Mastodon Instances, Everywhere

Mastodon is interesting. It’s “free and open-source software for running self-hosted social networking services.”. To any normal personal that’s “Open Source Twitter”, largely.

Anyone can grab the code and spin up their own Mastodon instance. I put one up a year or so ago, but unfortunately I didn’t have the time or resources to maintain it, so I shut it down. Maybe it will return.

Currently I’m using the instance, so that makes me - but other instances are available. Boy, there are a lot of them!

I knew Mastondon was popular among the Free Software world, and I’m aware of individuals who run their own private or public instances. One thing I discovered is how these instances reveal themselves to website owners, like me! This isn’t a secret, or ‘hack’ or whatever, I just found it interesting, so I’m sharing it.

When I publish a blog post, I tend to share it on Twitter, Mastodon, LinkedIn (sometimes) and Facebook (rarely). I don’t use a tool for this, unless “my hands” and “the keyboard” are “tools” (they are). I basically type the entry on one site and paste it on the others. Yes, tedious, but it takes seconds, and I don’t end up annoying people with stuff shared in a weird broken way that leaks back to another social network.

I host my own blog, using Hugo on my fine, fine Bitfolk VPS (tell them I sent you). Sometimes, like a complete dork I follow the webserver logs while ssh’ed into that VPS. Yes, I also have tools to give me nice graphs, but sometimes I like watching logs scroll by just after sharing the post. “Look ma! I’m popular!”.

Anyway, one interesting thing is when I share a post, a bunch of requests come from a pile of Mastodon instances which aren’t the one that I am on. Yay! 🥳 Federation Celebration! 🥳

Here’s what that looks like, with the IP addresses of clients redacted. Scroll right in this output to see the Mastodon instance hosts.

$ grep \(Mastodon /srv/ | tail -n 4
x.x.x.x - - [10/Feb/2021:21:40:31 +0000] "GET /blog/2021/02/my-podcast-listening-list/ HTTP/1.1" 200 8749 "-" "http.rb/3.3.0 (Mastodon/2.9.0+glitch; +"
x.x.x.x - - [10/Feb/2021:21:40:32 +0000] "GET /blog/2021/02/my-podcast-listening-list/ HTTP/1.1" 200 8311 "-" "http.rb/4.4.1 (Mastodon/3.3.0; + Bot"
x.x.x.x - - [10/Feb/2021:21:41:05 +0000] "GET /blog/2021/02/my-podcast-listening-list/ HTTP/1.1" 200 8749 "-" "http.rb/4.4.1 (Mastodon/3.3.0; + Bot"
x.x.x.x - - [11/Feb/2021:06:09:31 +0000] "GET /blog/2021/02/my-podcast-listening-list/ HTTP/1.1" 200 8749 "-" "http.rb/4.4.1 (Mastodon/3.2.1; + Bot"

There’s a fair few of them.

$ grep \(Mastodon /srv/ | awk -F '"' '{ print $6}' | sort | uniq | wc -l

These are just the ones I noticed yesterday, where I guess someone happens to follow me from an account on one of those instances. Here’s a slightly longer list, without the cruft, making it easier to see.

$ grep \(Mastodon /srv/ | awk -F '"' '{ print $6}' | sort | uniq | tail 
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0; + Bot
http.rb/4.4.1 (Mastodon/3.3.0+koyuspace; + Bot
http.rb/4.4.1 (Mastodon/3.3.0rc3; + Bot
http.rb/4.4.1 (Mastodon/3.3.1+glitch; + Bot

What I found super interesting, aside from the funny names, and creative domains people chose, is the dispirate versions of Mastodon people are running. (excuse the awful awking)

$ grep \(Mastodon /srv/ | awk -F '"' '{ print $6}' | sort | uniq | awk -F '(' '{print $2}' | awk -F ';' '{print $1}' | uniq

It makes me feel a ton better when I think back to out outdated my instance of Mastodon got before I nuked it from orbit. 💥

Carry on everyone. I’ll be over here tailing my logs as I post this blog…