Published post

Gemfile.lock

@@ -9,9 +9,7 @@ GEM
       eventmachine (>= 0.12.9)
       http_parser.rb (~> 0)
     eventmachine (1.2.7)
-    eventmachine (1.2.7-x64-mingw32)
     ffi (1.15.4)
-    ffi (1.15.4-x64-mingw32)
     forwardable-extended (2.6.0)
     http_parser.rb (0.8.0)
     i18n (1.8.11)
@@ -31,8 +29,6 @@ GEM
       rouge (~> 3.0)
       safe_yaml (~> 1.0)
       terminal-table (~> 2.0)
-    jekyll-feed (0.15.1)
-      jekyll (>= 3.7, < 5.0)
     jekyll-sass-converter (2.1.0)
       sassc (> 2.0.1, < 3.0)
     jekyll-sitemap (1.4.0)
@@ -59,22 +55,19 @@ GEM
     safe_yaml (1.0.5)
     sassc (2.4.0)
       ffi (~> 1.9)
-    sassc (2.4.0-x64-mingw32)
-      ffi (~> 1.9)
     terminal-table (2.0.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
     unicode-display_width (1.8.0)
-    webrick (1.7.0)
+    webrick (1.8.1)
 
 PLATFORMS
   ruby
   x64-mingw32
 
 DEPENDENCIES
   jekyll
-  jekyll-feed
   jekyll-sitemap
-  webrick (~> 1.7)
+  webrick (~> 1.8)
 
 BUNDLED WITH
    2.2.31

_drafts/template.md

@@ -1,16 +1,6 @@
 ---
-# This is the page title
 title: Something
-
-# Set the author (delete as needed)
-author: kev mike cooper
-
-# This is the description that shows in the page header
-description: Something else
-
-# Set a permalink here
-permalink: /something/
-
-# Don't change this
+author: kev mike cooper ***CHANGE THIS***
+description:
 layout: post
 ---

_posts/2023/2023-08-04-fosstodon-and-cloudflare.md

@@ -0,0 +1,33 @@
+---
+title: Fosstodon and Cloudflare
+author: kev
+description: We've been asked a lot of questions about our use of Cloudflare, so here's our official stance.
+layout: post
+---
+
+Today, I went looking through the [#Fosstodon](https://fosstodon.org/tags/Fosstodon) feed, and in there I saw a number of comments about our use of Cloudflare and how that's really bad.
+
+Let me start by saying that using Cloudflare isn't great - [we've talked about this before](https://hub.fosstodon.org/moving-away-from-cloudflare/), but that was when we were much smaller and when we weren't the subject of [the occasional DDoS attack](https://hub.fosstodon.org/elon-twitter-post-mortem/).
+
+Yes, we use Cloudflare. We do so because their DDoS mitigation is effective and the alternatives are prohibitively expensive for us. We do, however, use Cloudflare in a very specific way:
+
+* We don't use their certificates, so they can't content inspect *any* traffic from Fosstodon
+* We don't use the Cloudflare CDN, we use [Bunny](https://bunny.net) instead
+* Under normal circumstances, we don't even proxy traffic through their service, so Cloudflare is just a DNS provider for us
+  * If you want to prove this for yourself, ping `fosstodon.org` - it should resolve to `54.38.247.97` which isn't one of [Cloudflare's IP addresses](https://www.cloudflare.com/en-gb/ips/)
+
+When we're under attack, that changes though. We switch on the proxy and the anti-DDoS mitigations that Cloudflare offer. This is so we can maintain the service we provide to, like, 60,000 people. Once any attacks stop, we turn it all off again.
+
+{: .notice}
+Even when we're under attack, we still don't use their TLS certificates, so Cloudflare will **NEVER** content inspect our traffic.
+
+## Fastly
+
+After the wave of DDoS attacks we received a few months ago, Fastly reached out to us and kindly offered a complimentary account on their service so we could have DDoS mitigation and a CDN for free.
+
+This was an incredibly generous offer, which we took them up on. But the problem is, their service is extremely difficult to navigate, so neither myself or Mike have been able to work out how to configure it all.
+
+If any of you out there are familiar with Fastly's service, and are willing to help us configure it, please [get in touch](https://hub.fosstodon.org/contact/) as we would love to get off Cloudflare if possible.
+
+Until we can get Fastly working, Cloudflare will remain a necessary part of the Fosstodon stack, I'm afraid.
+

coc.md

@@ -62,6 +62,12 @@ Public toots should follow the above rules and should also abide by the followin
 
 Always remember that your public toots are read not only by our *existing* community members (who may have the context to know what you mean) but by potential future community members as well. Strive to keep the local timeline representative of the inclusive, friendly community we want to build.
 
+## Federated accounts
+
+Actions taken in public that reflect poorly on Fosstodon, or result in complaints about personal behavior will be considered a violation of our Code of Conduct. We will not be a safe harbor for bad actors.
+
+This could include, but is not limited to, users of Fosstodon who have accounts on other servers and use those other accounts in a manner that would contravene this CoC.
+
 ## Reporting Violations
 
 If you notice a toot that violates this code of conduct, *please* report it. It is easy to assume that someone else has already reported a toot, but it is easy for everyone to feel that way [and no one to report the toot](https://en.wikipedia.org/wiki/Bystander_effect).