Split BLOCKS into separate doc
parent
1e9dbbe05f
commit
5536438bed
|
@ -0,0 +1,207 @@
|
|||
# Le Spam
|
||||
There are some on the Internet that like to spam and attack Mastodon nodes.
|
||||
Often, this is related to political attacks, but it will run the gamut of
|
||||
the weirdness on Earth.
|
||||
|
||||
Groups of moderators are created, some working together, to allow them
|
||||
to shape their server as they like.
|
||||
|
||||
## Rapidblock
|
||||
Rapidblock is software that allows Mastodon nodes to block unwanted servers
|
||||
more easily. It helps put the community back in charge of their own server.
|
||||
Or that's at least the goal, as far as I can tell. I am not the author
|
||||
of it. It is also in very early development, but is mature enough to try
|
||||
out, if you're familiar with server administration.
|
||||
|
||||
* https://rapidblock.org/
|
||||
|
||||
* https://github.com/rapidblock-org/rapidblock
|
||||
|
||||
If you are running a `.deb` APT based distro, it may work for you to install
|
||||
it thusly (if you don't mind running shell scripts unseen--insecure...).
|
||||
|
||||
```
|
||||
curl -s https://apt.rapidblock.org/install.sh | sudo bash
|
||||
```
|
||||
|
||||
If you want to go right into the repo and grab a `.deb`, they are here:
|
||||
|
||||
* https://apt.rapidblock.org/pool/main/r/rapidblock/
|
||||
|
||||
Note, there are packages for both amd64 (x86) and arm64.
|
||||
Those builds don't install on Debian Bullseye (11/stable) though,
|
||||
because they use zstd compression, which Bullseye APT `dpkg-deb`
|
||||
doesn't support.
|
||||
|
||||
If you want to build it by hand, here's a
|
||||
q uick & dirty build for Debian Bullseye (11/stable).
|
||||
|
||||
To build, a newer `go` compiler is needed than ships in the
|
||||
main Bullseye repo. It is in the Bullseye backports repo.
|
||||
|
||||
Edit `/etc/apt/sources.list` and make sure it has a line like this:
|
||||
```
|
||||
deb http://mirrors.kernel.org/debian bullseye-backports main
|
||||
```
|
||||
|
||||
```
|
||||
sudo apt update
|
||||
sudo apt install -t bullseye-backports golang-go
|
||||
git clone https://github.com/rapidblock-org/rapidblock
|
||||
cd rapidblock
|
||||
go install
|
||||
go build
|
||||
```
|
||||
|
||||
That should build a binary `rapidblock`.
|
||||
To confirm it works, run:
|
||||
|
||||
```
|
||||
$ ./rapidblock --help
|
||||
unknown option: --help
|
||||
Usage: rapidblock [-tV] [-A value] [-c value] [-d value] [-D value] [-k value] [-m value] [-p value] [-s value] [-S value] [-x value]
|
||||
-A, --account-data-file=value
|
||||
[prepare-data] path to the groups.io cookies and database
|
||||
column mappings
|
||||
-c, --csv-file=value
|
||||
[export-csv] path to the CSV file to create
|
||||
-d, --data-file=value
|
||||
[prepare-data, export-csv,sign, verify, apply] path to the
|
||||
JSON file to create, export from, sign, verify, or apply
|
||||
-D, --database-url=value
|
||||
[apply] PostgreSQL database URL to connect to
|
||||
-k, --private-key-file=value
|
||||
[generate-key, sign] path to the base-64 Ed25519 private key
|
||||
file to sign with
|
||||
-m, --mode=value select mode of operation: prepare-data,
|
||||
export-csv,generate-key, sign, verify, apply
|
||||
-p, --public-key-file=value
|
||||
[generate-key, sign, verify] path to the base-64 Ed25519
|
||||
public key file to verify with
|
||||
-s, --signature-file=value
|
||||
[sign, verify] path to the base-64 Ed25519 signature file to
|
||||
create or verify
|
||||
-S, --source-id=value
|
||||
[prepare-data] ID of the Google Sheet spreadsheet to pull
|
||||
data from
|
||||
-t, --text [sign, verify] perform newline canonicalization, under the
|
||||
assumption that --data-file is text
|
||||
-V, --version show version information and exit
|
||||
-x, --software=value
|
||||
[apply] select which server software is in use:
|
||||
mastodon-4.x, mastodon-3.x
|
||||
```
|
||||
|
||||
Following the same setup as upstream used in their Debian package, we can
|
||||
manually copy files into place:
|
||||
|
||||
```
|
||||
sudo mkdir -p /opt/rapidblock/share
|
||||
|
||||
sudo mkdir -p /opt/rapidblock/scripts
|
||||
|
||||
sudo mkdir -p /opt/rapidblock/bin
|
||||
|
||||
sudo cp dist/cron.crontab /etc/cron.d/rapidblock
|
||||
|
||||
sudo cp dist/cron.default /etc/default/rapidblock
|
||||
|
||||
sudo cp dist/cron.sh /opt/rapidblock/scripts/cron.sh
|
||||
|
||||
sudo cp dist/rapidblock_dot_org.pub /opt/rapidblock/share/rapidblock-dot-org.pub
|
||||
|
||||
sudo cp rapidblock /opt/rapidblock/bin/rapidblock
|
||||
```
|
||||
|
||||
This has to be run as the `postgres` user.
|
||||
|
||||
```
|
||||
sudo su - postgres
|
||||
|
||||
curl -o /tmp/blocklist.json https://rapidblock.org/blocklist.json
|
||||
|
||||
rapidblock \
|
||||
--software=mastodon-4.x \
|
||||
--mode=apply \
|
||||
--data-file=/tmp/blocklist.json \
|
||||
--database-url="postgresql:///mastodon_production"
|
||||
```
|
||||
|
||||
Note the database name `mastodon_production` was default for Mastodon
|
||||
install, but you may have another name.
|
||||
|
||||
Running it may give output similar to this:
|
||||
|
||||
```
|
||||
added 166 new block(s)
|
||||
```
|
||||
|
||||
Perhaps also:
|
||||
|
||||
```
|
||||
# Maybe for convenience ? XXX
|
||||
sudo ln -s /opt/rapidblock/bin/rapidblock /usr/local/bin
|
||||
|
||||
# Need to find this file ? Not in repo. Downloaded?
|
||||
#sudo cp XXX opt/rapidblock/share/rapidblock.intoto.jsonl
|
||||
```
|
||||
|
||||
I tried this to get an initial blocklist imported.
|
||||
The import appeared to work, and I can see it in the
|
||||
logs, but I don't see the actual list of blocked domains
|
||||
in the admin interface.
|
||||
|
||||
|
||||
To get it working with cron, this file will likely need to be edited:
|
||||
|
||||
```
|
||||
sudo $EDITOR /etc/default/rapidblock
|
||||
```
|
||||
|
||||
Then change this line:
|
||||
|
||||
```
|
||||
"mastodon-4.x|postgresql:///mastodon?host=/run/postgresql&port=5433" \
|
||||
```
|
||||
|
||||
To something like this:
|
||||
|
||||
```
|
||||
"mastodon-4.x|postgresql:///mastodon_production" \
|
||||
```
|
||||
|
||||
Issues with Rapidblock:
|
||||
|
||||
* Uses proprietary github.
|
||||
* Uses proprietary google sheets.
|
||||
* Uses proprietary groups.io.
|
||||
|
||||
|
||||
## Oliphant
|
||||
Oliphant also has a block list. Overview:
|
||||
|
||||
* https://github.com/sgrigson/oliphant
|
||||
|
||||
Raw block list:
|
||||
|
||||
* https://raw.githubusercontent.com/sgrigson/oliphant/main/blocked_domains.csv
|
||||
|
||||
Another nice resource from Oliphant:
|
||||
|
||||
* https://writer.oliphant.social/oliphant/mastodon-handy-links-page
|
||||
|
||||
|
||||
## More Block Tools
|
||||
See:
|
||||
|
||||
* https://github.com/ineffyble/mastodon-block-tools
|
||||
|
||||
|
||||
# Copyright
|
||||
Unofficial project, not part of official Mastodon software or
|
||||
website. Upstream sources under their respective copyrights.
|
||||
|
||||
License: CC By SA 4.0 International and/or GPLv3+ at your discretion.
|
||||
|
||||
*Copyright © 2023, Jeff Moe.*
|
||||
|
206
README.md
206
README.md
|
@ -17,208 +17,8 @@ This present repo is for small notes and scripts for maintaining my instance.
|
|||
https://spacecruft.org/deepcrayon/mastodon
|
||||
|
||||
|
||||
# Le Spam
|
||||
There are some on the Internet that like to spam and attack Mastodon nodes.
|
||||
Often, this is related to political attacks, but it will run the gamut of
|
||||
the weirdness on Earth.
|
||||
|
||||
Groups of moderators are created, some working together, to allow them
|
||||
to shape their server as they like.
|
||||
|
||||
## Rapidblock
|
||||
Rapidblock is software that allows Mastodon nodes to block unwanted servers
|
||||
more easily. It helps put the community back in charge of their own server.
|
||||
Or that's at least the goal, as far as I can tell. I am not the author
|
||||
of it. It is also in very early development, but is mature enough to try
|
||||
out, if you're familiar with server administration.
|
||||
|
||||
* https://rapidblock.org/
|
||||
|
||||
* https://github.com/rapidblock-org/rapidblock
|
||||
|
||||
If you are running a `.deb` APT based distro, it may work for you to install
|
||||
it thusly (if you don't mind running shell scripts unseen--insecure...).
|
||||
|
||||
```
|
||||
curl -s https://apt.rapidblock.org/install.sh | sudo bash
|
||||
```
|
||||
|
||||
If you want to go right into the repo and grab a `.deb`, they are here:
|
||||
|
||||
* https://apt.rapidblock.org/pool/main/r/rapidblock/
|
||||
|
||||
Note, there are packages for both amd64 (x86) and arm64.
|
||||
Those builds don't install on Debian Bullseye (11/stable) though,
|
||||
because they use zstd compression, which Bullseye APT `dpkg-deb`
|
||||
doesn't support.
|
||||
|
||||
If you want to build it by hand, here's a
|
||||
q uick & dirty build for Debian Bullseye (11/stable).
|
||||
|
||||
To build, a newer `go` compiler is needed than ships in the
|
||||
main Bullseye repo. It is in the Bullseye backports repo.
|
||||
|
||||
Edit `/etc/apt/sources.list` and make sure it has a line like this:
|
||||
```
|
||||
deb http://mirrors.kernel.org/debian bullseye-backports main
|
||||
```
|
||||
|
||||
```
|
||||
sudo apt update
|
||||
sudo apt install -t bullseye-backports golang-go
|
||||
git clone https://github.com/rapidblock-org/rapidblock
|
||||
cd rapidblock
|
||||
go install
|
||||
go build
|
||||
```
|
||||
|
||||
That should build a binary `rapidblock`.
|
||||
To confirm it works, run:
|
||||
|
||||
```
|
||||
$ ./rapidblock --help
|
||||
unknown option: --help
|
||||
Usage: rapidblock [-tV] [-A value] [-c value] [-d value] [-D value] [-k value] [-m value] [-p value] [-s value] [-S value] [-x value]
|
||||
-A, --account-data-file=value
|
||||
[prepare-data] path to the groups.io cookies and database
|
||||
column mappings
|
||||
-c, --csv-file=value
|
||||
[export-csv] path to the CSV file to create
|
||||
-d, --data-file=value
|
||||
[prepare-data, export-csv,sign, verify, apply] path to the
|
||||
JSON file to create, export from, sign, verify, or apply
|
||||
-D, --database-url=value
|
||||
[apply] PostgreSQL database URL to connect to
|
||||
-k, --private-key-file=value
|
||||
[generate-key, sign] path to the base-64 Ed25519 private key
|
||||
file to sign with
|
||||
-m, --mode=value select mode of operation: prepare-data,
|
||||
export-csv,generate-key, sign, verify, apply
|
||||
-p, --public-key-file=value
|
||||
[generate-key, sign, verify] path to the base-64 Ed25519
|
||||
public key file to verify with
|
||||
-s, --signature-file=value
|
||||
[sign, verify] path to the base-64 Ed25519 signature file to
|
||||
create or verify
|
||||
-S, --source-id=value
|
||||
[prepare-data] ID of the Google Sheet spreadsheet to pull
|
||||
data from
|
||||
-t, --text [sign, verify] perform newline canonicalization, under the
|
||||
assumption that --data-file is text
|
||||
-V, --version show version information and exit
|
||||
-x, --software=value
|
||||
[apply] select which server software is in use:
|
||||
mastodon-4.x, mastodon-3.x
|
||||
```
|
||||
|
||||
Following the same setup as upstream used in their Debian package, we can
|
||||
manually copy files into place:
|
||||
|
||||
```
|
||||
sudo mkdir -p /opt/rapidblock/share
|
||||
|
||||
sudo mkdir -p /opt/rapidblock/scripts
|
||||
|
||||
sudo mkdir -p /opt/rapidblock/bin
|
||||
|
||||
sudo cp dist/cron.crontab /etc/cron.d/rapidblock
|
||||
|
||||
sudo cp dist/cron.default /etc/default/rapidblock
|
||||
|
||||
sudo cp dist/cron.sh /opt/rapidblock/scripts/cron.sh
|
||||
|
||||
sudo cp dist/rapidblock_dot_org.pub /opt/rapidblock/share/rapidblock-dot-org.pub
|
||||
|
||||
sudo cp rapidblock /opt/rapidblock/bin/rapidblock
|
||||
```
|
||||
|
||||
This has to be run as the `postgres` user.
|
||||
|
||||
```
|
||||
sudo su - postgres
|
||||
|
||||
curl -o /tmp/blocklist.json https://rapidblock.org/blocklist.json
|
||||
|
||||
rapidblock \
|
||||
--software=mastodon-4.x \
|
||||
--mode=apply \
|
||||
--data-file=/tmp/blocklist.json \
|
||||
--database-url="postgresql:///mastodon_production"
|
||||
```
|
||||
|
||||
Note the database name `mastodon_production` was default for Mastodon
|
||||
install, but you may have another name.
|
||||
|
||||
Running it may give output similar to this:
|
||||
|
||||
```
|
||||
added 166 new block(s)
|
||||
```
|
||||
|
||||
Perhaps also:
|
||||
|
||||
```
|
||||
# Maybe for convenience ? XXX
|
||||
sudo ln -s /opt/rapidblock/bin/rapidblock /usr/local/bin
|
||||
|
||||
# Need to find this file ? Not in repo. Downloaded?
|
||||
#sudo cp XXX opt/rapidblock/share/rapidblock.intoto.jsonl
|
||||
```
|
||||
|
||||
I tried this to get an initial blocklist imported.
|
||||
The import appeared to work, and I can see it in the
|
||||
logs, but I don't see the actual list of blocked domains
|
||||
in the admin interface.
|
||||
|
||||
|
||||
To get it working with cron, this file will likely need to be edited:
|
||||
|
||||
```
|
||||
sudo $EDITOR /etc/default/rapidblock
|
||||
```
|
||||
|
||||
Then change this line:
|
||||
|
||||
```
|
||||
"mastodon-4.x|postgresql:///mastodon?host=/run/postgresql&port=5433" \
|
||||
```
|
||||
|
||||
To something like this:
|
||||
|
||||
```
|
||||
"mastodon-4.x|postgresql:///mastodon_production" \
|
||||
```
|
||||
|
||||
Issues with Rapidblock:
|
||||
|
||||
* Uses proprietary github.
|
||||
* Uses proprietary google sheets.
|
||||
* Uses proprietary groups.io.
|
||||
|
||||
|
||||
## Oliphant
|
||||
Oliphant also has a block list. Overview:
|
||||
|
||||
* https://github.com/sgrigson/oliphant
|
||||
|
||||
Raw block list:
|
||||
|
||||
* https://raw.githubusercontent.com/sgrigson/oliphant/main/blocked_domains.csv
|
||||
|
||||
Another nice resource from Oliphant:
|
||||
|
||||
* https://writer.oliphant.social/oliphant/mastodon-handy-links-page
|
||||
|
||||
|
||||
## More Block Tools
|
||||
See:
|
||||
|
||||
* https://github.com/ineffyble/mastodon-block-tools
|
||||
|
||||
|
||||
# Disclaimer
|
||||
I have only been running a Mastodon server for a week, and am just
|
||||
figuring out how it works as I go.
|
||||
# Blocks
|
||||
See `BLOCKS.md` for info about server blocks.
|
||||
|
||||
|
||||
# Copyright
|
||||
|
@ -227,5 +27,5 @@ website. Upstream sources under their respective copyrights.
|
|||
|
||||
License: CC By SA 4.0 International and/or GPLv3+ at your discretion.
|
||||
|
||||
*Copyright © 2022, Jeff Moe.*
|
||||
*Copyright © 2023, Jeff Moe.*
|
||||
|
||||
|
|
Loading…
Reference in New Issue