because direct messages on Mastodon are clear-text, all admins are subject to warrants from their local/regional law enforcement agencies
same with usage metadata like IP addresses and time stamps
i disabled IP logging in UFW and nginx, but Mastodon itself still logs this to be able to present it to the user for authentication transparency
making mastodon more resistant to targeted surveillance would be valuable to protect users
@yawnbox small hint: I made a patch to Mastodon that allows more easily and more often purging IP metadata and it has been merged into vanilla (this was before I stopped contributing to vanilla).
That being said, simply don't pass the X-Forwarded-For header in your NGINX config, and it will no longer store anything useful at all since everything will now be 127.0.0.1 (however, IP rate limits will no longer apply at all as a result)
yawnbox
keschi 
Θ