a beautiful robot, dancing alone · showgirls über alles: kylie, angèle · masto · last.fm · listenbrainz · https://www.lovekylie.com/keyoxide

  • 8 Posts
  • 57 Comments
Joined 1 year ago
cake
Cake day: June 5th, 2023

help-circle



  • Prerequisites

    • Internet-facing web server with reverse proxy and domain name (preferably SSL of course)
    • Server behind the reverse proxy with Rust environment

    Installation

    • Don’t bother downloading the source code to your server; installing it that way gives you a big debug executable
    • Instead just cargo install mollysocket
    • Move the mollysocket executable if desired
    • Run mollysocket once so that it will emit the default config

    Configuration

    • Fish the config file out of .config/mollysocket/default-config.toml and copy it somewhere.

    config.toml

    • In the new file, replace the allowed_endpoints line with allowed_endpoints = ['*']. The default 0.0.0.0 config appears to be a bug; this setting controls access to endpoints within the app, not IPs from outside. Leaving the original value causes mollysocket to reject everything.
    • Put a proper path in the db = './mollysocket.db' line rather than just having it land wherever you’re sitting.
    • Delete the mollysocket.db that was created on first run (even if it’s already where you’re intending to put it). This is just to make sure the web server creates it and has the correct permissions.

    Run script

    • The environment variable ROCKET_PORT must be set or the server will sit and do nothing. It’s best to create all of the environment variables mentioned in the README, whether that is in a user profile script or in a shell script that wraps startup. You can change any of these values, but they must exist.
    • export ROCKET_PORT=8020
      export RUST_LOG=info
      export MOLLY_CONF=/path/to/your/config.toml
      

    Proxy server

    • You’ll need to proxy everything from / to your mollysocket server and ROCKET_PORT.
    • Exclude anything that you may need served from your web server, such as .well-known.

    Things to know






  • if your threat model were ‘encrypt everything at rest’, invitations to people outside your own service would be tricky as they have to be machine-readable text in a specific format. i’m sure it’s possible but you’d have to be specific in looking for that as a feature.

    my needs are more modest - don’t store email in GAFAM or particular regimes - and i use runbox, which is bog-standard except for being stored somewhere else, being paid, and having slightly more homely webapps. using ‘evolution’ on linux, a bog-standard email program that’s also a bit more homely than alternatives, invitations go out to whomever i choose and look normal. i make recurring events for myself all the time and remove individual occurrences. i’ve added on ical subscriptions for things like country holidays, which are the first thing you’ll notice missing when you leave outlook.

    the mail’s just imap and the calendar’s just caldav. when you get into providers that don’t provide imap or caldav for (valid) security reasons, that’s when you’re more likely to get integration issues with regular people.
















  • looks great! the catch for me is that my current host doesn’t have docker support. your dependencies don’t look crazy so in theory i could burst it and install directly to the host environment, but at that point i’m giving myself grocy-level headaches.

    reading about docker-capable hosts, i was surprised to see them starting at 1GB RAM - i couldn’t run pac-man in that. what would be a reasonable expectation for kitchenowl?


  • pootriarch@poptalk.scrubbles.techOPtoSelfhosted@lemmy.worldgrocy *bangs head*
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    3
    ·
    1 year ago

    i haven’t tried the docker route - it seems fairly new. it also doesn’t seem like it would fix the issues i ran into. containerization is great for insulating the app from external dependency hell and environmental variation. but the problems i’ve had involve its own code and logic, and corruption of a sqlite database within its own filesystem; wrapping issues like that in a docker container only makes them harder to solve



  • i agree, but my unpopular opinion is that mozilla has also proven this repeatedly, with nothing and nobody being universally better. privacy people love firefox, but i spend a lot of time with each major version’s release notes figuring out how to undo the new telemetry (increasing integration with pocket, firefox suggest, location that won’t turn off).

    my threat model is ‘they’re all evil, including mozilla’, so there are additional rings around everything