web address from your web browser's URL bar. For example, the sample page I created is located at http://myexamplewebsite.tk/index.html.

In your browser, return to the Edit Profile screen of Mastodon. Locate the Profile Metadata section, and type Website into the Label field and then paste the URL of your verification post in the Content field.

(Seth Kenlon, CC BY-SA 4.0)

Click the Save Changes button and return to your profile page to see your newly verified status.

(Seth Kenlon, CC BY-SA 4.0)

On some Mastodon servers, it seems that verification may take an hour or so to resolve, but on two of the three I've tested, the green checkmark appeared immediately after saving.

Verified on Mastodon

A green checkmark on Mastodon indicates proof that the same person controlling your Mastodon account also controls your website. If there are people in your life who know your website and trust that it's yours, then verifying that you've been able to link back to your Mastodon profile is proof that you have control over both platforms. And ultimately, that's as good as identification gets on the Internet.

A blue checkmark might look and feel official, but identification like that is designed to be artificially scarce and yet only cursory. Mastodon acknowledges this, and provides a verification option for every user. With nothing but a website and a Mastodon account, you can self-verify to your followers, demonstrating that the same person (you) posting content online is the same person active on an exciting open source social media.

Original article source at: https://opensource.com/

#website #mastodon 

Mastodon: A GNU Social-compatible Microblogging Server for Ruby

Mastodon

Mastodon is a free, open-source social network server. A decentralized solution to commercial platforms, it avoids the risks of a single company monopolizing your communication. Anyone can run Mastodon and participate in the social network seamlessly.

An alternative implementation of the GNU social project. Based on ActivityStreams, Webfinger, PubsubHubbub and Salmon.

Click on the screenshot to watch a demo of the UI:

The project focus is a clean REST API and a good user interface. Ruby on Rails is used for the back-end, while React.js and Redux are used for the dynamic front-end. A static front-end for public resources (profiles and statuses) is also provided.

If you would like, you can support the development of this project on Patreon. Alternatively, you can donate to this BTC address: 17j2g7vpgHhLuXhN4bueZFCvdxxieyRVWd

Resources

• List of Mastodon instances
• Use this tool to find Twitter friends on Mastodon
• API overview
• Frequently Asked Questions
• List of apps

Features

• Fully interoperable with GNU social and any OStatus platform Whatever implements Atom feeds, ActivityStreams, Salmon, PubSubHubbub and Webfinger is part of the network
• Real-time timeline updates See the updates of people you're following appear in real-time in the UI via WebSockets
• Federated thread resolving If someone you follow replies to a user unknown to the server, the server fetches the full thread so you can view it without leaving the UI
• Media attachments like images and WebM Upload and view images and WebM videos attached to the updates
• OAuth2 and a straightforward REST API Mastodon acts as an OAuth2 provider so 3rd party apps can use the API, which is RESTful and simple
• Background processing for long-running tasks Mastodon tries to be as fast and responsive as possible, so all long-running tasks that can be delegated to background processing, are
• Deployable via Docker You don't need to mess with dependencies and configuration if you want to try Mastodon, if you have Docker and Docker Compose the deployment is extremely easy

Configuration

• LOCAL_DOMAIN should be the domain/hostname of your instance. This is absolutely required as it is used for generating unique IDs for everything federation-related
• LOCAL_HTTPS set it to true if HTTPS works on your website. This is used to generate canonical URLs, which is also important when generating and parsing federation-related IDs

Consult the example configuration file, .env.production.sample for the full list. Among other things you need to set details for the SMTP server you are going to use.

Requirements

• Ruby
• Node.js
• PostgreSQL
• Redis
• Nginx

Running with Docker and Docker-Compose

The project now includes a Dockerfile and a docker-compose.yml file (which requires at least docker-compose version 1.10.0).

Review the settings in docker-compose.yml. Note that it is not default to store the postgresql database and redis databases in a persistent storage location, so you may need or want to adjust the settings there.

Before running the first time, you need to build the images: docker-compose build

Then, you need to fill in the .env.production file: cp .env.production.sample .env.production vi .env.production

Do NOT change the REDIS_* or DB_* settings when running with the default docker configurations.

You will need to fill in, at least: LOCAL_DOMAIN, LOCAL_HTTPS, PAPERCLIP_SECRET, SECRET_KEY_BASE, OTP_SECRET, and the SMTP_* settings. To generate the PAPERCLIP_SECRET, SECRET_KEY_BASE, and OTP_SECRET, you may use:

docker-compose run --rm web rake secret

Do this once for each of those keys, and copy the result into the .env.production file in
the appropriate field.

Then you should run the db:migrate command to create the database, or migrate it from an older release:

docker-compose run --rm web rails db:migrate

Then, you will also need to precompile the assets:

docker-compose run --rm web rails assets:precompile

before you can launch the docker image with:

docker-compose up

If you wish to run this as a daemon process instead of monitoring it on console, use instead:

docker-compose up -d

Then you may login to your new Mastodon instance by browsing to http(s)://(yourhost):3000/

Following that, make sure that you read the production guide. You are probably going to want to understand how to configure NGINX to make your Mastodon instance available to the rest of the world.

The container has two volumes, for the assets and for user uploads, and optionally two more, for the postgresql and redis databases.

The default docker-compose.yml maps them to the repository's public/assets and public/system directories, you may wish to put them somewhere else. Likewise, the PostgreSQL and Redis images have data containers that you may wish to map somewhere where you know how to find them and back them up.

Note: The --rm option for docker-compose will remove the container that is created to run a one-off command after it completes. As data is stored in volumes it is not affected by that container clean-up.

Tasks

• rake mastodon:media:clear removes uploads that have not been attached to any status after a while, you would want to run this from a periodic cronjob
• rake mastodon:push:clear unsubscribes from PuSH notifications for remote users that have no local followers. You may not want to actually do that, to keep a fuller footprint of the fediverse or in case your users will soon re-follow
• rake mastodon:push:refresh re-subscribes PuSH for expiring remote users, this should be run periodically from a cronjob and quite often as the expiration time depends on the particular hub of the remote user
• rake mastodon:feeds:clear_all removes all timelines, which forces them to be re-built on the fly next time a user tries to fetch their home/mentions timeline. Only for troubleshooting
• rake mastodon:feeds:clear removes timelines of users who haven't signed in lately, which allows to save RAM and improve message distribution. This is required to be run periodically so that when they login again the regeneration process will trigger

Running any of these tasks via docker-compose would look like this:

docker-compose run --rm web rake mastodon:media:clear

Updating

This approach makes updating to the latest version a real breeze.

git pull

To pull down the updates, re-run

docker-compose build

And finally,

docker-compose up -d

Which will re-create the updated containers, leaving databases and data as is. Depending on what files have been updated, you might need to re-run migrations and asset compilation.

Deployment without Docker

Docker is great for quickly trying out software, but it has its drawbacks too. If you prefer to run Mastodon without using Docker, refer to the production guide for examples, configuration and instructions.

Deployment on Scalingo

You can view a guide for deployment on Scalingo here.

Deployment on Heroku (experimental)

Mastodon can theoretically run indefinitely on a free Heroku app. You can view a guide for deployment on Heroku here.

Development with Vagrant

A quick way to get a development environment up and running is with Vagrant. You will need recent versions of Vagrant and VirtualBox installed.

You can find the guide for setting up a Vagrant development environment here.

Contributing

You can open issues for bugs you've found or features you think are missing. You can also submit pull requests to this repository. Here are the guidelines for code contributions

IRC channel: #mastodon on irc.freenode.net

Extra credits

• The Emoji One pack has been used for the emojis
• The error page image courtesy of Dopatwo

Author: Gargron
Source code: https://github.com/Gargron/mastodon
License: AGPL-3.0 license

#ruby  #ruby-on-rails