I want to self-host lemmy and participate in federation. However, I wonder whether it’s possible to have a setup where only I, and trusted users, are allowed to browse federated-content.

Basically, guests should not be allowed to use my instance to browse other federated content. So requests to “mydomain.tld/c/[email protected]” should not be possible. Only users, logged-in on my instance, should be able to do that.

Despite that, guests should be allowed to see posts of communities posted on my instance, and users of other instances should be allowed to comment.

I know I can choose with which other instances mine should link with, but this would make the experience inconvenient to me. Because then I would need to adjust the config if I want to subscribe to a community on an instance I have not yet linked with.

Is such setup possible? Could not find the answer in the docs unfortunately

The only thing I can think of is something like blocking UI requests, and allow them only from localhost (so I would create a “ssh -L” tunnel on the server). Federation API endpoints would not be blocked. But this seems shaky, does Lemmy support a cleaner, built-in solution?

  • Qazwsxedcrfv000@lemmy.unknownsys.com
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Yes the basic auth way I suggested only protects the lemmy-ui from being accessed which is the lowest hanging fruit in the equation. That’s also why I call it the “simplest way”. “Interested parties” can still access your instance via API if they know their way.