That's very cool that yu still have it!

@WLS-ITGuy said in Debian 11 & php8:

One of the applications we use just released a new version and the update requires php8.0 or above.

We're using Debian 11 and since 11.7 was just released, which doesn't have php8 in the release. I was wondering how do I find out when things like php. Mariadb, Apache, NGNIX, etc get applied to distros?

If you want any kind of modernity, Debian isn't really for you OR you use Debian as a base and do not use it as your package testing and repo system - which is generally not advised in production, but it is an okay approach as long as you accept it. Basically it means you are using Debian as a base and assembling your own distro instead of trusting the vendors.

With my CIO hat on, we never do that. If we want modern software, and we normally do, we run Ubuntu or Fedora. Both of which have had PHP 8 and 8.1 (8.2 is current) for quite a long time. Debian is great as a base and when you want things that never change. But it is not good when you want things that are keeping up to date.

@Pete-S said in Debian 11 & php8:

Not a challenge at all but the reason to run "stable" is for stability.

Once you start abandoning the integration, though, you are abandoning stability. The idea of using an LTS and then replacing the parts of the OS that aren't up to date is counterproductive. Choose the most up to date, best supported, most stable version and use the fully tested and integrated components instead.

The idea of "stable" is not stability in IT terms, that's a myth. It's actually against that. The idea of current is for IT stability. Stable, in reference to an OS like this, is in reference to the versions of products remaining stable so that unsupported, out of date software from bad vendors can be used without updating for long periods of time. Not a positive stable, it's a bad stable.

I think what you want is a completely external device. That's how this is normally handled. Meaning it's common to have a dialer / ringer on a computer but you answer the phone. Same thing could be done to make a loudhorn blast anything you want as well.

Mostly this is taken from Mastodon's documentation but some of it is wrong. I tried their Docker configs, but couldn't find any that worked and it isn't clear if they have an official Docker image or just third party ones. They don't actually list Docker on their official site. So this is a traditional install.

As root...

apt update && apt install -y curl wget gnupg apt-transport-https lsb-release ca-certificates
curl -sL https://deb.nodesource.com/setup_16.x | bash -
curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor | tee /usr/share/keyrings/yarnkey.gpg >/dev/null
echo "deb [signed-by=/usr/share/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | tee /etc/apt/sources.list.d/yarn.list
wget -O /usr/share/keyrings/postgresql.asc https://www.postgresql.org/media/keys/ACCC4CF8.asc
echo "deb [signed-by=/usr/share/keyrings/postgresql.asc] http://apt.postgresql.org/pub/repos/apt $(lsb_release -cs)-pgdg main" > /etc/apt/sources.list.d/postgresql.list
apt update && apt install -y imagemagick ffmpeg libpq-dev libxml2-dev libxslt1-dev file git-core \
  g++ libprotobuf-dev protobuf-compiler pkg-config nodejs gcc autoconf \
  bison build-essential libssl-dev libyaml-dev libreadline6-dev \
  zlib1g-dev libncurses5-dev libffi-dev libgdbm-dev \
  nginx redis-server redis-tools postgresql postgresql-contrib \
  certbot python3-certbot-nginx libidn11-dev libicu-dev libjemalloc-dev nodejs
corepack enable && yarn set version classic
adduser --disabled-login --gecos "" mastodon
sudo -u postgres psql -c 'CREATE USER mastodon CREATEDB;'
ufw allow http && ufw allow https

As Mastodon

su - mastodon
git clone https://github.com/rbenv/rbenv.git ~/.rbenv && cd ~/.rbenv && src/configure && make -C src
echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bashrc && echo 'eval "$(rbenv init -)"' >> ~/.bashrc
exec bash
git clone https://github.com/rbenv/ruby-build.git ~/.rbenv/plugins/ruby-build
RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install 3.0.6
rbenv global 3.0.6
gem install bundler --no-document
cd ~
git clone https://github.com/mastodon/mastodon.git live && cd live
git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)
bundle config deployment 'true'
bundle config without 'development test'
bundle install -j$(getconf _NPROCESSORS_ONLN)
yarn install --pure-lockfile
RAILS_ENV=production bundle exec rake mastodon:setup
npx update-browserslist-db@latest
exit

As root again...

cp /home/mastodon/live/dist/nginx.conf /etc/nginx/sites-available/mastodon
certbot --nginx -d  yourdomain.com
ln -s /etc/nginx/sites-available/mastodon /etc/nginx/sites-enabled/mastodon
vi /etc/nginx/sites-available/mastodon
rm /etc/nginx/sites-enabled/default
systemctl restart nginx
cp /home/mastodon/live/dist/mastodon-*.service /etc/systemd/system/
systemctl daemon-reload
systemctl enable --now mastodon-web mastodon-sidekiq mastodon-streaming

This is tested with Mastodon 4.1.2. ZeptoMail is Zoho transactional email system. This is not well documented from either side, so here are the working details.

SMTP_SERVER=smtp.zeptomail.com
SMTP_PORT=587
SMTP_LOGIN=emailappsmtp.20ct9yn34098tv75 (this is your login, NOT the generic API that Zepto shows in samples)
SMTP_PASSWORD=password (the password supplied by ZeptoMail "less secure" option)
SMTP_AUTH_METHOD=plain
SMTP_OPENSSL_VERIFY_MODE=none
SMTP_ENABLE_STARTTLS=auto
[email protected]

@PhlipElder what are you using Mastodon for over there? Internal corporate use? Private group? Public server?

This is a testing instance for us, but we hope to take it live soon and it is going to be public.

@PhlipElder said in Configure Mastodon to Use Zoho ZeptoMail for SMTP Email:

We have an internal IIS or Exchange based SMTP server that we set up for this. It's just too painful otherwise to figure out.

We never do that because it's too temperamental. If you get blacklisted or anything, all it takes is your datacenter getting listed by some random group and suddenly O365 blocks you. We do this with Postfix which is faster, easier and more stable than Exchange (in places where we deal with Exchange we typically put Postfix in front of it for safety) but only to relay to ZeptoMail or SendGrid or Mailgun because that's how you make transactional Exchange or Postfix the most reliable.

Using FreshDesk here. Can't say that we love it, but it is definitely on the better side of things. We are on the free plan and it works fine. Lots of options and totally hosted for free.

If it is purely a single internal company, traditionally I've been most happy with Spiceworks. If you don't run up against their data configuration limits, it tends to be the best tech experience IMHO.

@Obsolesce said in Is it racist? I think it is.:

What's your evidence to support the site blocking is racially motivated, and not, lets say, regulatory or otherwise motivated?

Because no regulation anywhere, ever is supported by geo blocking. That never qualifies for any regulation.

@Obsolesce said in Is it racist? I think it is.:

Did you somehow miss the list I posted of so many more likely reasons a country is blocked?

None of those are even plausible. Let alone LIKELY.

@Obsolesce said in Is it racist? I think it is.:

geographic blocks are not racially motivated.

This is obviously backwards. As you've not, not has anyone in years of me talking about this, supplied any plausible or factual benefit to blocking, but the negatives, including loss of business, loss of reputation, etc. don't just make it anti-business, but generally illegal (fiduciary responsibility in larger companies.)

@Obsolesce said in Is it racist? I think it is.:

Which "race" is being blocked by restricting access to Nicaragua? Mestizo? Mixed indigenous and European (primarily Spanish) ancestry? Is spain blocked as well? Is France? Is costa rica? Is the entire central america blocked? Is Mexico? South America? Kinda short-sighted to think it's racially motivated when there are so many other, more likely, reasons for geographic blocks.

That you are trying to make an argument that "Latinos" don't exist so you can't block people by nature of being in a broader hispanic or, say, African group, I think makes the point.

@EddieJennings said in Is it racist? I think it is.:

@CCWTech said in Is it racist? I think it is.:

The Amazon CloudFront distribution is configured to block access from your country. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error.

I haven't used Amazon CloudFront, but have you confirmed that configuration is correct? Do you have any way to verify if there was any kind of burst of traffic that may have triggered some kind of policy that would cause traffic to be dropped?

On the question of racism, I would follow the technical issue to a potential policy issue. Then see if the policy was created to somehow allow and drop traffic based off of assuming the immutable physical characteristic (race) of the sender. My thought process wouldn't start with "traffic has been configured to be dropped because of a racist policy."

Yes, its trivial to confirm and it is a persistent issue living in a hispanic country. We have teams throughout Latin America with computers in the US and it's absolutely no effort to determine when the only factor that makes you blocked is "hispanic nation" and nothing else.

I think it needs to be said, blatant and obvious racism should never be defended. I understand the goals in trying to find some loophole to excuse horrible, detestable Americans doing what so many do. But that's not really ethical. Racism is always wrong, it's not appropriate to attempt to hide it or excuse it. I realize that racism is often pointed to in cases where it clearly doesn't exist. But this is a well known, inexcusable bit of racism (it happens to Europeans too, btw, it's not only about skin colour but also national identify, language, culture...) for which there is no viable, ethical (or in many cases legal) reason. Blocking real customers makes no business sense. Geo IP blocks provide no security, but do lose business. There are no regulations, security or business cases that I've ever had presented that would allow or excuse any level of geo blocking let alone broad blocking.

This is racism. That's black and white. THe question is only... why is it so okay to allow it?

I'll call out one company that lost a bit of business to it. xByte did this and flat out said they had no interest in customers that would ever travel outside the US and didn't care if it tarnished their reputation to appear to have failed as a technology company to anyone who did. They back peddled after losing customers and, more importantly, vendors, but we pointed out to them that it was STATED by their vendors that they were fired over blatant racism and while they claimed it not to be true, they offered no motivation to the contrary (and since none could exist, that makes sense.)

@CCWTech said in Is it racist? I think it is.:

@Mario-Jakovina said in Is it racist? I think it is.:

@CCWTech said in Is it racist? I think it is.:

https://gephardtdaily.com/

There is one example.

It is geo blocked in my country.
But I do not find it racist

Should we call it unnecessarily discriminatory (Instead of racist?)

No, I don't think so. Because fundamentally it is about race or the perception of race without any real alternative. When you see Americans as a race, as many Americans do, limiting anyone "except Americans" cannot be anything but racism. And no amount of "I don't see it that way" personally, changes the reality that that's how many Americans see being American (and mirrors how other countries are.) I don't think we should ever bow to the millenial "don't make people upset" mentality. Yes, I know it feels bad to admit that we are often surrounded by bad people, but we can't worry about acts of evil being ignored just because some scared American racist will be butt hurt over being called out. There's way too much "we can't make them feel bad" about this stuff in America. Man up America, put your big girl panties on and accept when you do bad things. Call it out. make it stop.

@Obsolesce said in Is it racist? I think it is.:

Or,

"This website is blocking every country in the world except the U.S., and their phone support also said it's due to the owners of the service having a huge prejudice against all non-U.S. countries."

So you are okay with saying it is racism, as long as we couch the verbage so to make it feel more palatable to sensitive people who are racist, and we say that they are racist, but we avoid the word to not hurt their feelings?

When do we care about hurting the feelings of people being racist? That seems crazy.

@Obsolesce said in Is it racist? I think it is.:

That'd make WAY more sense, and something I could even get on board with, providing there aren't any technical reasons that make much more sense such as those I listed initially.

There's never a technical reason. We've been discussing this for years. It's common IT knowledge that there is no technical reason to geo-IP block as it doesn't do what the name implies.

@Mario-Jakovina said in Is it racist? I think it is.:

I think people are free to geoblock their sites if they think it is usefull for them and if they do not break any law etc.

Yes, in SOME cases, people are free to discriminate, that's correct (in the US where racism is heavily supported by the government.) It's not ethical, but it's legal IF you aren't a publicly traded company or in any way a function of the government and need to be available to the public. Which isn't much in a country where nearly every industry is eventually backed by the government (the US is heavily leaning towards government ownership and planned economy compared to more capitalistic countries.)

But that's not in question. Are people LEGALLY allowed to be racist? Yes. That's not the question.

@Obsolesce said in Is it racist? I think it is.:

I'm sure there are other ways to do it, like confirming real credit cards and addresses, but that can also be faked easily or just use someone else's to sign up, etc. Official country IDs (passport, drivers license, etc), but that'd be expensive to suppor

The degree to which one is trivial and the other is super hard for most people is extreme. There's no comparison. I bypass geo ip blocking by accident, constantly. ANd get blocked by accident, constantly. Easy to bypass is when someone bypasses it without even thinking. No intent, just... doesn't do the job it is meant to do.

Passport, driver's license, credit card... those all require legal fraud to work around.

You can't compare them.