Anyone running their mastodon instance using a cloud hosting object storage service (s3, etc)? I am in awe at how fast the storage needs of infosec.exchange are growing. #mastoadmins
@jerry I'm using s3 compatible service and its working pretty well.
@jerry @m4iler @tursiops I run a diaspora pod with assets stored on S3 and distributed via cloudfront. One downside on that is security-by-obscurity. All S3 objects are effectively public (on that software's setup). Any photo published to a subset of users gets a public URL. So the whole limited distribution/restriction thing (on diaspora) is a bit flimsy.
@jerry @m4iler @tursiops Obviously it doesn't have to be that way. There are clever tricks to use authentication and signed URLs and such. It's just that diaspora doesn't do any of them. The alternative is to authorise the EC2 instance to read S3, but not to authorise CloudFront or direct S3 access. Data still passes through the EC2 instance, and there's no caching, etc. But you have solid access control and unlimited S3 storage.
A Mastodon instance for info/cyber security-minded people.