Mastodawn

Show thread

Kevin Karhan

1d ago

@f4grx @nixCraft @torproject not really.

#aws has pretty chunky blocks like /14.

They don't use #IPv6, only #IPv4.

Blocking entrie #ASN|s is easy.

I do this with #pfSense & #pfBlockerNG for quite a while…

And the same #blocklist also works for other applications like #nginx, #HAproxy, #httpd, etc.

Neustradamus :xmpp: :linux:Apr 23

#nginx 1.28.0 has been released (#http / #http2 / #http3 / #httpd / #Web / #Webserver / #TLS / #TLS13) https://nginx.org/

Right. That's done.

The existence of an OLDPROTO environment variable opts in to the old #publicfile behaviour. This will be in the next #djbwares release. The hardest part was writing the explanation in the #httpd manual page.

JdeBP Apr 16

Hmmm. Where was that #publicfile to-do item?

Ah, yes. It was #httpd . Hmmm.

#djbwares

Marcos Dione Apr 12

Not sure if I asked this before: Does anyone use anything in particular to inject #apache logs into #SQL databases? I have been looking around and asking around and the only solid I got was "do not expect an apache module for that; it would introduce too much latency to each request" in #httpd@libera.chat.

#SysAdmin #SRE

Menel Feb 22

Updated Version of the apache http caching setup for snac, including proxy media

I already wrote about caching here.
Now I extended what I cache a bit.
This was because after enabling the option to proxy media, I've seen access to the file paths /x/ and /y/ in addition to the path were snac stores the media that I include in my own posts ( /s/ ).
There are two locations to proxy media, depending if you requests the media via the mastodon api or via the web. (/x/ and /y/), oh and I added the nodeinfo2.0 path too, because I've noticed it was queried all the time by a lot of instances and it gives me pleasure to see something cached handed out in the access logs. 🙂 (I guess it is actually irrelevant for the system resources)
This is the updated setup:
Enable the relevant modules:

a2enmod expires cache cache_disk

Be sure "htcacheclean" is running to clean up the old disk cache. (under debian see /etc/default/apache-htcacheclean or else the relevant systemd service or whatever)
Then add this to the httpd Virtualhost config:

<LocationMatch "^/social/[^/]+/[xys]/|^/social/nodeinfo_2_0">
CacheEnable disk
Header set Cache-Control "max-age=86400, public" "expr=%{REQUEST_STATUS} == 200"
ExpiresActive On
ExpiresDefault "access plus 86400 seconds"
</LocationMatch>
This will use the disk cache to cache everything under the $username/s/, /x/ and /y/ paths, as well as for the /nodeinfo_2_0 path, utilizing mod_expires to generate the appropriate cache headers (for lazy ones like me). In this case caching it for 1 day.
Further reading and all options are explained under https://httpd.apache.org/docs/2.4/caching.html (and ff)

The Header that I set here, on the condition of Status code 200, is needed for the path /y/, because snac set no-cache on that location and mod_expires will honor that if we don't override it. I set it to the same Cache-Control value as mod_expires would. (I use mod_expires because it will additionally calculate the date and put that in the expires header. (hence the name I guess 😀 )

#Fediverse #Hosting #ITNotes #apache2 #httpd #Ownyourdata #Server #Snac #Snac2 #Tipsandtricks #Tutorial #Debian #caching

Menel (@menel@snikket.de)

After seeing **Improving snac Performance with Nginx Proxy Cache** from @itnotes@snac.it-notes.dragas.net via --- https://snac.it-notes.dragas.net/itnotes/p/1738139676.258050 https://it-notes.dragas.net/2025/01/29/improving-snac-performance-with-nginx-proxy-cache/ --- I decided to prematurely optimize and adjust this for my apache2 httpd server in debian where I run snac. I've never done any caching etc before so it was a nice adventure to learn something new. The documentation helped and in the end it wasn't

snikket.de