Pages

Status / How to

6 May 2026

How to change the backup policy of a user's ability to request their toots from every 7 days to everyday and multiple daily.

as the mastodon server you would 

#  change directory into the 'live' directory

cd live/app/policies/


# open the file called "backup_policy.rb"

vim backup_policy.rb


# change MIN_AGE = 6.days to 0.days

# save changes in vim
:wq

# exit mastodon user

exit


# restart all mastodon services as root

sudo systemctl restart mastodon*


# check account's export and you can see a purple button to export many times. Now a user can save their precious data/toots.

5 May 2026

Change toot character limit from 500 to 5000


# change this from 500 to 5000

vim app/validators/status_length_validator.rb


# change this from 500 to 5000


vim app/javascript/mastodon/features/compose/containers/compose_form_container.js


# recompile assets

RAILS_ENV=production bundle exec rails assets:precompile


# restart all mastodon services as root

systemctl restart mastodon*

4 May 2026

How to install mastodon under a cloud flare

The hardest part is to configure nginx since SSL is handled at the cloud flare




Here is a working NGINX config


  1. block for 443 is gone due to cloud flair
  2. x-fowarding not using $scheme but https:
  3. proxy not using $scheme but https
  4. don't need this    # location / { return 301 https://$host$request_uri; }


those are the changes






map $http_upgrade $connection_upgrade {
  default upgrade;
  ''      close;
}

upstream backend {
    server 127.0.0.1:3000 fail_timeout=0;
}

upstream streaming {
    # Instruct nginx to send connections to the server with the least number of connections
    # to ensure load is distributed evenly.
    least_conn;

    server 127.0.0.1:4000 fail_timeout=0;
    # Uncomment these lines for load-balancing multiple instances of streaming for scaling,
    # this assumes your running the streaming server on ports 4000, 4001, and 4002:
    # server 127.0.0.1:4001 fail_timeout=0;
    # server 127.0.0.1:4002 fail_timeout=0;
}

proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=CACHE:10m inactive=7d max_size=1g;

server {
  listen 80;
  server_name example.com;
  root /home/mastodon/live/public;
  location /.well-known/acme-challenge/ { allow all; }
  # location / { return 301 https://$host$request_uri; }


location / {
    try_files $uri @proxy;
}


  ssl_protocols TLSv1.2 TLSv1.3;

  # You can use https://ssl-config.mozilla.org/ to generate your cipher set.
  # We recommend their "Intermediate" level.
  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;

  ssl_prefer_server_ciphers on;
  ssl_session_cache shared:SSL:10m;
  ssl_session_tickets off;

  # Uncomment these lines once you acquire a certificate:
  # ssl_certificate     /etc/letsencrypt/live/example.com/fullchain.pem;
  # ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

  keepalive_timeout    70;
  sendfile             on;
  client_max_body_size 99m;

  
  gzip on;
  gzip_disable "msie6";
  gzip_vary on;
  gzip_proxied any;
  gzip_comp_level 6;
  gzip_buffers 16 8k;
  gzip_http_version 1.1;
  gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/rss+xml text/javascript image/svg+xml image/x-icon;
  gzip_static on;

  

  # If Docker is used for deployment and Rails serves static files,
  # then needed must replace line `try_files $uri =404;` with `try_files $uri @proxy;`.
  location = /sw.js {
    add_header Cache-Control "public, max-age=604800, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/assets/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/avatars/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/emoji/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/headers/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/packs/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/shortcuts/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/sounds/ {
    add_header Cache-Control "public, max-age=2419200, must-revalidate";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    try_files $uri =404;
  }

  location ~ ^/system/ {
    add_header Cache-Control "public, max-age=2419200, immutable";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";
    add_header X-Content-Type-Options nosniff;
    add_header Content-Security-Policy "default-src 'none'; form-action 'none'";
    try_files $uri =404;
  }

  location ^~ /api/v1/streaming {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Proxy "";

    proxy_pass http://streaming;
    proxy_buffering off;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains";

    tcp_nodelay on;
  }

  location @proxy {
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Proxy "";
    proxy_pass_header Server;

    proxy_pass http://backend;
    proxy_buffering on;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;

    proxy_cache CACHE;
    proxy_cache_valid 200 7d;
    proxy_cache_valid 410 24h;
    proxy_cache_use_stale error timeout updating http_500 http_502 http_503 http_504;
    add_header X-Cached $upstream_cache_status;

    tcp_nodelay on;
  }

  error_page 404 500 501 502 503 504 /500.html;
}

1 May 2026

How to setup a cloud flare for your LEMP stack

After you create your cloud flare account, you will need to setup a tunnel. After you setup the tunnel, you will need to make routes. One route will be for http://localhost and another route for ssh://localhost:22 which means that Open SSH will be installed on your Ubuntu server. If you intend to use SSH-browser based SSH, using Cloud Flare's Zero Trust. You make an application there, the add the email policy. If you don't add the policy to the application, it will not be the logon page to send you the one time code to your email, which means, that part is missing. 

1 May 2026

How to install SMTP relay

Once you install your Ubuntu server, configure a swapfile, set the swappiness to 10 and ensure it's permanant. Use ChaptGPT to make that happen. 

After the swapfile is setup, install the mailutils, select internet server. In the .conf, you make localhost the myhostname, you add the relay SMTP from the SMTP server relay you used. I used a few in the past, brevlo, sendgrid, and mailgun, today, I stayed with mailgun as it's free for daily emails. In sendgrid, you need to add your domain, go buy one, it's cheap these days, then add the DNS records into it. Follow the instructions. Once your domain is verfied, you make the SMTP user, That is what you are adding in the Ubuntu's postfix config. You will need to test it and you should get a new email. 

1 May 2026

How to install the mastodon server

Read the docs on join mastodon's website. If you decide to rent a VPS, I know ionos.com is cheap for $5.00 a month and the mastodon docs will apply. If you want to be fully self-hosted, go with Cloud Flare and use an older machine if you wish to treat yourself to a raspberry Pi. 




Two main difference of installing mastodon on VPS vs installing mastodon on a cloud flaire. The nginx is different. I posted this already ealier. Also, fail2ban and ipv4 firewall rules are not needed on the ubuntu server since the traffic is handled on cloud flare. 

Page:1 - 2
God is good. Jesus loves you.
神様はよい方です。
イエス様はあなたを愛しています。 
Cookie settings
X
This site uses cookies to offer you a better browsing experience.
You can accept them all, or choose the kinds of cookies you are happy to allow.
Privacy settings
Choose which cookies you wish to allow while you browse this website. Please note that some cookies cannot be turned off, because without them the website would not function.
Essential
To prevent spam this site uses Google Recaptcha in its contact forms.

This site may also use cookies for ecommerce and payment systems which are essential for the website to function properly.
Google Services
This site uses cookies from Google to access data such as the pages you visit and your IP address. Google services on this website may include:

- Google Maps
- Google Fonts
Data Driven
This site may use cookies to record visitor behavior, monitor ad conversions, and create audiences, including from:

- Google Analytics
- Google Ads conversion tracking
- Facebook (Meta Pixel)