Move a Mastodon instance with less than 3 minutes downtime (LXD/ZFS-based)

As you might know, I’m running metalhead.club, a Mastodon instance for metalheads. Due to the increasing storage and computing demand (and because I wanted to drop my old host) I decided to move the instance to my new, more powerful host. Luckily I’ve packed the whole instance and all its dependencies into a LXC container (with LXD as container manager) a couple of months ago. Usually you would restore your Ruby / NodeJS environment on your new host, transfer database and application files as well as media files and make sure everything fits. In my case it was basically just a file system transfer and re-import on the new LXD host: Much easier and less error prone.

In this post I’ll show you the exact steps how I moved my Mastodon instance yesterday.

▸ Read more

Save RAM by running Mastodon with jemalloc

If you’re running your on Mastodon instance you probably might not have jemalloc active on your Ruby setup. Jemalloc changes the way Ruby allocates memory and saves up RAM. On my 140 users instance RAM usage dropped by 300 MB just by using jemalloc.

▸ Read more

Own mail server based on Dovecot, Postfix, MySQL, Rspamd and Debian 9 Stretch

This how-to is based on my previous German how-to for Ubuntu 16.04 Server. Instead of using Spamassassin, Amavis, Pyzor and Razor as well es OpenDKIM, we’ll make use of Rspamd. Rspamd as a modern replacement will reduce the complexity of our setup and let us monitor its state via a web interface. As in earlier versions of my mailserver how-to, I’ll explain most important parts of the system as we install and configure them one after another. You will need basic Linux and command line knowledge to finish this guide. Going through this article will take probably about 45 minutes - depending on your speed and skills.

▸ Read more

How to import CA root certificates on Linux and Windows

In most cases running an own CA (certification authority) is not advisable. But there are exceptions: If you want to secure internal services of your company, using your own CA might be necessary. During my employment at ADITO Software GmbH I created a tool for X.509 certificate management. The root certificate of my tool had to be imported into every PC of the company. Unfortunately there are some pitfalls which I did not expect, but after some research I figured out how to import the new CA to Linux- and Windows PCs and to every major webbrowser.

▸ Read more

Why you should not run a mail server at home

Some hobby server admins like the idea to self-host their emails at home. Maybe because they don’t trust common e-mail hosts or they want to have full control over their hardware. Although this sounds reasonable at first, I do not recommend running a mail server at home.

▸ Read more