Slow /photo/preview performance
Hi all,
Because of the ongoing performance issues, I moved my whole Friendica database of opensocial.at and friendica.me to a dedicated root-server just for mariadb with 128GB RAM.
At first, it seemed like it helped and opensocial.at is faster than before (the performance of friendica.me is still a mess, but I will analyze it later), but the /photo/preview route is now going crazy:
It seems like the RAM I/O issue I had (which is now gone) is now replaced by an Network throughput issue - but at least the network I/O seems fine:
Do you have any idea what I can do now?
One thing would be to add a "StorageClass" for the Photo to load them (directly) from a filedirectory/block storage instead of the database.
Geplante Downtime / Server Migration
!Opensocial.at
-- English below
Liebe opensocial.at BenutzerInnen,
Ich starte nun eine Migration von opensocial.at auf eine stärkere server-hardware. Dadurch entstehen temporäre Downtimes in den kommenden Stunden.
Ich möchte mich für die Unannehmlichkeiten entschuldigen, aber ich denke, dass dadurch die gesamte Performance von opensocial.at wieder besser werden sollte :).
Lg,
Philipp
----
Dear opensocial.at user,
I'm planning to migrate my server infrastructure onto a more powerful environment.
The goal is to increase the performance, as, I think, you all currently experience a downgrading performance.
I hope it will help :)
It will take some hours, where opensocial.at will be temporary unavailable from time to time.
Regards,
Philipp
Leider hat die Migration nicht geklappt und ich musste wieder zurückrollen.
--> Ich probiere es im August noch einmal
---
Unfortunately, the migration didn't work so I had to rollback.
--> I will retry again in august
Norz Tekh 🏳️🌈 likes this.
Planned Downtime / Migration
Dear friendica.me user,
I'm planning to migrate my server infrastructure onto a more powerful environment.
The goal is to increase the performance, as, I think, you all currently experience a downgrading performance.
I hope it will help :)
It will take some hours, where friendica.me will be temporary unavailable from time to time.
Regards,
Philipp
--> I will retry again in august
Slow photo requests / inbox requests
Hi !Friendica Admins ,
I'm currently tracing down performance issues, I' currently suffering from on my nodes opensocial.at and friendica.me .
It seems like the main performance problems are
- delivering photos
- [code]/inbox/code] requests
You can see some peeks and some long runners here:
The long runners (10sec) are the /inbox requests, the peaks are delivering photos after opening conversations, network pane, ...
Do you have any hints how I could improve these two types of requests?
The database is currently using ~50GB RAM, I set them as high as possible.
'avatar_cache' => true,
'avatar_cache_path' => '/path/to/a/folder',
But that one is tricky to set up. Best is to store the photos in a folder outside the web folder and then you can define a rule in your webserver that will redirect requests to the avatar folder to that folder.
Roland Häder likes this.
Roland Häder likes this.
Philipp Holzer likes this.
/photo/contact
route for the avatar cache, don't I?
No, the setup process is completely different. You have to have a path (somewhere) that is both readable and writable by the frontend and backend process
This path needs to be reachable when you call https://your.server.tld/avatar
(you have to redirect /avatar
) or you have to define avatar_cache_url
.
You you setup the file path from above in avatar_cache_path
and set avatar_cache
to true. After you deactivate the caching of the avatars in the admin frontend, it should work.
The URL path is stored in the contact table fields. So once you defined that URL, you mustn't change it again, since all old requests would fail. This mechanism is powerful, but currently too easy to misconfigure, that's why it is only accessible via the config file.
friendica/Avatar.php at develop · friendica/friendica
Friendica Communications Platform. Contribute to friendica/friendica development by creating an account on GitHub.GitHub
like this
https://
? That's never a good idea.
seems to work : https://friendica.philipp.info/avatar/4c/a1/d7c/53/8b/f08b/cd3c2904ac0bfd56-300.png?ts=1682970014
This image is now served by a completely different nginx than the frontend nginx . Because it's stateless, I'm now able to start more nginx for "just" serving stateless static content!
Brilliant!
Philipp Holzer likes this.

Michael Vogel likes this.
Update JSON LD
@Hypolite Petovan already fixed a current JSON-LD issue with https://git.friendi.ca/friendica/php-json-ld/pulls/1
Do we need a 1.1.2 release to upgrade it in the Friendica composer.lock file as well?
The logs of my instances are flooded with this error, that's why I'm asking *g*
Add support for local files for unsecured document loading
- $http_response_header isn't set in the local file read case Address https://github.com/friendica/friendica/issues/12728#issuecomment-1407623586Friendica
like this
BaseURL components (hostname, SSL policy, urlpath)
I'm currently reducing the whole
BaseUrl.php
code massively.Do we really need the ssl_policy, urlpath and hostname separate from the
system.url
? I will use for the
BaseUrl.php
, based on the system.url
a "real" UriInterface
as $this->url
, so we don't need saving the scheme, urlpath and hostname separately anymore. They are just useful for the install process but must not be changed afterwards.The only thing, which I'm unsure is the
ssl_policy
, because if someone changes it afterwards in the admin site, all URL in all contacts and photos will get updated. But the question is => is this even allowed? I think this could brick the access over federation because the base-url of each entry isn't right anymore. And it isn't supported when the policy is changed by console.So I would drop it as well and merge all config entries into the
system.url
.Additionally, I will replace the Exception with a "CRITICAL" log entry to avoid a WSOD.
https://friendica.local
you definitely need to ignore SSL/certificate errors because they are mostly only self-signed.
https
and there is no check at all in the code that would fail here. It works fine 
Roland Häder likes this.
Friendica.me | Opensocial.at Short Downtime because of DB adjustements
I do have to restart the Database instances because they are too resource hungry.
There's a short downtime possible.
reshared this
opensocial.at database data seems corrupt
It seems like I do have a problem with my opensocial.at database

The database ran full about a year ago (what a shame, I know :( ...) and I had to recover some of the data (otherwise I had to import a backup about ~12hours ago, I tried to avoid to loose posts for this period of time for my users ...). So I stopped it, started it with
innodb_force_recovery=3
, repaired it and checked it with mysqlcheck
.Two days ago, I updated the mariadb from 1.10.3 to 1.10.10 and now the problems occur again.
I stopped the MariaDB 1.10.3 container, updated it to 1.10.10 and started it again .. And MariaDB started a "crash recovery". I really don't know why... The crash recovery wasn't successfully (I tried it ~4 times), so I had to add
innodb_force_recovery=3
again.Now the database went up, but everytime I stopped it and started it again, the crash recovery appears again.
So after the instance was up and running, I dumped the whole database with
mysqldump
into one single *.sql , started a brand new MariaDB 1.10.10 and imported the dump again.So far so good ..
But... unfortunately, after a restart, the crash recovery appears again. So I'm totally lost, what's now happening..
I noticed during the import that one batch of rows took about 2 hours to complete with the result query affected 0 rows.
here's my
customized.cnf
, which I'm using (it's a Hetzner root server with 64 GB RAM and 12 CPUs):[mysqld]
query_cache_size = 0
query_cache_type = 0
performance_schema = ON
join_buffer_size = 140M
innodb_buffer_pool_size = 12G
innodb_log_buffer_size = 31M
innodb_log_file_size = 3G
table_open_cache = 1000
max_connections = 400
wait_timeout = 200
interactive_timeout = 4000
log-bin = mysqld-bin
transaction-isolation = READ-COMMITTED
binlog-format = ROW
skip-innodb-read-only-compressed = ON
innodb_read_only_compressed = OFF
innodb_use_native_aio = OFF
innodb_fast_shutdown=0
innodb_max_dirty_pages_pct=0
innodb_buffer_pool_dump_at_shutdown=1
innodb_buffer_pool_load_at_startup=1
For the new MariaDB instance, I didn't add any customization to avoid any wrong options.
currently, it makes a recovery again:
db_1 | 2022-12-16 10:41:00 0 [Note] InnoDB: Rolled back recovered transaction 371172
db_1 | 2022-12-16 10:41:11 0 [Note] InnoDB: To roll back: 1 transactions, 7611737 rows
db_1 | 2022-12-16 10:41:26 0 [Note] InnoDB: To roll back: 1 transactions, 7608132 rows
db_1 | 2022-12-16 10:41:41 0 [Note] InnoDB: To roll back: 1 transactions, 7603940 rows
db_1 | 2022-12-16 10:41:46 0 [Note] DDL_LOG: Crash recovery executed 1 entries
db_1 | 2022-12-16 10:41:46 0 [Note] Server socket created on IP: '0.0.0.0'.
db_1 | 2022-12-16 10:41:46 0 [Note] Server socket created on IP: '::'.
db_1 | 2022-12-16 10:41:47 0 [Note] mariadbd: ready for connections.
db_1 | Version: '10.10.2-MariaDB-1:10.10.2+maria~ubu2204' socket: '/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
db_1 | 2022-12-16 10:41:56 0 [Note] InnoDB: To roll back: 1 transactions, 7601453 rows
db_1 | 2022-12-16 10:42:11 0 [Note] InnoDB: To roll back: 1 transactions, 7600146 rows
db_1 | 2022-12-16 10:42:26 0 [Note] InnoDB: To roll back: 1 transactions, 7598395 rows
db_1 | 2022-12-16 10:42:41 0 [Note] InnoDB: To roll back: 1 transactions, 7595967 rows
db_1 | 2022-12-16 10:42:56 0 [Note] InnoDB: To roll back: 1 transactions, 7594000 rows
db_1 | 2022-12-16 10:43:11 0 [Note] InnoDB: To roll back: 1 transactions, 7590646 rows
db_1 | 2022-12-16 10:43:26 0 [Note] InnoDB: To roll back: 1 transactions, 7585618 rows
db_1 | 2022-12-16 10:43:41 0 [Note] InnoDB: To roll back: 1 transactions, 7579929 rows
db_1 | 2022-12-16 10:43:56 0 [Note] InnoDB: To roll back: 1 transactions, 7574058 rows
db_1 | 2022-12-16 10:44:11 0 [Note] InnoDB: To roll back: 1 transactions, 7568214 rows
like this
Raroun likes this.
Questions about /display/
@Michael Vogel - I'm currently moving the
mod/display.php
As far as I can see, there are two main-routes for this controller:
-
/display/{guid}
-
/display/feed-item/{uri-id}.atom[/conversation.atom]
and as far as I can say, it would be better if the second route should have an own root, like `dfrn_item/{uri-id}[/conversation.atom`, as it's a DFRN only logic.
Am I right so far?
If so, can I move it to this new path or is this path necessary for the federation usage, means it could be called from other servers too?
I just found calls with prefix
DI::baseUrl()
, so I guess it's "just" for the server itself, but I'm not sure ...
I still struggle at
mod/update_display.php
It's the only place, where the
display_content
from mod/display.php
is called with the parameter $update = true
.But I don't find any place inside Friendica, where we call
/update_display?p=<profile_uid>
.Do you know if this is till in use and if so, what's the meaning of it?
If we wouldn't use it anymore, there's a lot of code at
mod/display.php
, which I could delete in that case..
https://github.com/friendica/friendica/blob/4a626ef10176a6f4fca0367cd890f836c2ade44a/src/Content/Conversation.php#L498-L505
and then
https://github.com/friendica/friendica/blob/b002f6f027cce0d9901c5129470e5cf41bb334c4/view/js/main.js#L595
friendica/Conversation.php at 4a626ef10176a6f4fca0367cd890f836c2ade44a · friendica/friendica
Friendica Communications Platform. Contribute to friendica/friendica development by creating an account on GitHub.GitHub
Hypolite Petovan likes this.
API usage for Friendica Frontend
And another question

Currently, we strictly separate between API calls and the Frontend.
But, Why?
I'm currently moving the events to the Module directory.
And there's already an API for it, but as far as I understand @Michael Vogel , we must not mix API and Frontend.
But as far as I know, in modern environments, there's a backend part (= API), and a frontend part (= view)
The own frontend still uses the same API. So we don't have to implement the same business logic at different places. As I said, I came across at Event, where this issue produces significant double-code.
So at least what I would like (in a final state

- API ... Create, Update, Delete, Get, GetMultiple for our Data model, or "everything without HTML output"
- Module ... Everything, which produces HTML output
I know, this would be a BIG change

like this
- Our internal API (what you described in your post)
- The Twitter API endpoints we support
- The Mastodon API endpoints we support
- The GNU Social API endpoints we support
- The Friendica-specific API endpoints we expose (mainly for Friendiqa)
We definitely lack a unified internal API but that’s supposed to be taken care of by the Repository/Factory/Model/Entity structure that we should keep expanding.
why don't separate the api for Twitter, Mastodon, Gnu etc. and of course an api to communicate with the frontend.
No mixing the api together. Activateing the maybe Mastodon APi as main class with subclasses in one folder and subfolders.
@Philipp Holzer @Michael Vogel
👤 𝟳𝗵𝗼𝗺𝗮𝘀 ✅🖖🔒 likes this.
Can this endpoint not be closed and moved to an other area. So that you have the main friendica core who will do the internal magic. On the other hand the API section who is communicating with the core. Additional an internal API who is communicating with the core and the frontend section. On all APIs there is only data communication.
The Frontend Section is an additional area who will communicate with the frontend API and the user.
So the magic on the frontend section will be created only in the frontend and the API communication will only send data ... No html, no Jscript and no other magic.
In that case all three sections (Core, API, Frontend) could be developed separate with less interference between them.
Sure if you need a new function... First core the API and if needed then frontend
@Philipp Holzer @Michael Vogel
However we do need to extract the business logic in a unique place so that we can reference it from the places it is duplicated.
I think this is very necessary.
Passing preformatted web content makes you very inflexible since you have to go directly to the core. That's where I see the problem, that you either have a good coder for the core but not a good designer. The other way round a designer of the frontend can't write a good core code.
For this reason the Smarty framework is currently running in Friendica, which as I understand the framework wants to separate this.
If you want to speed up the whole thing, you have to get away from PHP code which is executed at runtime and create static pages. Peppered with lots of javascript which offloads/executes the execution to the client.
But ok that's my opinion on the subject.
@Philipp Holzer @Michael Vogel
On the other hand, writing a full Javascript web frontend is a massive endeavor, there currently are almost 500 web frontend routes that each represent a part of a Friendica feature. They all would need to have a Javascript counterpart, without even counting the corresponding bespoke API endpoints that would need to be created.
What is the showstopper for that? Cause that is also a thing for a new Webdesign. So The Web sould be separate from the code with all the magic.
@Philipp Holzer
Add-on refactoring
So this are my first thoughs about the Addons:
- Metadata about each add-on should be in an extra file, I would prefer something like
addon.json
- I would like to replace the whole
Hook
class with a proper Registration class, which is loaded when activating the Add-on. So we can remove the whole Hook table. - All Events in Friendica should be in an
events.config.php
with a proper description (maybe as constants?) - for legacy purpose, I would create a wrapper class like the LegacyModule class, which would execute the corresponding php-functions
- I'm thinking about a giving each Event a specific interface (not knowing how tbh currently, maybe the corresponding interface setting as a value for the Event inside the events.config.php?), so each event and each add-on will know exactly what parameters and which result is necessary
This is it so far..
I would like to start with creating the events.config.php and replace all text with constants.. I think this is a non invasive behaviour, but gives some insights about the next steps
Hypolite Petovan likes this.
Philipp Holzer likes this.
Friendica codebase restructure
Based on the PR https://github.com/friendica/friendica/pull/12075
@Hypolite Petovan is right, I should have started this conversation first, but it made fun to restructure our code, so it is what it is *gg*
What's the issue/my pain:
I'm thinking about introducing the PSR-7 Request/Response interfaces and create an Emitter, so there's no way out anymore directly inside the code, everything is done by the emitter. With this pattern, we could add all the authentication stuff inside a "Middleware" and get rid of the different auth-places (
App
, Security\Authentication
, Module\BaseApi
)So, now I tried to think where to start. We would need a
Middleware
directory for all the auth/base-load things, but we already do have a mix of domain-based directories (TowFactorAuth), functionallity based directories (Model/Object/Factory/Collection/Capabilities) and and core directories (Core, App, Console, Worker)...And I try to start to "really" encapsulate the domain-based directories inside
Friendica\Library
, so we get rid of some mixings, having all domain based classes inside one directory.In the end, I think we should have some core directories at
src
, directing everyone to the right place.I hope I didn't loose you at least, I just wrote down my path to this PR :)
PS: there're "just" ~200 code changes, the rest is because of the messages.po recreation don't worry :)
Restructure Friendica Base by nupplaphil · Pull Request #12075 · friendica/friendica
I always struggle with our codebase about where to find what content .. Because we moved from pattern to pattern, we left a lot of leftovers in our codebase. This PR should restructure our codebase...GitHub

Friendica Woodpecker / CI in GitHub bricked
I'm sorry, I bricked the CI with the latest Woodpecker change.. Now instead that we don't create Archives at all nodes, we now don't execute some pipelines at all and they are "stuck forever" and blocking new executions.
I'm not sure if I can fix it today, so here's the announcement

I will kick the pipelines from time to time to make PR checks possible, but the "merge" pipelines aren't working (so no new archive appears currently..)
Hypolite Petovan likes this.
It was a mix of wrong environment variable setup for
$WOODPECKER_LABELS
(added additional "
for the value, which got escaped and added to the value) and using the `label` filter in Woodpecker, not knowing that this feature is only in the nightly builds yet--> as far as I can see, all Archives are now deployed at https://files.friendi.ca as expected :)
Hypolite Petovan likes this.
Yet another Git-Repo :D
@Tobias - I'd like to commit changes for the computed "docs" page at https://git.friendi.ca/friendica/docs.git
Can you create this repo for me and make me admin for it? Thx

docs.friendi.ca
Hi, I'd like to add a new domain `docs.friendi.ca` where we store the whole documentation. It should be versioned, like
https://docs.friendi.ca/2022.09/
for the docs of the stable 2022.09 version or https://docs.friendi.ca/develop/
for the docs of the develop branch.I think it would be possible to automatically generate it.
But before, I do need the domain - pinging @Michael Vogel - and a routing to the current
files.friendi.ca
vm-instance - pinging @utzer ~Friendica~ 
I'd like to generate it automatically during the CI, so the update would be smooth and automatically

2 Factor & DB plaintext
Hi all, I lost my mobile phone during the last festival and so my TOTP-App was gone forever. Unfortunately, I wasn't aware of my recovery codes, so I thought I would have to reset my accounts of Friendica.
But no! just use
select code from 2fa_recorvery_codes where uid = 66 and used is NULL;
and voilá, I used the first code and was back in.@Hypolite Petovan , isn't this a possible security issue, is it?? Storing such sensible data as plaintext. I think we should save it as hash like for passwords to make it impossible to read it again .. Yes, the downside is that there's no possibility to save recovery_codes from the settings-panel again, but tbh I feel a little bit unsafe, but maybe it's just a feeling

Additionally, the use of the recovery codes necessitates the use of the password (that you still had in your head/password manager), after all it's a second-factor authentication, which means that it can be freely compromised as long as the first factor (the password) is safe.
Still, we can hash these codes and as a result only show them once, it isn't that hard other than requiring someone™ to spend some quality time on this task.
Large database
Hi everyone,
last week, I struggled with the size of my database for opensocial.at .. It went full (80GB) .. I added additional 10GB to the volume, but it seems to constantly increase and I think in a few weeks, I will be at the same situation like the last week.
Is there a possibility to shrink the database, or to wipe old data?
I recently deleted about 1.200 spam accounts (and set the register option to approval first ... lessons learned...). Are there leftovers inside the db which I can delete?
It's not that I don't have enough space, but I'm afraid of my backup borg-backup space in the near future ^^
What I did:
- Clicked at "Friendica Developers" under "Forums" inside the left navbar
- Opened a new Topic per pencil-button
xy..
in reply to Philipp Holzer • • •Fatal Error (E_ERROR): gd-webp cannot allocate temporary buffer
all the time.. could this be related to the "/photo/preview route" ?Philipp Holzer
in reply to xy.. • • •xy..
in reply to Philipp Holzer • • •/var/www/localhost/friendica/src/Object/Image.php
line 171
Michael Vogel
in reply to Philipp Holzer • • •Philipp Holzer
in reply to Michael Vogel • • •Roland Häder
in reply to Philipp Holzer • • •/tmp
folder? Here on my server it ran full withmagick-XXXXX
files.Philipp Holzer
in reply to Roland Häder • • •But there are just two zero-byte magick files at
/tmp
:)