Fediversity/Fediversity
13
2
Fork 6
Code Issues 111 Pull requests 16 Projects 1 Activity Actions

Wire up passing credentials from FediPanel to the Mastodon configuration #189

New issue
Closed
opened 2025-02-24 11:32:04 +01:00 by kiara · 11 comments
kiara commented 2025-02-24 11:32:04 +01:00
Owner
Copy link

As a Fediversity user,
I want to choose my initial user credentials,
so that I can log in to my Mastodon instance.

Test:

Given that I am in the panel,
when I am filling the deployment form,
then I should be able to specify my initial credentials such that I can log in to my deployed instance.

**As** a Fediversity user, **I want** to choose my initial user credentials, **so that** I can log in to my Mastodon instance. Test: **Given** that I am in the panel, **when** I am filling the deployment form, **then** I should be able to specify my [initial credentials](https://git.fediversity.eu/Fediversity/Fediversity/pulls/215/files#diff-c959e516a3e7e73b06277e1352072cd290f6d96b) such that I can log in to my deployed instance.
kiara added the
estimation mid: <8h
 label 2025-02-24 11:32:26 +01:00
kiara added a new dependency 2025-02-24 11:32:52 +01:00
#178 provision admin accounts for deployed services
kiara added this to the Fediversity project 2025-03-23 09:43:12 +01:00
kiara commented 2025-03-23 09:46:40 +01:00
Author
Owner
Copy link

c.f.:

c.f.: - https://wiki.nixos.org/wiki/Mastodon - our existing work on #190
kiara commented 2025-03-24 11:05:53 +01:00
Author
Owner
Copy link

the manual command from the wiki seems not to work:

$ sudo -u mastodon mastodon-tootctl accounts create kiara --email=procolix.eu --confirmed --role=Owner
/nix/store/zndcqv9rzvcvsjlj2h1k6dv8j8hqbvpb-bundler-2.5.22/lib/ruby/gems/3.3.0/gems/bundler-2.5.22/lib/bundler/shared_helpers.rb:54:in `chdir': Permission denied @ dir_chdir0 - /home/kiara (Errno::EACCES)

(would this relate to ProtectHome in the Mastodon systemd services?)

fix: log in to the mastodon user by sudo su - mastodon -s $(which bash), then try the wiki commands without the sudo -u mastodon

the manual command from the wiki seems not to work: ``` $ sudo -u mastodon mastodon-tootctl accounts create kiara --email=procolix.eu --confirmed --role=Owner /nix/store/zndcqv9rzvcvsjlj2h1k6dv8j8hqbvpb-bundler-2.5.22/lib/ruby/gems/3.3.0/gems/bundler-2.5.22/lib/bundler/shared_helpers.rb:54:in `chdir': Permission denied @ dir_chdir0 - /home/kiara (Errno::EACCES) ``` (would this relate to [`ProtectHome`](https://github.com/NixOS/nixpkgs/pull/113190/files#r600594626) in the Mastodon systemd services?) fix: log in to the `mastodon` user by `sudo su - mastodon -s $(which bash)`, then try the wiki commands without the `sudo -u mastodon`
kiara commented 2025-03-24 11:08:33 +01:00
Author
Owner
Copy link

would it work better to try this from nix as we did for pixelfed?

would it work better to try this from nix as we did [for pixelfed](https://git.fediversity.eu/Fediversity/Fediversity/pulls/215/files#diff-628622d89d4db7a9672cd2c2ced0ef67c42eae89)?
kiara commented 2025-03-24 11:50:45 +01:00
Author
Owner
Copy link

this post presumes you create the account by the web interface, but by default ours seems to have registrations disabled, tho none of the env vars regulating registration seem set so far, nor in the module afaict. hm.

edit: allegedly the nix service does limit mastodon to single-user (why? can the related env var undo this?).

[this post](https://page.romeov.me/posts/setting-up-mastodon-with-nixos/#adding-your-user) presumes you create the account by the web interface, but by default [ours](https://mastodon.fediversity.net/) seems to have registrations disabled, tho none of the [env vars](https://docs.joinmastodon.org/admin/config/) regulating registration [seem set](https://git.fediversity.eu/Fediversity/Fediversity/src/commit/a5c310ad03f8805161b22c8d546b94b1fd41a47a/services/fediversity/mastodon/default.nix#L55-L79) so far, [nor in the module](https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/web-apps/mastodon.nix) afaict. hm. edit: allegedly the nix service [does limit mastodon to single-user](https://www.reddit.com/r/NixOS/comments/16wnpum/comment/md8ex0s/) (why? can the related env var undo this?).
😕 1
fricklerhandwerk commented 2025-03-24 23:50:22 +01:00
Owner
Copy link

@kiara wrote in #189 (comment):

edit: allegedly the nix service does limit mastodon to single-user (why? can the related env var undo this?).

This is only explicitly enabled in the example from the wiki. I also can't find any indication that anything forces this on our end.

@kiara wrote in https://git.fediversity.eu/Fediversity/Fediversity/issues/189#issuecomment-5235: > edit: allegedly the nix service [does limit mastodon to single-user](https://www.reddit.com/r/NixOS/comments/16wnpum/comment/md8ex0s/) (why? can the related env var undo this?). This is only explicitly enabled in the [example from the wiki](https://wiki.nixos.org/wiki/Mastodon). I also can't find any indication that anything forces this on our end.
kiara commented 2025-03-25 08:48:33 +01:00
Author
Owner
Copy link

to reproduce:

  1. go to https://mastodon.fediversity.net/
  2. press 'create account'
  3. see message stating 'Creating an account ... is currently not possible'
to reproduce: 1. go to https://mastodon.fediversity.net/ 1. press 'create account' 1. see message stating 'Creating an account ... is currently not possible'
fricklerhandwerk commented 2025-03-26 18:31:04 +01:00
Owner
Copy link

I could reproduce already, I just wanted to confirm that I don't see an obvious cause for this.

I could reproduce already, I just wanted to confirm that I don't see an obvious cause for this.
Niols commented 2025-03-27 10:09:02 +01:00
Owner
Copy link

The command we have in Taeer's documentation is:

mastodon-tootctl accounts create test --email test@test.com --confirmed --approve

which differs only on the --role=Owner thing. I haven't tried it recently though.

The command we have in Taeer's documentation is: ``` mastodon-tootctl accounts create test --email test@test.com --confirmed --approve ``` which differs only on the `--role=Owner` thing. I haven't tried it recently though.
👍 1
Niols commented 2025-03-27 10:10:54 +01:00
Owner
Copy link

Re single-user, a lot of services disable user creation by default, so maybe that is just what is happening here?

Re single-user, a lot of services disable user creation by default, so maybe that is just what is happening here?
kiara commented 2025-03-27 12:42:33 +01:00
Author
Owner
Copy link

@Niols wrote in #189 (comment):

Re single-user, a lot of services disable user creation by default, so maybe that is just what is happening here?

i don't see this configured in nixpkgs or (as @fricklerhandwerk noted) on our end, but don't have a better explanation myself

@Niols wrote in https://git.fediversity.eu/Fediversity/Fediversity/issues/189#issuecomment-5295: > Re single-user, a lot of services disable user creation by default, so maybe that is just what is happening here? i don't see this configured in nixpkgs or (as @fricklerhandwerk noted) on our end, but don't have a better explanation myself
kiara removed this from the Fediversity project 2025-04-14 11:12:02 +02:00
kiara added the
type: user story
 label 2025-05-01 12:03:55 +02:00
kiara commented 2025-06-02 09:29:33 +02:00
Author
Owner
Copy link

out of scope for now as per #327

out of scope for now as per #327
kiara closed this issue 2025-06-02 09:29:33 +02:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
ci/pixelfed
pixelfed-ci
No results found.
Labels
Clear labels   
api service

features that may relate more to a (to be created) API service

  
blocked

   
bug

Anything that doesn't work as advertised

  
component: fediversity panel

   
component: nixops4

   
documentation

   
estimation high: >3d

   
estimation low: <2h

   
estimation mid: <8h

   
productisation

features out-scoped with the decoupling of the productisation effort

  
project-management

Project management related tasks

  
question

   
role: sysadmin

   
security

   
technical debt

   
testing

   
type unclear

   
type: key result

   
type: objective

   
type: task

   
type: user story

   
user experience
No labels
api service
blocked
bug
component: fediversity panel
component: nixops4
documentation
estimation high: >3d
estimation low: <2h
estimation mid: <8h
productisation
project-management
question
role: sysadmin
security
technical debt
testing
type unclear
type: key result
type: objective
type: task
type: user story
user experience
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
3 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Blocks
#178 provision admin accounts for deployed services}
Fediversity/Fediversity
#192 Write a test that validates Mastodon credentials are indeed valid}
Fediversity/Fediversity
Reference: Fediversity/Fediversity#189
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?