Hacker News new | past | comments | ask | show | jobs | submit login

beware mastodon downloads and mirrors all federated media to instance users, which is whatever, but the admin tools do not correctly keep track of removing old media. hell, if an instance goes offline without nuking itself proper, mastodon will leave all of the media on your drive. it requires a ton of babysitting to run on bound storage, and the issues around this are still open.

i highly highly recommend pleroma over it, it uses 1/10th the system resources and doesn't download federated accounts data locally




It is not that the admin tools do not correctly keep track of old media, it is that the judgement over what to keep is left to the admin since it is not so simple to programmatically decide whether a resource being currently unavailable through the network means it's gone forever, and whether it's gone intentionally or unintentionally. A server that went down might come back after a month of downtime, all sorts of things happen. If you don't care about such minutea you may simply setup a cronjob to run the `tootctl media remove` utility every week and then your primary concern for unbounded storage growth are files uploaded by your own users, which is something you have to deal with regardless of whether you choose Mastodon or Pleroma.

Pleroma may save storage by not downloading federated media locally, but hotlinking to 3rd party servers leaves your users vulnerable to tracking by malicious operators, leeches off the bandwidth of remote servers, and, far more practically, does not guarantee that the media that needs to be displayed is in a file format that is playable on the users' devices. For example, as Pleroma makes no effort to convert user-uploaded files to browser-compatible formats, if Mastodon didn't go through the trouble of converting formats, Mastodon users on iOS would not be able to see many "GIFs" and videos uploaded by Pleroma users in the popular WebM format that is not available on iOS (yet).

You may prefer one or the other but there are definitely reasons for why Mastodon does it that way.


> but hotlinking to 3rd party servers leaves your users vulnerable to tracking by malicious operators, leeches off the bandwidth of remote servers,

And goatse attacks. Nothing ensures that the media that was there when the post was shared to the local instance will be the same at the moment it is shown to an user. An instance can turn evil and replace nice user-generated images with ads once they are shared all across the fediverse.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: